IDS: Re: System call based IDS for linux?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

IDS mailing list archives

Re: System call based IDS for linux?

From: Jose Nazario <jose () monkey org>
Date: Mon, 27 Mar 2006 16:32:45 -0500 (EST)

On Sun, 26 Mar 2006, Nomellames nunca wrote:

Is there any system call based IDS for Linux? There exist an a lot of
research on the field, but I failed to find any package which I can give
a try. If anybody knows any project (stable or not) , I will truly
appreciate it.


LIDS?
http://www.lids.org/node/9

Systrace? (new 1.6 release improves Linux support greatly)
http://www.citi.umich.edu/u/provos/systrace/linux.html

those what you mean?

________
jose nazario, ph.d.                     jose () monkey org
http://monkey.org/~jose/                http://infosecdaily.net/
                                        http://www.wormblog.com/

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 
to learn more.
------------------------------------------------------------------------

By Date By Thread

Current thread:

System call based IDS for linux? Nomellames nunca (Mar 27)
- Re: System call based IDS for linux? Jose Nazario (Mar 27)
- Message not available
  - Re: System call based IDS for linux? Sanjay Rawat (Mar 28)
    - Re: System call based IDS for linux? Nomellames nunca (Mar 29)
- <Possible follow-ups>
- RE: System call based IDS for linux? Kohlenberg, Toby (Mar 28)