|
trickymod1
We all agree that Linux Servers and Firewalls kernels should not support "dynamic module handling" !
But what ? for some reason, you absolutely need this functionnality.
In that case, the Linux module trickymod1 can enforce the global level of security by detecting
the insertion of new modules.
|
Version 1.0 has been released.
|
| |
-
Generates a local log when a new module is loaded by the kernel
-
Also sends a log message to a remote syslog server (this makes
the hacker more difficult to hide his tracks...)
-
Accepts the following parameters at loading time:
- facility=integer, (default is 10 = AUTHPRIV, see <sys/syslog.h>)
- severity=integer, (default is 1 = ALERT, see <sys/syslog.h>)
- remote="a.b.c.d", (IP address of the remote syslog server)
|
| Free versions | Archive | MD5 checksum |
| 1.0 (tested with kernel 2.4.20) |
trickymod1.c |
ef50025c6eed430869d29ede036cf991 |
|
|
|
 |
