Vulnerability Development mailing list archives
Re: Capturing System Calls
From: peak () ARGO TROJA MFF CUNI CZ (Pavel Kankovsky)
Date: Thu, 22 Jun 2000 20:18:10 +0200
On Thu, 22 Jun 2000, Ryan Permeh wrote:
This doesn't allow you to modify, just monitor, and it is strictly noninteractive(ie: you can't break on specific systems calls, etc).
Subterfugue (http://subterfugue.org/) can do virtually anything (modify syscall parameters, ask a user whether a particular operation is allowed etc.) but it needs a recent Linux kernel (older implementations of ptrace() have too many shortcomings). --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Current thread:
- Re: Another new worm??? (technical), (continued)
- Re: Another new worm??? (technical) Pierre Vandevenne (Jun 23)
- Re: Another new worm??? (technical) Bluefish (Jun 23)
- Re: Another new worm??? (technical) Bluefish (Jun 23)
- Capturing System Calls Green Charles Contr AFRL/IFGB (Jun 22)
- Re: Capturing System Calls Christofer C. Bell (Jun 22)
- Re: Capturing System Calls Steve Mosher (Jun 22)
- Re: Capturing System Calls Chon-Chon Tang (Jun 22)
- Re: Capturing System Calls Jonathan Leto (Jun 22)
- Re: Capturing System Calls Michal Zalewski (Jun 22)
- Re: Capturing System Calls Ryan Permeh (Jun 22)
- Re: Capturing System Calls Pavel Kankovsky (Jun 22)
- Re: Capturing System Calls Todd Garrison (Jun 22)
- Re: Capturing System Calls Andrew Reisse (Jun 22)
- Re: Capturing System Calls Rajiv Dighe (Jun 22)
- Re: Capturing System Calls Granquist, Lamont (Jun 22)
- Re: Capturing System Calls Michal Zalewski (Jun 22)
- Re: Fwd: ShowFile CGI Security Vulnerability Blue Boar (Jun 21)
- Re: Another new worm??? Crispin Cowan (Jun 22)