From owner-freebsd-hackers Mon Oct 13 18:20:15 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id SAA08879 for hackers-outgoing; Mon, 13 Oct 1997 18:20:15 -0700 (PDT) (envelope-from owner-freebsd-hackers) Received: from unix.tfs.net (root@unix.tfs.net [199.79.146.60]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id SAA08823 for ; Mon, 13 Oct 1997 18:20:03 -0700 (PDT) (envelope-from jbryant@argus.tfs.net) Received: from argus.tfs.net (as1-p1.tfs.net [139.146.205.1]) by unix.tfs.net (8.8.5/8.8.5) with ESMTP id UAA09144; Mon, 13 Oct 1997 20:19:44 -0500 Received: (from jbryant@localhost) by argus.tfs.net (8.8.7/8.8.5) id UAA02130; Mon, 13 Oct 1997 20:19:54 -0500 (CDT) From: Jim Bryant Message-Id: <199710140119.UAA02130@argus.tfs.net> Subject: Re: C2 Trusted FreeBSD? In-Reply-To: <199710131903.PAA02525@lakes.dignus.com> from Thomas David Rivers at "Oct 13, 97 03:03:52 pm" To: rivers@dignus.com (Thomas David Rivers) Date: Mon, 13 Oct 1997 20:19:53 -0500 (CDT) Cc: freebsd-hackers@freebsd.org Reply-to: jbryant@tfs.net X-Windows: R00LZ!@# MS-Winbl0wz DR00LZ!@# X-Operating-System: FreeBSD 2.2.2-RELEASE #0: Wed Jul 9 01:01:24 CDT 1997 X-Mailer: ELM [version 2.4ME+ PL31H (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In reply: > > On Mon, 13 Oct 1997, Thomas David Rivers wrote: > > > > > > > > Simon Shapiro writes:> > > > > > > > > Hi Douglas Carmichael; On 13-Oct-97 you wrote: > > > > > Could FreeBSD be made to comply with B1 or C2 trusted system standards > > > > > FOR REAL (unlike NT that can only comply when not hooked up to a > > > > > network)? > > > > > > > > Last I checked (looooong time ago), Unix had the same problem. TCP/IP was, > > > > at the time, inhenerntly un-Orangable. well, i missed this one earlier... ! ! ! W R O N G ! ! ! RFC 791 (IP) addresses this issue in the sections marked type of service / precedence option 130 - security / compartments / handling restrictions / TCC Compartments and Handling values are available from the Defense Intelligence Agency. TCC from DCA. RFC 793 (TCP) section 2.9 addresses this issue. these have ALWAYS been in TCP/IP, and were original design specifications. keep in mind that the protocols were for use by the ARPA which heavily involved weapons research. such options of course involve the physical security of all transmission lines / switches / routers up to and including the gateway to the next security level. next time please read the most basic reference material before making such ignorant comments. the rfcs are a good starting point. ignorance is curable through education. there is no known cure for stupidity though. thank god i caught it in time... jim -- All opinions expressed are mine, if you | "I will not be pushed, stamped, think otherwise, then go jump into turbid | briefed, debriefed, indexed, or radioactive waters and yell WAHOO !!! | numbered!" - #1, "The Prisoner" ------------------------------------------------------------------------------ Inet: jbryant@tfs.net AX.25: kc5vdj@wv0t.#neks.ks.usa.noam grid: EM28pw voice: KC5VDJ - 6 & 2 Meters AM/FM/SSB, 70cm FM. http://www.tfs.net/~jbryant ------------------------------------------------------------------------------ HF/6M/2M: IC-706-MkII, 2M: HTX-212, 2M: HTX-202, 70cm: HTX-404, Packet: KPC-3+