Linux Intrusion Detection System 1.0.15 for 2.4.9 (2.4.x) by Huagang Xie (http://freshmeat.net/users/xhg/) Friday, September 21st 2001 15:08 Categories: Security, System :: Operating System Kernels :: Linux About: The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs can access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more. Changes: Fixes for severe inheritance problems including the kernel going into an endless loop, a fix for the CAP_NET_BIND_SERVICE when it is globally enabled but can not bind, and more lidsadm cleanup and fixes. License: GNU General Public License (GPL) URL: http://freshmeat.net/projects/linuxintrusiondetectionsystem/ -- Elias Levy SecurityFocus http://www.securityfocus.com/ Si vis pacem, para bellum
This archive was generated by hypermail 2b30 : Mon Oct 01 2001 - 16:25:25 PDT