Alert icon
We're changing our privacy policy. This stuff matters.  Learn more  Dismiss

DEFCON 14: Hacking UNIX with FreeBSD Jail(8), Secure Virtual Servers

Sign in or sign up now!
Alert icon
Upgrade to the latest Flash Player for improved playback performance. Upgrade now or more info.
7,969
Loading...
Alert icon
Sign in or sign up now!
Alert icon

Uploaded by on Jan 31, 2011

Speaker: Isaac Levy (.ike)

Abstract:
FreeBSD Jails are a time-tested, secure UNIX virtual machine with endless uses.

Early unix mainframe computing brought elegant process and resource sharing systems, which helped get more application use out of expensive hardware. These concerns have been largely been pushed aside in computing with the rise of desktop PCs, and large farms of ever-shrinking pizza boxes in the data center. Today, as more punch gets packed into 1u than ever, server resources can be further consolidated and abstracted to securely separate complex and sophisticated services in the same hardware server, by running secure virtual UNIX machines.

Who wants jails?
System Administrators who need to securely separate small yet important services.
Software Developers who always need more dev machines to hack amok.
Root-Kit Testing and Debugging.
Educators who could use virtual machines to provide clean unix server systems for student use.
Anyone who wants *secure* virtual machines.

Why would you want jail(8)?
The design of Jail(8) and jail(2) are small and secure, and because jails use native system utilities, they are simple for any unix hacker to work with- very shallow learning curve. They're great for userland-level hacking and development, honeypots, or highly available services for regularly attacked systems.

What I'd like to talk about:

How Jails Work, the technical nitty-gritty
How to setup jails, the practical how-to, cooking show style...
When NOT to use jails
jail(8) security vulnerabilities/considerations, attacking and breaking out of jail(8)
mitigating the risks of attacks and jail(8)breaks
Jails vs. Linux UML, XEN, VMware- fundamental technical differences

For more information visit: http://bit.ly/defcon14_information
To download the video visit: http://bit.ly/defcon14_videos

Category:

Science & Technology

Tags:

License:

Standard YouTube License

  • likes, 0 dislikes

Link to this comment:

Share to:
see all

All Comments (7)

Sign In or Sign Up now to post a comment!

  • Isaac you're a bloody riot! Thanks for the talk!

    WretchedWinston 3 weeks ago

  • big like: he started with powers of ten (understanding computers==understanding powers of 2)

    big dislike: as time was running out, he didn't get to finish comparing jails with xen,vmware and other virtualisation techniques, would love to hear about that !

    TheQedqubit 2 months ago

  • ahhhhhhhhh great talk learned a lot ahhhhhhhhh

    Datzfunk 4 months ago 2

  • Errrrrrrrrrrrrrrrrrrr

    scumbaguk 5 months ago

  • Very nice lecture! I found it interesting, educational, and highly entertaining-- did you mention you played capture the flag via Jail at DefCon??? If so, sounds like a blast! =)

    eugeniomyles 6 months ago

  • good job man, talks on jail were hard to come by when i was learning about them.

    LemonPieLoL 1 year ago

Loading...

Alert icon
0 / 00Unsaved Playlist Return to active list
    1. Your queue is empty. Add videos to your queue using this button:
      or sign in to load a different list.
    Loading...Loading...Saving...
    • Clear all videos from this list
    • Learn more