Daemon Security is a "Silver Sponsor" of vBSDCon 2013, the first biennial BSD conference being hosted by Verisign, Inc. The conference will bring together members of the BSD community in a series of round-table discussions including presentations on various BSD topics including system administration, networking and security. Daemon Security is proud to be sponsoring this event to help solidify the BSD operating systems as the only choice for deploying security tools and solutions. Slots are still available so be sure to register soon.
vBSDCon 2013 at the Hyatt in Dulles, VA.
Cisco announced on July 23rd that it will be acquiring Sourcefire for 2.7 billion dollars. The first reaction from everyone in the Snort community was, "What will happen with open source Snort?". Marty Roesch, Founder and CTO of Sourcefire and the author of the Snort IDS assured everyone that Snort will remain free and open source. Even with the worse case being that Cisco does not support open source Snort, where does this leave the state of open source security? One of the most enduring values of tools like Snort is that the code is freely available to evaluate, providing security researchers and administrators access to evaluate and extend functionality as necessary. With all of the "open source" products being brought into commercial products, there is a risk that the transparency into potential vulnerabilities will be a right reserved to the vendor.
Suricata does provide an alternative open source intrusion detection and prevention engine which can support the Snort rules that have already been created. The alarming aspect is giving trust to vendors of the tools that keep our networks and hosts safe. We will all have to wait to see what the future holds for Snort as Cisco begins to integrate Sourcefire's product line.
The May BSD Magazine has been released which includes an article about configuring the pf firewall with FreeBSD jails. This article provides a way to expose jailed services with pf.
The article is available at http://bsdmag.org/magazine/1838-jails-firewall-with-pf
The March BSD Magazine has been released which includes the fifth and final part of the "Hardening FreeBSD with Mandatory Access Controls" articles. This article highlights the mac_ifoff, mac_portacl, and MAC LOMAC modules.
The article is available at http://bsdmag.org/magazine/1832-handling-kernel-panic