Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: EFC Released
From: Timothy Demulder <timothy.demulder () tiscali be>
Date: Thu, 4 Mar 2004 09:45:21 +0100

On Thu, 04 Mar 2004 11:17:20 +0530
Balwinder Singh <balwinder () gmx net> wrote:

Dear All,

Execution Flow Control (EFC) is available for download at
http://sourceforge.net/projects/efc/

What is EFC?

EFC monitors the execution of a program by observing system calls made
by the program. EFC generates a database for each program describing 
its behavioral model. The moment request for execution of a program is
made, kernel also loads program's behavioral model into the memory.
Each request by a program is compared with model data base, if request
agrees with model it is permitted else program is killed. 

EFC is a kernel module, and woks on Linux only.

Sincerely

Bal

Seems very interesting, but how does it affect performance/stability of the system/kernel?

Greets,

Timothy
----

Absolutely nothing should be concluded from these figures except that
no conclusion can be drawn from them.
        -- Joseph L. Brothers, Linux/PowerPC Project)

Attachment: _bin
Description:


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault