Some futures of AIX (SED and TE) provides more secure implementation of operating system :
The AIX SED mechanism uses hardware support for implementing a no-execution feature on select marked memory areas. Its same consept as windows(DEP). Once this feature is enabled, upon any execution on these marked areas the hardware raises an exception flag and the operating system stops the corresponding process just in time.
AIX Stack Protection as SED is implemented mainly through the 'sedmgr' command.
It has 4 modes in default .Using 'select' mode give you the right of setting of any executable (this can be done for external facing services such as web,dns,smtp..etc)
-----------------------------------------
The AIX TE(Trusted Execution) is the advanced security feature of IBM AIX V6.1. The main purpose of TE is protecting the system integrity with hash checking for executables,libraries, scripts and kernel extensions. it replaces with previous TCB future of AIX. The main difference of TE and TCB is; TE checks the file on runtime and TCB checks it on scheduled times.
It would be better to use this feature for integrity related compliance items and rootkit protection over critical servers.
No comments:
Post a Comment