1 |
Évaluation et améliorations des solutions de pare-feux redondants sous Linux et OpenBSDAebischer, Quentin January 2014 (has links)
L'accès permanent et sécurisé aux ressources, données et services proposés par une entreprise est devenu au fil des années un point critique dans la stratégie de mise en place de l'infrastructure réseau.
Situé à l'entrée du réseau interne et chargé de faire respecter la politique de sécurité mise en place par l'administrateur, le pare-feu est bien souvent l'unique point d'accès par lequel transitent toutes les connexions avec l'extérieur, et représente de ce fait un unique point de défaillance potentiel (« single point-of-failure »).
Afin de pallier cette faiblesse, plusieurs solutions de redondances de pare-feux ont vu le jour. Ce document a pour but de présenter, d'évaluer et de comparer deux solutions reconnues du monde du logiciel libre : les conntrack-tools sous Linux, et pfsync/CARP sous OpenBSD. On présente également une nouvelle implémentation de canaux d'échanges d'états de connexions entre les pare-feux sous Linux, basé sur le protocole TIPC.
|
2 |
Comparative study of operating system security using SELinux and SystraceÖberg, Jonas January 2009 (has links)
<p>This thesis makes a comparative study of the security systemsSystrace (used primarily with OpenBSD) and SELinux (usedexclusively with Linux), trying to answer the question as to whichtype of security is offered by each respective system, and wheneach should be used. The key difference between SELinux andSystrace seems to be their mode of operation, where SELinux,built around the LSM framework in the Linux kernel, works withtype enforcement on files, sockets and other objects, whereasSystrace works on a strict system call basis. The two systems areseen to serve two different purposes which sometimes overlap,but in just as many cases provide solutions for entirely differentquality priorities.</p>
|
3 |
A Comparative Study of Security Features in FreeBSD and OpenBSDPersson, Magnus January 2006 (has links)
<p>Security in operating systems is a highly topical subject nowadays as the Internet keeps expanding. The larger the Internet gets the more systems, with valuable information, get connected, which could be subjects of attacks. An operating system needs to protect its information from these attacks. Many servers are using UNIX based operating systems and the security in these systems is a widely discussed topic.</p><p>This project is going to test and investigate the security in two of the most common UNIX distributions, both based on the Berkley Software Distribution (BSD). The selected systems are FreeBSD and OpenBSD. The Add-on called TrustedBSD/SEBSD for FreeBSD will also be a subject for this project. A comparison of the security features in the two systems was performed both theoretically and practically and this report reflects the results of these experiments and comparisons. A conclusion is that each system suits best in different environments with different needs. The selected distributions also have different level of security in specific areas. An introduction to security in operating systems on a general basis is provided before the actual comparison begins.</p>
|
4 |
??valuation et am??liorations des solutions de pare-feux redondants sous Linux et OpenBSDAebischer, Quentin January 2014 (has links)
L'acc??s permanent et s??curis?? aux ressources, donn??es et services propos??s par une entreprise est devenu au fil des ann??es un point critique dans la strat??gie de mise en place de l'infrastructure r??seau.
Situ?? ?? l'entr??e du r??seau interne et charg?? de faire respecter la politique de s??curit?? mise en place par l'administrateur, le pare-feu est bien souvent l'unique point d'acc??s par lequel transitent toutes les connexions avec l'ext??rieur, et repr??sente de ce fait un unique point de d??faillance potentiel (?? single point-of-failure ??).
Afin de pallier cette faiblesse, plusieurs solutions de redondances de pare-feux ont vu le jour. Ce document a pour but de pr??senter, d'??valuer et de comparer deux solutions reconnues du monde du logiciel libre : les conntrack-tools sous Linux, et pfsync/CARP sous OpenBSD. On pr??sente ??galement une nouvelle impl??mentation de canaux d'??changes d'??tats de connexions entre les pare-feux sous Linux, bas?? sur le protocole TIPC.
|
5 |
Comparative study of operating system security using SELinux and SystraceÖberg, Jonas January 2009 (has links)
This thesis makes a comparative study of the security systemsSystrace (used primarily with OpenBSD) and SELinux (usedexclusively with Linux), trying to answer the question as to whichtype of security is offered by each respective system, and wheneach should be used. The key difference between SELinux andSystrace seems to be their mode of operation, where SELinux,built around the LSM framework in the Linux kernel, works withtype enforcement on files, sockets and other objects, whereasSystrace works on a strict system call basis. The two systems areseen to serve two different purposes which sometimes overlap,but in just as many cases provide solutions for entirely differentquality priorities.
|
6 |
A Comparative Study of Security Features in FreeBSD and OpenBSDPersson, Magnus January 2006 (has links)
Security in operating systems is a highly topical subject nowadays as the Internet keeps expanding. The larger the Internet gets the more systems, with valuable information, get connected, which could be subjects of attacks. An operating system needs to protect its information from these attacks. Many servers are using UNIX based operating systems and the security in these systems is a widely discussed topic. This project is going to test and investigate the security in two of the most common UNIX distributions, both based on the Berkley Software Distribution (BSD). The selected systems are FreeBSD and OpenBSD. The Add-on called TrustedBSD/SEBSD for FreeBSD will also be a subject for this project. A comparison of the security features in the two systems was performed both theoretically and practically and this report reflects the results of these experiments and comparisons. A conclusion is that each system suits best in different environments with different needs. The selected distributions also have different level of security in specific areas. An introduction to security in operating systems on a general basis is provided before the actual comparison begins.
|
7 |
Lastbalanseringskluster : En studie om operativsystemets påverkan på lastbalanserarenLiv, Jakob, Nygren, Fredrik January 2014 (has links)
Denna rapport innehåller en studie över ett operativsystems påverkan på lastbalanserarenHAproxy. Studien utfördes i en experimentmiljö med fyra virtuella testklienter, en lastbalanseraresamt tre webbservernoder kopplade till lastbalanseraren. Operativsystemet varhuvudpunkten i studien där belastningen på dess hårdvara, svarstiden, antalet anslutningarsamt det maximala antalet anslutninger per sekund undersöktes. De operativsystem somtestades var Ubuntu 10.04, CentOS 6.5, FreeBSD 9.1 och OpenBSD 5.5. Resultaten fråntesterna visar att hårdvaran och svarstiden är näst intill identisk på samtliga operativsystemmed undantag för OpenBSD där förutsättningarna för att genomföra hårdvarutesternainte kunde uppnås. FreeBSD var det operativsystem som klarade av att hantera flestantal anslutningar tillsammans med CentOS. Ubuntu visade sig vara mer begränsat ochOpenBSD var mycket begränsat. FreeBSD klarade även av högst antal anslutningar persekund, följt av Ubuntu, CentOS och slutligen OpenBSD som visade sig vara det sämstpresterande. / This report contains a study over an operating system’s impact on the load balancerHAproxy. The study was performed in an experimental environment with four virtualclients for testing, one load balancer and three web server nodes connected to the loadbalancer. The operating system was the main point in the study where the load on theload balancer’s hardware, the response time, the amount of connections and the maximumamount of connections per second were examined. The operating systems whichwere tested was Ubuntu 10.04, CentOS 6.5, FreeBSD 9.1 and OpenBSD 5.5. The resultsfrom the tests shows that the load on the hardware and the response time are almost identicalon all operating systems with the exception of OpenBSD where the conditions to beable to run the hardware tests could not be achieved. FreeBSD was the operating systemthat was able to manage the highest amount of connections along with CentOS. Ubuntuturned out to be more limited and OpenBSD was very limited. FreeBSD also managedthe highest amount of connections per second, followed by Ubuntu, CentOS and finallyOpenBSD which turned out to be the worst performer.
|
8 |
OpenBSD Hardware Sensors — Environmental Monitoring and Fan ControlMurenin, Constantine Aleksandrovich 18 May 2010 (has links)
This thesis discusses the motivation, origin, history, design guidelines, API, the device drivers and userland utilities of the hardware sensors framework available in OpenBSD. The framework spans multiple utilities in the base system and the ports tree, is utilised by over 75 drivers, and is considered to be a distinctive and ready-to-use feature that sets OpenBSD apart from many other operating systems, and in its root is inseparable from the OpenBSD experience.
The present framework, however, is missing the functionality that would allow the user to interface with the fan-controlling part of the hardware monitors. We therefore discuss the topic of fan control and introduce sysctl-based interfacing with the fan-controlling capabilities of microprocessor system hardware monitors. The discussed prototype implementation reduces the noise and power-consumption characteristics in fans of personal computers, especially of those PCs that are designed from off-the-shelf components. We further argue that our prototype is easier, more intuitive and robust compared to solutions available elsewhere.
|
9 |
OpenBSD Hardware Sensors — Environmental Monitoring and Fan ControlMurenin, Constantine Aleksandrovich 18 May 2010 (has links)
This thesis discusses the motivation, origin, history, design guidelines, API, the device drivers and userland utilities of the hardware sensors framework available in OpenBSD. The framework spans multiple utilities in the base system and the ports tree, is utilised by over 75 drivers, and is considered to be a distinctive and ready-to-use feature that sets OpenBSD apart from many other operating systems, and in its root is inseparable from the OpenBSD experience.
The present framework, however, is missing the functionality that would allow the user to interface with the fan-controlling part of the hardware monitors. We therefore discuss the topic of fan control and introduce sysctl-based interfacing with the fan-controlling capabilities of microprocessor system hardware monitors. The discussed prototype implementation reduces the noise and power-consumption characteristics in fans of personal computers, especially of those PCs that are designed from off-the-shelf components. We further argue that our prototype is easier, more intuitive and robust compared to solutions available elsewhere.
|
Page generated in 0.0172 seconds