Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Intrusion Detection - System Call Introspection
Special Forums Cybersecurity Intrusion Detection - System Call Introspection Post 302305710 by Neo on Thursday 9th of April 2009 02:27:26 PM
Old 04-09-2009
Quote:
Originally Posted by TonyFullerMalv
I think u need to buy something like tripwire...
Tripwire does not provide system call introspection.
 

7 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

how to differentiate system call from library call

Hi, Ho do I differentiate system call from library call? for example if I am using chmod , how do I find out if it is a system call or library call? Thanks Muru (2 Replies)
Discussion started by: muru
2 Replies

2. Shell Programming and Scripting

A simple intrusion detection script

If you have a very static Linux server and you want to make sure it's not messed with, here's a simple script that will tell you if any files have been tampered with. It's not as fancy or as secure as tripwire or those others, but it is very simple. It can be easily adapted to any *NIX OS. ... (3 Replies)
Discussion started by: otheus
3 Replies

3. Shell Programming and Scripting

system call

Hi, How to write a system calls in a script ? > cd $HOME > ls -ltr thanks in advance.. (10 Replies)
Discussion started by: hegdeshashi
10 Replies

4. Shell Programming and Scripting

need bash script Intrusion Detection on Linux

Hello all I have a script but I failed on the creation of Script is any is carried out in the shell sends the owner of the server, the message is has been implemented For example, functioned as a detection system intruders but in smaller Is it possible to help if you allow I want the... (4 Replies)
Discussion started by: x-zer0
4 Replies

5. Programming

system call

I have a cgi script which is called after certain time interval, which has this: system ("ls -l /tmp/cgic* | grep -v \"cgicsave.env\" | awk '{print $5}'"); During the execution of this script,the output is 0 sometimes. But due to this the system call is not working at all and doesnt o/p... (2 Replies)
Discussion started by: xs2punit
2 Replies

6. Programming

need help with system call

hi everyone i wrote a system call and compiled the kernel succesfully... my system call is in a file in the kernel folder named my_syscall1.c (kernel/my_syscall1.c) the header file for this system call i added it in the folder include like this include/my_syscall1/my_syscall1.h my problem is... (2 Replies)
Discussion started by: demis87
2 Replies

7. Programming

Parallel Processing Detection and Program Return Value Detection

Hey, for the purpose of a research project I need to know if a specific type of parallel processing is being utilized by any user-run programs. Is there a way to detect whether a program either returns a value to another program at the end of execution, or just utilizes any form of parallel... (4 Replies)
Discussion started by: azar.zorn
4 Replies

LEARN ABOUT DEBIAN

siggen

SIGGEN(8)						      System Manager's Manual							 SIGGEN(8)

NAME

       siggen - signature gathering routine for Tripwire

SYNOPSIS

       siggen [ options... ] file1 [ file2... ]

       Options:

	    -t	       --terse
	    -h	       --hexadecimal
	    -a	       --all
	    -C	       --CRC32
	    -M	       --MD5
	    -S	       --SHA
	    -H	       --HAVAL

DESCRIPTION

       siggen is a utility that displays the hash function values for the specified files.

OPTIONS

       -t, --terse
	      Terse mode.  Prints requested hashes for a given file on one line, delimited by spaces, with no extraneous information.

       -h, --hexadecimal
	      Display results in hexadecimal rather than base64 notation.

       -a, --all
	      Display all hash function values (default).

       -C, --CRC32
	      Display CRC-32, POSIX 1003.2 compliant 32-bit Cyclic Redundancy Check.

       -M, --MD5
	      Display MD5, the RSA Data Security, Inc. Message Digest Algorithm.

       -S, --SHA
	      Display SHA, Tripwire's implementation of the NIST Secure Hash Standard, SHS (NIST FIPS 180).

       -H, --HAVAL
	      Display Haval value, a 128-bit hash code.

       file1 [ file2... ]
	      List of filesystem objects for which to display values.

VERSION INFORMATION

       This man page describes siggen version 2.4.

AUTHORS

       Tripwire, Inc.

COPYING PERMISSIONS

       Permission  is granted to make and distribute verbatim copies of this man page provided the copyright notice and this permission notice are
       preserved on all copies.

       Permission is granted to copy and distribute modified versions of this man page under the conditions for verbatim  copying,  provided  that
       the entire resulting derived work is distributed under the terms of a permission notice identical to this one.

       Permission  is  granted to copy and distribute translations of this man page into another language, under the above conditions for modified
       versions, except that this permission notice may be stated in a translation approved by Tripwire, Inc.

       Copyright 2000 Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. in the United States and  other  countries.  All  rights
       reserved.

SEE ALSO

       twintro(8), tripwire(8), twadmin(8), twprint(8), twconfig(4), twpolicy(4), twfiles(5)

								    1 July 2000 							 SIGGEN(8)
All times are GMT -4. The time now is 08:30 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy