04-09-2009
Quote:
Originally Posted by
TonyFullerMalv
I think u need to buy something like tripwire...
Tripwire does not provide system call introspection.
7 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
Ho do I differentiate system call from library call?
for example if I am using chmod , how do I find out if it is a system call or library call?
Thanks
Muru (2 Replies)
Discussion started by: muru
2 Replies
2. Shell Programming and Scripting
If you have a very static Linux server and you want to make sure it's not messed with, here's a simple script that will tell you if any files have been tampered with. It's not as fancy or as secure as tripwire or those others, but it is very simple. It can be easily adapted to any *NIX OS.
... (3 Replies)
Discussion started by: otheus
3 Replies
3. Shell Programming and Scripting
Hi,
How to write a system calls in a script ?
> cd $HOME
> ls -ltr
thanks in advance.. (10 Replies)
Discussion started by: hegdeshashi
10 Replies
4. Shell Programming and Scripting
Hello all
I have a script but I failed on the creation of
Script is any is carried out in the shell sends the owner of the server, the message is has been implemented
For example, functioned as a detection system intruders but in smaller
Is it possible to help if you allow
I want the... (4 Replies)
Discussion started by: x-zer0
4 Replies
5. Programming
I have a cgi script which is called after certain time interval, which has this:
system ("ls -l /tmp/cgic* | grep -v \"cgicsave.env\" | awk '{print $5}'");
During the execution of this script,the output is 0 sometimes. But due to this the system call is not working at all and doesnt o/p... (2 Replies)
Discussion started by: xs2punit
2 Replies
6. Programming
hi everyone
i wrote a system call and compiled the kernel succesfully...
my system call is in a file in the kernel folder named my_syscall1.c (kernel/my_syscall1.c)
the header file for this system call i added it in the folder include like this include/my_syscall1/my_syscall1.h
my problem is... (2 Replies)
Discussion started by: demis87
2 Replies
7. Programming
Hey, for the purpose of a research project I need to know if a specific type of parallel processing is being utilized by any user-run programs. Is there a way to detect whether a program either returns a value to another program at the end of execution, or just utilizes any form of parallel... (4 Replies)
Discussion started by: azar.zorn
4 Replies
LEARN ABOUT DEBIAN
suricata
SURICATA(8) System Manager's Manual SURICATA(8)
NAME
suricata - Next Generation Intrusion Detection and Prevention Tool
SYNOPSIS
suricata [options]
DESCRIPTION
suricata is a network Intrusion Detection System (IDS). It is based on rules (and is fully compatible with snort rules) to detect a variety
of attacks / probes by searching packet content.
This new Engine supports Multi-Threading, Automatic Protocol Detection (IP, TCP, UDP, ICMP, HTTP, TLS, FTP and SMB), Gzip Decompression,
Fast IP Matching and coming soon hardware acceleration on CUDA and OpenCL GPU cards.
It supports acquiring packets through NFQUEUE, PCAP (live or offline) etc.
OPTIONS
-c config_file
Use configuration file config_file
-i interface
Sniff packets on interface.
-r file
Read the tcpdump-formatted file tcpdump-file. This will cause Suricata to read and process the file fed to it. This is useful for
offline analysis.
-q queue_id
Sniff packets sent by the kernel through NFQUEUE. This allows running Suricata in inline mode (IPS) for packets captured by iptables
using the NFQUEUE target.
-s signatures
Path to the signatures file.
-l log_dir
Path to the default log directory.
-D Run as daemon
--init-errors-fatal
Enable fatal failure on signature init error.
SEE ALSO
tcpdump(1), pcap(3).
AUTHOR
suricata was written by the Open Information Security Foundation.
This manual page was written by Pierre Chifflier <pollux@debian.org>, for the Debian project (and may be used by others).
February 2010 SURICATA(8)