Re: Host Based IDS

Relevant Pages

• Re: Not wanting to send my box to =?UTF-8?B?z4QgQ2V0aQ==?=
  ... Thank you for the recomendation of an IDS. ... actually was a firewall in the kernel... ... Learning the chrootkit output will be quite a nice challenge to tackle I ... configuration tool, such as shorewall. ...
  (comp.os.linux.security)
• Re: *ICN - A Conspiracy of Inertia?
  ... So their software basically is trend based IDS? ... levels or content] breaks the trend beyond certain parameters and the kernel ... > founders of cylant and their technical people a couple weeks back, ... > after a period of measurement on a mail server, ...
  (Focus-IDS)
• Re: [stable] Wanted: Allow adding new device IDs during the -stable cycle
  ... The very large majority of users out there use a distro kernel, ... config option at startup that adds the ids to the drivers through sysfs. ... patch, i.e. we don't just diff the device tables. ... That's a quirk addition, not a new device id following the above ...
  (Linux-Kernel)
• Re: C99 Initialisers
  ... > Greg KH wrote: ... But the kernel, using C code, uses those ids to match drivers to ... The idea was that since the kernel already keeps track of these ids, ... send the line "unsubscribe linux-kernel" in ...
  (Linux-Kernel)
• [Full-Disclosure] RE: Multiple WinXP kernel vulns can give user mode programs kernel mode
  ... This could be used for bypasses host based IDS for one thing, ... thats pretty useful from an attackers point of view no? ... the kernel without having a .sys file which is kinda cool. ...
  (Full-Disclosure)