Difference between pages "Getting Started in Forensic Research" and "Basic Security Module (BSM) file format"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
m
 
(External Links)
 
Line 1: Line 1:
Interested in getting involved in computer forensics research? Here's how to start.
+
{{expand}}
  
=Recommended Reading=
+
The Basic Security Module (BSM) file format originates from the [[Solaris|Sun Solaris]] operating system and has been adopted in various forms by BSD Unix, [[Mac OS X]] included.
# Read the proceedings for each of the past [http://www.dfrws.org Digital Forensic Research Workshops] sessions. If a specific article looks interesting, download it and read it!
+
#*[http://www.dfrws.org/2007/program.shtml DFRWS 2007 Program]
+
#*[http://www.dfrws.org/2006/program.shtml DFRWS 2006 Program]
+
#*[http://www.dfrws.org/2005/program.shtml DFRWS 2005 Program]
+
#*[http://www.dfrws.org/2004/program.shtml DFRWS 2004 Program]
+
#*[http://www.dfrws.org/2003/program.shtml DFRWS 2003 Program]
+
#*[http://www.dfrws.org/2002/program.shtml DFRWS 2002 Program]
+
#*[http://www.dfrws.org/2001/dfrws-rm-final.pdf DFRWS 2001 Technical Report] (no program available)
+
# Review the [http://www.ifip119.org/ IFIP Working Group 11.9 on Digital Forensics] website and look at the proceedings from the past conferences (unfortunately, you can't download the papers and the book costs more than $100, but if you see something interesting it can usually be requested via interlibrary loan) (Some higher education libraries subscribe to SpringerLink which makes full text of these proceedings available to students and faculty as part of the school subscription)
+
#*[http://www.ifip119.org/Publications/ IFIP WG 11.9 publications]
+
# Search for interesting forensic terms at the [http://portal.acm.org/dl.cfm ACM Digital Library] and [http://citeseer.ist.psu.edu/ CiteSeer]
+
# Review the [http://www.sleuthkit.org/ Sleuth Kit Website]. In particular, review the issues of [http://www.sleuthkit.org/informer/index.php The Sleuth Kit Informer] and download a copy of Sleuth Kit for your computer.
+
  
=Exercises for the Reader=
+
== External Links ==
# Download a few of the public corpora from the [http://digitalcorpora.org/ Digital Corpora] website and give them a try.
+
* [http://en.wikipedia.org/wiki/OpenBSM Wikipedia: OpenBSM]
# Try your hand at the [http://www.honeynet.org/misc/chall.html HoneyNet Project Challenges]. They are a little older, but are still valid. Plus there are solutions from previous attempts online!
+
* [https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man5/audit.log.5.html audit -- Basic Security Module (BSM) file format], Mac Developer Library
 +
* [http://www.opensource.apple.com/source/xnu/xnu-1456.1.26/bsd/security/audit/audit_bsm_token.c?txt audit_bsm_token.c], Apple Open Source
 +
* [http://www.deer-run.com/~hal/sysadmin/SolarisBSMAuditing.html Solaris Basic Security Mode (BSM) Auditing], by [[Hal Pomeranz]]
 +
 
 +
== Tools ==
 +
=== praudit ===
 +
* [http://www.trustedbsd.org/openbsm.html OpenBSM], Open Source Basic Security Module (BSM) Audit Implementation
 +
* [http://sourceforge.net/projects/linuxbsm/ linuxbsm], The Linux Basic Security Module; The Linux BSM is an auditing tool that aims to bring the capabilities of Sun's Solaris Basic Security Module to Linux.
 +
* [http://sourceforge.net/projects/linuxbsm2/ linuxbsm2], LinuxBSM-2; LinuxBSM-2 introduces auditing features in Linux kernel to achieve better security and keep an eye on system activities.
 +
* [https://code.google.com/p/linuxopenbsm/ linuxopenbsm], Linux Basic Security Module
 +
 
 +
[[Category:File Formats]]

Latest revision as of 14:30, 16 December 2013

Information icon.png

Please help to improve this article by expanding it.
Further information might be found on the discussion page.

The Basic Security Module (BSM) file format originates from the Sun Solaris operating system and has been adopted in various forms by BSD Unix, Mac OS X included.

External Links

Tools

praudit

  • OpenBSM, Open Source Basic Security Module (BSM) Audit Implementation
  • linuxbsm, The Linux Basic Security Module; The Linux BSM is an auditing tool that aims to bring the capabilities of Sun's Solaris Basic Security Module to Linux.
  • linuxbsm2, LinuxBSM-2; LinuxBSM-2 introduces auditing features in Linux kernel to achieve better security and keep an eye on system activities.
  • linuxopenbsm, Linux Basic Security Module