Re: malware defense

BIONDI Philippe (Philippe.BIONDI@enst-bretagne.fr)
Mon, 6 Dec 1999 14:17:54 +0100 (MET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Wichert Akkerman: "Re: over 5Gb missing from a 13.5Gb disk"
Previous message: Thomas Sailer: "Process "pickling""
Maybe in reply to: andrew@daviel.org: "malware defense"

I suggest you to have a glimpse at the LIDS project
(Linux Intrusion Detection System).
Its aim is to have an incorruptible kernel (no /dev/kmem, no modules after
boot time) and then to protect user space entities (like daemons, files,
append only files (for logs...), MBR, and more...)
Actually, I just remember a mirror address :
http://www.lids.webmotion.net
I released an unofficial version last night (which I hope will be soon
official) which can be found at ftp://ftp.webmotion.net/pub/lids

regard,
Phil

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Wichert Akkerman: "Re: over 5Gb missing from a 13.5Gb disk"
Previous message: Thomas Sailer: "Process "pickling""
Maybe in reply to: andrew@daviel.org: "malware defense"