IDS mailing list archives

Previous By Date Next
Previous By Thread Next

RE: System call based IDS for linux?

From: "Kohlenberg, Toby" <toby.kohlenberg () intel com>
Date: Mon, 27 Mar 2006 17:30:36 -0800
I seem to recall Stephanie Forrest of UNM publishing some
of her code. You might also look at SANA since I know that
was founded by one of her students.

toby 


-----Original Message-----
From: Jose Nazario [mailto:jose () monkey org] 
Sent: Monday, March 27, 2006 1:33 PM
To: Nomellames nunca
Cc: focus-ids () securityfocus com
Subject: Re: System call based IDS for linux?

On Sun, 26 Mar 2006, Nomellames nunca wrote:


Is there any system call based IDS for Linux? There exist an a lot of
research on the field, but I failed to find any package 

which I can give

a try. If anybody knows any project (stable or not) , I will truly
appreciate it.


LIDS?
http://www.lids.org/node/9

Systrace? (new 1.6 release improves Linux support greatly)
http://www.citi.umich.edu/u/provos/systrace/linux.html

those what you mean?

________
jose nazario, ph.d.                    jose () monkey org
http://monkey.org/~jose/               http://infosecdaily.net/
                                      http://www.wormblog.com/

---------------------------------------------------------------
---------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to 
http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
---------------------------------------------------------------
---------



------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: