Wednesday Jun 25, 2008

Certified! Solaris 10 Release 11/06 Trusted Extensions

This link says it all!

Wednesday Jun 04, 2008

Solaris Trusted Extensions Evaluation Pending


Sun and CGI completed evaluation activities for Solaris Trusted
Extensions on Thursday, 30 May 2008 and submitted an Evaluation
Technical Report (ETR) to the Communications Security Establishment of
Canada (CSE) for CC Certification.

 More information can be found here! The confirmation letter is available for viewing.

Monday Mar 10, 2008

Open Solaris Forensics Tools Project Goes Live

As of today the Open Solaris Forensics Tools Project Page was officially linked to the Open Solaris projects.

Currently published:

  • - A program by Casper Dik aiding the LKM rootkit detection.
  • Live Kernel data gathering scripts.
  • Live system data gathering papers.
  • Some ZFS Forensics info

Please find the project pages here!

Comments appreciated!

Thursday Mar 06, 2008

Open Solaris Forensics Project About to Go Live

Yay ! We are almost ready! I will ask the Open Solaris Admins  to make visible the Forensics project on Monday 10.03.2008.

What is in so far:


  • Live kernel dissection scripts
  • script, by Casper Dik, which detects LKM rootkits on Solaris.
  • Placeholders for future projects

Well that is all for now. The URL and official announcement on security dash discuss at opensolaris dot org and here on Monday.

See you then !

Tuesday Jan 08, 2008

Happy New 2008

Be always at war with your vices, at peace with your neighbors, and let each New Year find you a better man.

Benjamin Franklin


I love the simplicity and breadth of this wish!

Let me extend it to all the wanderers in the strange world of blog space!

Friday Nov 23, 2007

Proposal - Open Solaris Forensic Toolkit Project

Few days ago after being poked by several people (but mainly by Mark Furner ) I decided to ask the Open Solaris Security Community does the creation of Open Solaris Forensic [Toolkit] Project makes sense.

I personally was pleasantly surprised by the reaction:

PROPOSAL: Open Solaris Fotrensics Tools Project

(one can see that I was pretty excited on posting by looking at the way my fat fingers hit "tr" together  resulting in "Fotrensics" instead of Forensics)

Apparently the Open Solaris Security Community finds this project to be a useful and I hope to count on their sponsorship upon future porject instantiation.

I have been looking trough the Open Solaris Policies inorder to find the process for requesting a new project and I found there the things I need to submit. Some of the requirements are present and other are missing partially. Amongst the mossing ones I still need to compile the following:

  •  A list of sponsoring Community Groups
  • Security Community - I hope the idea got their attention and the project has at least one sponsor, unless I am very much wrong ! (please be direct with me !)
  • ZFS Community - I think this will be a very interesting sponsorship and collaboration opportunity as on of the main missing pieces in the Solaris  Forensics challenge is a proper ZFS forensics analysis toolkit.
  • Unix File Systems (UFS) - Though many tools exist for UFS forensic data gathering, grave digging and analysis the proper implementation details may require cooperation and possible interest from this group. Comments?
  • Observability Community - getting sponsorship from this group should be considered as a priority because they are providing the tools used in live data gathering or post mortem investigation. I will be contacting them to request sponsorship.
  • Other Suggestions Welcome.
  • Project team - Here I do have some volunteers but I actually need confirmations from the interested. I also intend to invite explicitly some external but very valuable personalities (more on that later).
    So I am looking for Volunteers on  this point !

I will get the act together and  will start moving forward after thanksgiving vacation, meanwhile awaiting suggestions, woes or anything you have to say on the subject.

Tuesday Nov 20, 2007

Introduction to Live Kernel Dissection for Forensics Purposes - Skinning a Cat For Meta Data [1]

Proper data gathering methodologies are a vital part of conducting a forensics analysis. This article will give a quick overview of some non-intrusive advanced data gathering techniques that involve running kernel dissection without tainting evidence.

In this article I will briefly describe a forensics data gathering technique using an underused data source, namely "The Operating Environment Kernel”.

This is the first part of a series of articles which (I hope to find the time) will be published on a regular basis.

[Read More]

Monday Nov 12, 2007

On Application Security

This is a part of draft for internal project I have written in 2003.

A lot of prominent security group members contributed for this high level,
management awareness like speech.

I thought that this might be interesting and eventually reused as a fodder
for something else or simply as a high level clue stick.

[Read More]

Recycling Some old Papers

Hello all,

In a effort to start blogging (Yes I know I know) I decided to cheat a little and
recycle some "old" papers or fragments I have written in the past.

Some of them are still looking actual and some might find them useful.

But well You will be the judge of that!

Any feedback will be highly apreciated!

Wednesday Jul 27, 2005

First Post


Welcome to my web log!

Please return later for more on security, networking and other interesting things!
(Or at least I hope so 8-)
Now it is vacation time!
See you later.


Evtim (Efi) Batchev is a security and network architect Sun Microsystems Iberia.


« July 2016