Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Intrusion Detection - System Call Introspection
Special Forums Cybersecurity Intrusion Detection - System Call Introspection Post 302305706 by Ex-Capsa on Thursday 9th of April 2009 02:15:37 PM
Old 04-09-2009
You could also try OSSEC it a freeware
 

7 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

how to differentiate system call from library call

Hi, Ho do I differentiate system call from library call? for example if I am using chmod , how do I find out if it is a system call or library call? Thanks Muru (2 Replies)
Discussion started by: muru
2 Replies

2. Shell Programming and Scripting

A simple intrusion detection script

If you have a very static Linux server and you want to make sure it's not messed with, here's a simple script that will tell you if any files have been tampered with. It's not as fancy or as secure as tripwire or those others, but it is very simple. It can be easily adapted to any *NIX OS. ... (3 Replies)
Discussion started by: otheus
3 Replies

3. Shell Programming and Scripting

system call

Hi, How to write a system calls in a script ? > cd $HOME > ls -ltr thanks in advance.. (10 Replies)
Discussion started by: hegdeshashi
10 Replies

4. Shell Programming and Scripting

need bash script Intrusion Detection on Linux

Hello all I have a script but I failed on the creation of Script is any is carried out in the shell sends the owner of the server, the message is has been implemented For example, functioned as a detection system intruders but in smaller Is it possible to help if you allow I want the... (4 Replies)
Discussion started by: x-zer0
4 Replies

5. Programming

system call

I have a cgi script which is called after certain time interval, which has this: system ("ls -l /tmp/cgic* | grep -v \"cgicsave.env\" | awk '{print $5}'"); During the execution of this script,the output is 0 sometimes. But due to this the system call is not working at all and doesnt o/p... (2 Replies)
Discussion started by: xs2punit
2 Replies

6. Programming

need help with system call

hi everyone i wrote a system call and compiled the kernel succesfully... my system call is in a file in the kernel folder named my_syscall1.c (kernel/my_syscall1.c) the header file for this system call i added it in the folder include like this include/my_syscall1/my_syscall1.h my problem is... (2 Replies)
Discussion started by: demis87
2 Replies

7. Programming

Parallel Processing Detection and Program Return Value Detection

Hey, for the purpose of a research project I need to know if a specific type of parallel processing is being utilized by any user-run programs. Is there a way to detect whether a program either returns a value to another program at the end of execution, or just utilizes any form of parallel... (4 Replies)
Discussion started by: azar.zorn
4 Replies

LEARN ABOUT SUNOS

msgids

msgids(2)							   System Calls 							 msgids(2)

NAME

       msgids - discover all message queue identifiers

SYNOPSIS

       #include <sys/msg.h>

       int msgids(int *buf, uint_t nids, uint_t  *pnids);

DESCRIPTION

       The  msgids()  function copies all active message queue identifiers from the system into the user-defined buffer specified by buf, provided
       that the number of such identifiers is not greater than the number of integers the buffer can contain, as specified by nids.  If  the  size
       of the buffer is insufficient to contain all of the active message queue identifiers in the system, none are copied.

       Whether or not the size of the buffer is sufficient to contain all of them, the number of active message queue identifiers in the system is
       copied into the unsigned integer pointed to by pnids.

       If nids is 0 or less than the number of active message queue identifiers in the system, buf is ignored.

RETURN VALUES

       Upon successful completion, msgids() returns 0.	Otherwise, -1 is returned and errno is set to indicate the error.

ERRORS

       The msgids() function will fail if:

       EFAULT	       The buf or pnids argument points to an illegal address.

USAGE

       The msgids() function returns a snapshot of all the active message queue identifiers in the system.  More may be  added	and  some  may	be
       removed before they can be used by the caller.

EXAMPLES

       Example 1: msgids() example

       This is sample C code indicating how to use the msgids() function (see msgsnap(2)):

       void
       examine_queues()
       {
	    int *ids = NULL;
	    uint_t nids = 0;
	    uint_t n;
	    int i;

	    for (;;) {
		 if (msgids(ids, nids, &n) != 0) {
		      perror("msgids");
		      exit(1);
		 }
		 if (n <= nids)     /* we got them all */
		      break;
		 /* we need a bigger buffer */
		 ids = realloc(ids, (nids = n) * sizeof (int));
	    }

	    for (i = 0; i < n; i++)
		 process_msgid(ids[i]);

	    free(ids);
       }

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |MT-Level		     |Async-Signal-Safe 	   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ipcrm(1), ipcs(1), intro(2), msgctl(2), msgget(2), msgsnap(2), msgrcv(2), msgsnd(2), attributes(5)

SunOS 5.10							    8 Mar 2000								 msgids(2)
All times are GMT -4. The time now is 07:39 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy