Older blog entries for fpmip (starting at number 5)

In the previous diary entry, I was right : the sweating was only beginning with the 1.0 release.
We just released IPFC v1.0.1, which changes lots of things (for the better, of course ;-).
I expect the release frequency to remain about the same for the near future, but I hope we can cut down the non-backwards compatible changes somewhat...

It's been some time since the last diary entry ... and with reason ... We just released IPFC v1.0 after lots of sweating (I guess that the sweating is only going to begin for me right now ;-)

Anyway, holiday season is here and if you're up to having a nice little present to manage your security infrastructure just give IPFC a look and give me your feedback. It's not very polished and finished but hey, that's life (and version 1.0) !

Watch out for new releases early and often :-)

I've also got a nice ZoomAir 4100 prismII wireless card for which the Linux drivers are giving me a headache. The SSH Prism2 one works but does not support signal strength monitoring, the wlan-ng one sort of works but doesn't want to interoperate with OpenBSD ... sigh ... and apparently the piggyback PCI/PCMCIA thingie delivered with it is consistently screwing up my neighbour's computer so I'm not touching it with a 10-foot pole ;-) Those are the wonders of driver development I guess ...

10 Oct 2001 (updated 10 Oct 2001 at 22:18 UTC) »

SecIDS seems to be working ok ... but it is still based on 2.4.9 + lids + grsecurity. I wonder when the guys working on LIDS put out a version for 2.4.11 ... As soon as lids/rsbac + grsecurity are supported on 2.4.11 I'll put a new secos patch on my site.

Last monday I gave a presentation together with adulau on "forensic analysis" at the clussil. You can find his slides on http://www.foo.be/gt/forensic/ and mine on http://www.fruru.com/forensic-20011008. Both presentations are in french (or at least some of it is...)

Future topics of interest might include some wireless stuff or secured operating systems.

Time has told ... I went there on a calm evening ... a very calm evening even ... so not much to tell. This does of course not say anything about the quality of the event, which I've heard is quite OK !

Anyway, I've been looking into Linux From Scratch. Seems a relatively simple thing to make one's own distribution. I won't have time to follow this trail, unfortunately, still going the RedHat route for SecOS.

I hope that something releaseable (what a word) will be ready by tomorrow evening.

Oh yes, I've also decided to move. In 11 days. The joys of renting a house ! The numerous phone-calls to make ! The approaching deadlines ! ;-)

Today I posted my linux kernel patches (well ... these are actually other people's patches but I'm entitled to 1/INF credit for resolving patch conflicts ;-) on http://www.conostix.org/~fpmip/secos-patch.

Let's now hope that this stuff helps people ...
On a different note, tonight I'm going to the Linux Beer Hike in Bouillon (that's in Belgium, folks, look it up ;-) hoping to have a great time. Time will tell...

21 Aug 2001 (updated 27 Aug 2001 at 21:53 UTC) »

I have been working on SecOS lately. It is sort of a mini-distribution geared towards (fairly generic ;-) appliances. It is based on RedHat, but there is only a minimal set of packages, sufficient to run eg. firewalling software, and some custom stuff has been added.

Also, the kernel is a bit modified : I've put both grsecurity as well as RSBAC in it.

The base OS image is now here, but the installation script and the RSBAC settings still need some tweaking...

Furthermore there is a presentation on SSH upcoming where I should show some practical stuff re. SSH usage and features ... Good thing I went to Dug Song and Solar Designer's speech @ HAL2001 ... this gives me some ideas ;-)

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!