Home page logo
/

basics logo Security Basics mailing list archives

UML discussion
From: "Andy F" <a__j__f () hotmail com>
Date: Thu, 01 Apr 2004 18:09:27 +0000


Helo all,

I've been playing with user mode all week and I'm wondering what others think of it from a security viewpoint. If you haven't had exposure here's some links
I've assembled,

http://www.linux-mag.com/2001-04/user_mode_01.html Introduction by the author
http://dc.qut.edu.au/adios/uml/ Security related, LIDS and SELinux on UML
http://jungla.dit.upm.es/~vnuml/doc/1.3/tutorial/index.html Virtual networking http://www.lathspell.de/linux/uml/ Zebra virtual network and routing under UML http://uml.openconsultancy.com/#goals private IPv4 networking, IPv6 networking etc in UML
http://www.mosixview.com/umopenmosix/umopenmosix.html UML open Mosix
http://user-mode-linux.sourceforge.net - Current development core
http://user-mode-linux.sourceforge.net/dl-sf.html Get it, src, bin, and some root fs.

In summary it's a virtual networking security playground. Using the UML builder http://umlbuilder.sourceforge.net I have been able to make a box factory with scores of Redhat, Debian, SUSE, Slackware, Caldera and Knoppix machines all inhabiting the same virtual net running on my desktop. Surely this is a very powerful security tool.
You could run attack simulations to your hearts content, or create honeypots
http://user-mode-linux.sourceforge.net/honeypots.html or create an 'obfuscatronic net' with thousands of agents exchanging noise across encrypted channels while your real
users are burried inside that network.

Are there more mature virtual networking tools that 'real' security chaps use? Anyone had experience of using UML to create a gateway/hosting joe luser accounts?

Best regards,
Andy

_________________________________________________________________
Express yourself with cool new emoticons http://www.msn.co.uk/specials/myemo


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • UML discussion Andy F (Apr 02)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]