|
Honeypots
mailing list archives
CoVirt
From: Alexander Reelsen <ref () tretmine org>
Date: Tue, 10 Jun 2003 16:37:30 +0200
Hi
http://www.eecs.umich.edu/CoVirt/
This sounds pretty interesting for honeypots and especially for
information gathering. The description:
--- snip ---
ReVirt (part of the CoVirt project) is a complete Linux-on-Linux virtual
machine with replay capability: you can explore the state of the entire
virtual machine at any point in the past. For example, if you discover
an intruder, you can "go back in time" to see how they broke in, watch
the exploit in progress, and discover what was compromised. The overhead
of virtualization and logging is only 15-30%, even for kernel-intensive
applications.
--- snip ---
MfG/Regards, Alexander
--
Alexander Reelsen http://tretmine.org
ref () tretmine org
 By Date 
By Thread
Current thread:
- CoVirt Alexander Reelsen (Jun 10)
|
Intro
