Re: [Full-Disclosure] EFC Released

From: Timothy Demulder (timothy.demulder_at_tiscali.be)
Date: 03/04/04

  • Next message: Dean: "[Full-Disclosure] Recommendations for Web Application Scanners"
    To: full-disclosure@lists.netsys.com
    Date: Thu, 4 Mar 2004 09:45:21 +0100
    
    
    

    On Thu, 04 Mar 2004 11:17:20 +0530
    Balwinder Singh <balwinder@gmx.net> wrote:

    > Dear All,
    >
    > Execution Flow Control (EFC) is available for download at
    > http://sourceforge.net/projects/efc/
    >
    > What is EFC?
    >
    > EFC monitors the execution of a program by observing system calls made
    > by the program. EFC generates a database for each program describing
    > its behavioral model. The moment request for execution of a program is
    > made, kernel also loads program's behavioral model into the memory.
    > Each request by a program is compared with model data base, if request
    > agrees with model it is permitted else program is killed.
    >
    > EFC is a kernel module, and woks on Linux only.
    >
    > Sincerely
    >
    > Bal

    Seems very interesting, but how does it affect performance/stability of the system/kernel?

    Greets,

    Timothy

    ----
    Absolutely nothing should be concluded from these figures except that
    no conclusion can be drawn from them.
            -- Joseph L. Brothers, Linux/PowerPC Project)
    
    

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html



  • Next message: Dean: "[Full-Disclosure] Recommendations for Web Application Scanners"