Home | hacker invade | crack analyzes | hacker course | Exploit | encryption decipher | network management | System crack | the virus to be related | invades the examination | firewall
You are here: hacking technology > invades the examination > Content
Hot Articles
Based on CallStack count
Security precious book m
Bypasses the web key wor
How to use double WAN ro
Only opens 80 port's saf
pcshare official net exa
Uses IDS/IPS effectively
The invasion examination
pcshare official net exa
Making network security
The invasion examination
Serv-U bounce attack and
IDS invasion examination
php.ini explains in deta
Invasion examination + f
Recommend Articles
Only opens 80 port's saf
Bypasses the web key wor
Bypasses the CallStack f
Security precious book m
Based on CallStack count
pcshare official net exa
SQL Server SA idle talk
Honey jar and honey net
The invasion examines th
Four next generation inv
An accidental invasion e
The invasion examines (I
How to use IDS to invade
The invasion examination
A winding safe examinati
New Articles
To a Jinshan poisonous t
I to a some hacker techn
Carries on the safe exam
To some senior Technical
To a some agricultural s
health.china.com's frien
To a Jiangxi some teleco
To Tsinghua University's
To Tsinghua University's
To a some software compa
Uses Snort1.7
After the system suffers
The distributional invas
Surveys the LKM back doo
After one time by DNS at
LIDS all captures
  Add date: 09/17/2008   Publishing date: 09/17/2008   Hits: 2
Total 14 pages, Current page:1, Jump to page:
 
One. LIDS introduced:
LIDS is under the Linux invasion examination and the shielding systems, is the linux essence patch and the safety control tool, it strengthened the essence security, it has realized the reference monitor pattern as well as the mandatory access control in the essence (Mandatory Access Control) the pattern.
LIDS major function:
Protection: Protects on the hard disk any type important document and the table of contents, like tables of contents and its under document and so on /bin, /sbin, /usr/bin, /usr/sbin, /etc/rc.d, as well as in system's sensitive document, if passwd and the shadow document, prevents unauthorized (including ROOT) and the unauthorized procedure enters, anybody is unable including ROOT to change, the document may hide. Protects the important advancement not to terminate, anybody cannot kill the advancement including root, moreover may hide the specific advancement. Prevents the illegal procedures RAW the IO operation, protects the hard disk, including MBR protection and so on.
Examination: The integration in the essence port scanner, LIDS can examine the scanning and the reporting technology system manager. LIDS may also examine on the system any to violate the rule the advancement.
Response: From essence safe warning, when some people violate the rule, LIDS in the control bench demonstration warning information, the illegal active detail will record LIDS in the protection system log document. LIDS may also send the log information in your mailbox. LIDS may also close immediately with user's conversation.

Two. LIDS installment:

1. downloading must the document, the linux essence sound code package and the lids package, then the decompression

# cd linux_install_path/
# bzip2 - cd linux-2.4.16.tar .bz2 | tar - xvf -

# cd lids_install_path
# tar - zxvf lids-1.1.0-2.4.16.tar.gz

2 have the LIDS patch in the linux essence, then disposes and translates the linux essence, installs the LIDS system

# cd linux_install_path/linux
# patch - p1 < lids_install_path/lids-version-linversion.patch

# rm - rf /usr/src/linux
# ln - s linux_install_patch/linux /usr/src/linux

# cd /usr/src/linux
# make menuconfig or make xconfig
[*] Prompt for development and/or incomplete code/drivers [*] Sysctl support
[*] Linux Intrusion Detection System support (EXPERIMENTAL) (NEW).

[] Hang up console when raising a security alert
When receives a safe warning to hang up the control bench
[] Security alert when execing unprotected programs before sealing LIDS
When execution not LIDS protection procedure transmits the safe warning
[] Do not execute unprotected programs before sealing LIDS
Before installing LIDS not to carry out the procedure which protects
[] Try not to flood logs
Do not let the diary as far as possible overflow
[] Allow switching LIDS protections
The permission transforms the LIDS protection
[] Allow remote users to switch LIDS protections
Allows the remote subscriber to transform the LIDS protection
[] Allow any program to switch LIDS protections

 
Other pages: : 1 * 2 * 3 * 4 * 5 * 6 * 7 * 8 * 9 * 10 * 11 * 12 * 13 * 14 * Next>>
Prev:How to examine the VMware system Next:IDS invasion examination (figure)

Comment:

Category: Home > invades the examination
Home