|
|
Sponsored Content
Special Forums
Cybersecurity
Intrusion Detection - System Call Introspection
Post 302302747 by aravind007 on Tuesday 31st of March 2009 10:48:25 PM
03-31-2009
|
|
7 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
Ho do I differentiate system call from library call?
for example if I am using chmod , how do I find out if it is a system call or library call?
Thanks
Muru (2 Replies)
Discussion started by: muru
2 Replies
2. Shell Programming and Scripting
If you have a very static Linux server and you want to make sure it's not messed with, here's a simple script that will tell you if any files have been tampered with. It's not as fancy or as secure as tripwire or those others, but it is very simple. It can be easily adapted to any *NIX OS.
... (3 Replies)
Discussion started by: otheus
3 Replies
3. Shell Programming and Scripting
Hi,
How to write a system calls in a script ?
> cd $HOME
> ls -ltr
thanks in advance.. (10 Replies)
Discussion started by: hegdeshashi
10 Replies
4. Shell Programming and Scripting
Hello all
I have a script but I failed on the creation of
Script is any is carried out in the shell sends the owner of the server, the message is has been implemented
For example, functioned as a detection system intruders but in smaller
Is it possible to help if you allow
I want the... (4 Replies)
Discussion started by: x-zer0
4 Replies
5. Programming
I have a cgi script which is called after certain time interval, which has this:
system ("ls -l /tmp/cgic* | grep -v \"cgicsave.env\" | awk '{print $5}'");
During the execution of this script,the output is 0 sometimes. But due to this the system call is not working at all and doesnt o/p... (2 Replies)
Discussion started by: xs2punit
2 Replies
6. Programming
hi everyone
i wrote a system call and compiled the kernel succesfully...
my system call is in a file in the kernel folder named my_syscall1.c (kernel/my_syscall1.c)
the header file for this system call i added it in the folder include like this include/my_syscall1/my_syscall1.h
my problem is... (2 Replies)
Discussion started by: demis87
2 Replies
7. Programming
Hey, for the purpose of a research project I need to know if a specific type of parallel processing is being utilized by any user-run programs. Is there a way to detect whether a program either returns a value to another program at the end of execution, or just utilizes any form of parallel... (4 Replies)
Discussion started by: azar.zorn
4 Replies
LEARN ABOUT DEBIAN
suricata
SURICATA(8) System Manager's Manual SURICATA(8) NAME
suricata - Next Generation Intrusion Detection and Prevention Tool SYNOPSIS
suricata [options] DESCRIPTION
suricata is a network Intrusion Detection System (IDS). It is based on rules (and is fully compatible with snort rules) to detect a variety of attacks / probes by searching packet content. This new Engine supports Multi-Threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB), Gzip Decompression, Fast IP Matching and coming soon hardware acceleration on CUDA and OpenCL GPU cards. It supports acquiring packets through NFQUEUE, PCAP (live or offline) etc. OPTIONS
-c config_file Use configuration file config_file -i interface Sniff packets on interface. -r file Read the tcpdump-formatted file tcpdump-file. This will cause Suricata to read and process the file fed to it. This is useful for offline analysis. -q queue_id Sniff packets sent by the kernel through NFQUEUE. This allows running Suricata in inline mode (IPS) for packets captured by iptables using the NFQUEUE target. -s signatures Path to the signatures file. -l log_dir Path to the default log directory. -D Run as daemon --init-errors-fatal Enable fatal failure on signature init error. SEE ALSO
tcpdump(1), pcap(3). AUTHOR
suricata was written by the Open Information Security Foundation. This manual page was written by Pierre Chifflier <pollux@debian.org>, for the Debian project (and may be used by others). February 2010 SURICATA(8)