Linux Intrusion Detection System 1.0.15 for 2.4.9 (2.4.x)

From: aleph1at_private
Date: Mon Oct 01 2001 - 14:48:19 PDT

  • Next message: aleph1at_private: "keychain 1.5"

    Linux Intrusion Detection System 1.0.15 for 2.4.9 (2.4.x)
      by Huagang Xie (http://freshmeat.net/users/xhg/)
      Friday, September 21st 2001 15:08
    
    Categories: Security, System :: Operating System Kernels :: Linux
    
    About: The Linux Intrusion Detection System (LIDS) is a patch which
    enhances the kernel's security by implementing a reference monitor and
    Mandatory Access Control (MAC). When it is in effect, chosen file access,
    all system/network administration operations, any capability use, raw
    device, memory, and I/O access can be made impossible even for root. You
    can define which programs can access specific files. It uses and extends
    the system capabilities bounding set to control the whole system and adds
    some network and filesystem security features to the kernel to enhance the
    security. You can finely tune the security protections online, hide
    sensitive processes, receive security alerts through the network, and
    more.
    
    Changes: Fixes for severe inheritance problems including the kernel going
    into an endless loop, a fix for the CAP_NET_BIND_SERVICE when it is
    globally enabled but can not bind, and more lidsadm cleanup and fixes.
    
    License: GNU General Public License (GPL)
    
    URL: http://freshmeat.net/projects/linuxintrusiondetectionsystem/
    
    
    
    -- 
    Elias Levy
    SecurityFocus
    http://www.securityfocus.com/
    Si vis pacem, para bellum
    



    This archive was generated by hypermail 2b30 : Mon Oct 01 2001 - 16:25:25 PDT