Bugtraq mailing list archives

strace can lie ... but LTT might be handy

From: karym () INFO POLYMTL CA (Karim Yaghmour)
Date: Sun, 9 Jan 2000 14:01:17 -0500


Hello,

I recently received a forward of a message you sent on bugtraq
about strace providing inaccurate information. I see what the
problem is and I think you'd be interested to know that there's
a tool out there that'll fix the problem, the Linux Trace
Toolkit. I wrote this tool in order to be able to reconstruct
the dynamic behavior of a Linux system and it doesn't lie ;)
It tracks all important events and stores in the order they
occur in the kernel. Therefore ptrace() is not involved in any
way.

Check it out :

www.info.polymtl.ca/~karym/trace

Please give me feedback ... it's important for any further
enhancements.

Thanks.

P.S.: I'm not on bugtraq, so please CC if you send it there.

===================================================
                 Karim Yaghmour
               karym () info polymtl ca
            Operating System Consultant
 (Linux kernel, real-time and distributed systems)
===================================================

Current thread:

stream.c/raped.c tests (just for stats), (continued)
- - - stream.c/raped.c tests (just for stats) Vanja Hrustic (Jan 21)
    - Microsoft Security Bulletin (MS00-004) Microsoft Product Security (Jan 21)
    - Re: Vulnerabilities in Checkpoint FW-1 version 3.x and maybe 4.x Vanja Hrustic (Jan 22)
    - Re: Vulnerabilities in Checkpoint FW-1 version 3.x and maybe 4.x Markus Hofmann (Jan 22)
    - Administrivia Elias Levy (Jan 18)
    - Info on some security holes reported against SCO Unixware. Aaron Sigel (Jan 13)
    - ssh-proxy, a new approach to firewall software Magosanyi Arpad (Jan 13)
    - Re: Hotmail security hole - injecting JavaScript using <IMG Ajax (Jan 11)
    - Serious Bug in Corel Linux.(Local root exploit) tascon () ENETE GUI UVA ES (Jan 12)
    - secure-programs howto Signal 11 (Jan 09)
    - strace can lie ... but LTT might be handy Karim Yaghmour (Jan 09)
    - 2nd attempt: AIX techlibss follows links Klaus.Kusche () OOE GV AT (Jan 10)
    - NIS2k Bacano (Jan 11)
    - Password issue in Axent ESM 5.0.1 Console Todd (Jan 12)
    - Re: Password issue in Axent ESM 5.0.1 Console Scott Blake (Jan 14)
    - Local / Remote D.o.S Attack in Super Mail Transfer Package (SMTP) Server for WinNT Version 1.9x Ussr Labs (Jan 13)
    - Re: NIS2k Brad Griffin (Jan 13)
    - Misleading sense of security in Netscape Craig Ruefenacht (Jan 13)
    - Re: Misleading sense of security in Netscape Jefferson Ogata (Jan 18)
    - New MySQL Available Scott (Jan 13)
    - BindView Security Advisory: Local Promotion Vulnerability in Windows NT 4 BindView Security Advisory (Jan 13)

(Thread continues...)