BSDCan2012 - Slide Update J

BSDCan 2012
The Technical BSD Conference

Speakers
Brett Lymn
Schedule
Day Talks - 1 - 2012-05-11
Room MRT 205
Start time 10:00
Duration 01:00
Info
ID 318
Track Security
Language used for presentation English

An Introduction to Verifiedexec in NetBSD

The verifiedexec feature has been part of NetBSD for some years now. It seems that a lot of people are unaware of the feature or do not know the full capabilities of verifiedexec. This talk will introduce the feature, what it can do and also what it could be capable of with some kernel changes.

The verified execuction feature is a unique extension to the NetBSD kernel that allows an administrator to ensure the binaries and files that are being accessed have not been modified by comparing the fingerprint of the on-disk file with a "known good" copy of the fingerprint kept in kernel memory. This allows very fine grain control over what will be executed on the machine, even by root, and can provide assurance that files have not been modified. In this talk I will go over some of the history of verified execution, how it works and what it can do, then finally move on to what the next steps I want to take in the development of veriexec. Verified execution has been in NetBSD for a long time but it seems to be a feature that that is not widely known about, hopefully this talk can raise its profile somewhat.