what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 25 of 55

Files from Xie Hua Gang

lids-2.2.1rc3-2.6.12.tar.gz

Posted Jun 23, 2005

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Fixed a security bug when checking the LD_XXXX. Some other changes.

tags | kernel, root

systems | linux

SHA-256 | ef139543a9532e044a332e6fe24a517551fe4da5ef7447675ac35fac64a5755c

Download | Favorite | View

lids-2.2.1rc2-2.6.11.6.tar.gz

Posted Mar 29, 2005

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Minor bug fixes, feature enhancements.

tags | kernel, root

systems | linux

SHA-256 | 565021bb9e0539ec81c98acd63a4c0549afb0521bf1f38458fe8c4be5711574d

Download | Favorite | View

lids-2.2.1pre1-2.6.9.tar.gz

Posted Dec 30, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Minor bug fixes, feature enhancements.

tags | kernel, root

systems | linux

SHA-256 | 2b5da689d5dfb5157eff784fc08c8576d491276b71c2a014b87742ca6c8a313a

Download | Favorite | View

lids-2.2.0rc2-2.6.7.tar.gz

Posted Jul 9, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Minor bug fixes, feature enhancements.

tags | kernel, root

systems | linux

SHA-256 | fc21d49d58b215f92d63f8e494423e769ad2948b23c0413be2c2a3568d494a1e

Download | Favorite | View

lids-2.2.0rc1-2.6.6.tar.gz

Posted Jun 18, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Various bug fixes including a patch to fix a buffer overflow.

tags | kernel, root

systems | linux

SHA-256 | 6219db56dc49271afaeca6845cd6ef97ecd224e25daafcc1aebfbd0f5e82157c

Download | Favorite | View

lids-2.2.0pre4-2.6.6.tar.gz

Posted May 19, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Bind checker bug fixed, removed fast guessing acl searching instead using old way, added lids_bprm_apply_creds.

tags | kernel, root

systems | linux

SHA-256 | 190cb7b10a07b9a096f5aa1c1f9fbac3d764e7213323fe1bdde31b65b2435858

Download | Favorite | View

lids-2.2.0pre3-2.6.5.tar.gz

Posted Apr 20, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Kconfig ifdef cleanup, added back the fastguessing for acl searching, capability fixed up.

tags | kernel, root

systems | linux

SHA-256 | e025e71556bd167fa5f567b20af24a34eb59dcaf730c8e180f0c41520490d2ca

Download | Favorite | View

lids-2.2.0pre2-2.6.5.tar.gz

Posted Apr 12, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Release for 2.6.5. Added filesystem support, Enhanced ACL/searching performance, various other feature additions.

tags | kernel, root

systems | linux

SHA-256 | 7c83e2106826ddae1fcf6233ad7941c4ac157d1a92eaa396f5a0b4a11c263470

Download | Favorite | View

lids-2.0.1-2.5.47.tar.gz

Posted Nov 19, 2002

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Code was cleaned up and some unused configuration options were removed.

tags | kernel, root

systems | linux

SHA-256 | 33bc39be02f6f9fa92f7efb8c6d01faab2053db50dc8cd1eddd75d3abe91aa5a

Download | Favorite | View

lids-1.1.0-2.4.16.tar.gz

Posted Dec 29, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: LIDS can be used for the 2.4.16 kernel, /etc/lids access deny is no more hardcoded and has to be included in the configuration and several bugs where fixed.

tags | kernel, root

systems | linux

SHA-256 | d7548f59b3973f98bdf19dc654a963244f3639ac752c377a382018717e9a1191

Download | Favorite | View

lids-1.0.15-2.4.9.tar.gz

Posted Sep 22, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Fixed inheritance problems including the kernel going into an endless loop and more lidsadm fixes and code cleanup.

tags | kernel, root

systems | linux

SHA-256 | 3e13d68114e1d23e557d6f3380af20b67b224328e7e1951b82b181c1a107fa27

Download | Favorite | View

lids-0.10.1-2.2.19.tar.gz

Posted Aug 26, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Time_scale and port_scale support from LIDS 1.0.14-2.4.9, bug fixes, changes to Config.in to allow users to change the default selected item when reconfiguring the kernel.

tags | kernel, root

systems | linux

SHA-256 | fa73c81507fdc34e71380a4fcae9a2d014a38bdc7e2b4649acc884fd2b7340aa

Download | Favorite | View

lids-1.0.14-2.4.9.tar.gz

Posted Aug 19, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Ported to kernel v2.4.9 and bugfixes.

tags | kernel, root

systems | linux

SHA-256 | 2357dc349e64dbc6ae294600e876095936e6275a0e43c8dde00964b5d4372dde

Download | Favorite | View

lids-1.0.9-2.4.5.tar.gz

Posted Jun 4, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Ported to kernel v2.4.5, bugfixes, fixes for qmail, restrictions for LIDS mode switching on specified terminals, and adds code cleanups.

tags | kernel, root

systems | linux

SHA-256 | 0eb9c8337d0ebff278320b37447da70b318ca4e6736a28aa3be2e2df4fdb8d00

Download | Favorite | View

lids-0.10-2.2.19.tar.gz

Posted May 30, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: This is a stable version of LIDS. It contains a sent mail alert compatible with qmail. There are many code cleanups, and many typos have been fixed. An added return character in do_execve() has been fixed.

tags | kernel, root

systems | linux

SHA-256 | 2a2630b8d0ab5101fb7173cc11f937ba8d4ca96414efde327e0bdee62d6c9a0a

Download | Favorite | View

lids-1.0.8-2.4.4.tar.gz

Posted May 23, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Updated for kernel v2.4.4. Most of the "-EROFS" have been changed to to "-EPERM" (the output of the violation would be "permission deny", not "Read only file system").

tags | kernel, root

systems | linux

SHA-256 | c55524357504029edc8df12d1f74d0fae50aa031bb0a75ab64e4e96ad05757ee

Download | Favorite | View

lids-1.0.7-2.4.3.tar.gz

Posted Apr 17, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Now works with kernel 2.4.3! Also includes an update for the lidsadm package, cleaner code, and better makefiles.

tags | kernel, root

systems | linux

SHA-256 | 4115335725a45f4603641308018122c98866dbd7787e7f9647379a7e21f766f6

Download | Favorite | View

lids-0.9.15-2.2.19.tar.gz

Posted Mar 28, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Now works with kernel 2.2.19! Also includes bugfixes in sysctl, and a new lids.conf format checker in lidsadm. Changelog available here.

tags | kernel, root

systems | linux

SHA-256 | 3d2feaabf2a3476e8e5fe697c9e2d36dc0a9ab633ab64b0304eb9b2930cccdc7

Download | Favorite | View

lids-1.0.6-2.4.2.tar.gz

Posted Mar 19, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: This release includes an inheritable level (TTL) feature, modifications to the inheritable routine in do_fork() and do_execve(), updates to the lidsadm and lidsadm man pages, a parent pid in lids security alert message, and some code clean-ups. Changelog available here.

tags | kernel, root

systems | linux

SHA-256 | cbaab72e4f20d696eea4e7251c3a4edfe3d75660587798d51395378d701d87e6

Download | Favorite | View

lids-0.9.13-2.2.18.tar.gz

Posted Mar 10, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: The lidsadm compiling error was fixed. The code was cleaned. Information when accessing a hidden file was added. A lids_script.sh was added. The default lids.conf was fixed. Changelog available here.

tags | kernel, root

systems | linux

SHA-256 | 8459d7e1cf4d16f4d2535b7dda2ad49323ca89bb88f90460854bfc02ec8f92ce

Download | Favorite | View

lids-1.0.5-2.4.1.tar.gz

Posted Feb 4, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Now works with kernel v2.4.1 and fixes a memory crash in open_namei(), some tty_name export bugs, and a problem with lidsadm compiling thanks to the lidsext.h header file. Changelog available here.

tags | kernel, root

systems | linux

SHA-256 | 6f96f63de4af4170169d6cdcffdb9d32be99d4d4d2b89e7331ca2788ee70de48

Download | Favorite | View

lids-0.9.12-2.2.18.tar.gz

Posted Jan 15, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: The file that acls inherit has had several bugs removed. Multiplatform support has been added to the makefile. Changelog available here.

tags | kernel, root

systems | linux

SHA-256 | 93df40db3ded0984e310427b0a610a904c98dec72bedfc97d6225c84155482a4

Download | Favorite | View

lids-1.0.4-2.4.0.tar.gz

Posted Jan 10, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Ported to 2.4.0, minor bug fixes. Changelog available here.

tags | kernel, root

systems | linux

SHA-256 | 5e257060611413078e8d09f1b2748e598fbd04ca9e3b4aa6f929985f3128172c

Download | Favorite | View

lids-0.9.11-2.2.18.tar.gz

Posted Dec 15, 2000

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: This release includes various bugfixes in lidsadm and is compatible with kernel 2.2.18.

tags | kernel, root

systems | linux

SHA-256 | 77d51a6ef53e377459d132a3d65faba0ed5c39b85e2f9439483a99a686abc0fe

Download | Favorite | View

lids-0.9.11-2.2.17.tar.gz

Posted Dec 2, 2000

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Bugfixed the file ACLs inherit, add EXEC domain support in kernel and lidsadm, and other bug fixes.

tags | kernel, root

systems | linux

SHA-256 | db8320d45e7a0db0ca98db363d063caa4bd32e4326e601e5c8b3aaad36301fd3

Download | Favorite | View