Last updated at: 2011/01/05

> About Anoubis

Anoubis consists of different functional modules:

Application Level Firewall (ALF)

ALF Modul The Application Level Firewall filters network traffic initiated by applications. It is possible to allow specific network connections for one application while other applications are not allowed to access the network at all.

This way an application can only use the network resources and ports that it actually needs. If an application is compromised, it can still only access these resources, and cannot extend it's reach. For example, a PDF viewer cannot download an update via HTTP without this being noticed, although the WWW browser has access to the web.

Sandbox (SB)

SB Modul The sandbox filters filesystem operations, which are requested by a specific application. It is possible to make only those filesystem-areas available, that an individual application needs. Access to other areas will be prevented.

This ensures that applications, even if they run with the privileges of a user, can only perform authorized operations on the filesystem.

Secure Filesystem (SFS)

SFS Modul With Anoubis you can ensure the integrity of files by using signed checksums. This can be used to implement two important features: Building of a trustworthy system and detection of manipulation.

The design of this trusted system ensures, that permissive policies of the Sandbox and the Application Level Firewall are only applied to selected applications (identfied with the help of signed checksums).

Even if an attacker succeeds in manipulating files on the system, this will be detected with the help of signed checksums. Execution of the manipulated application or access to the manipulated file is prevented. The signature is user-based, which means that each user can determine, if his own files were changed. This way a user can for example detect, if the user root has changed a file signed by the user, even if the root user has a new (for root) signature for the file.

Playground (PG)

Playground Modul The Playground Feature provides you with the ability to start an application such that it is will not be allowed to modify existing files on disk. An application that attempts such a modification will instead modify a copy of the original file. The Playground Module of Anoubis ensures that this happens transparently, i.e. the application is not aware of the fact that its write operations are redirected. In particular, there is no need to modify the application itself.

If a playground modifies a file, the modified version is not immediately accessible to other programs. Instead the user must transfer the file from the playground into the production system, explicitly. This transfer can be combined with a scan of the file, e.g. by a virus scanner.

Thus, it is possible to enforce explicit content checks on data written by an application in a playground before that data ends up in the production system.