Hi, A few people on LSM have expressed interest in SNARE (System iNtrusion Analysis and Reporting Environment - a Linux C2-style auditing subsystem) in the past, so I thought you'd appreciate it if I sent an annoucement for the new release (0.9) to the list. A couple of new features that you may be interested in: - Open-File-Flag filtering (eg: only report if a file in /etc/ is WRITTEN to) - User exception reporting (ie: "Tell me whenever anyone EXCEPT root, WRITES to /etc/passwd") - A few new monitored system calls (create_module, connect(), accept()) - The ability to send data over the network to a central auditing host. More info is available from http://www.intersectalliance.com/projects/index.html. Regards, Leigh. -- See http://www.intersectalliance.com/contact.html for contact info. _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Sat Apr 13 2002 - 16:58:09 PDT