ignorance isn't always an option

Register | Login

FilesNewsUsersAuthors

Home Files News About Contact Add New

Showing 1 - 25 of 55

Files from Xie Hua Gang

lids-2.2.1rc3-2.6.12.tar.gz

Posted Jun 23, 2005

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Fixed a security bug when checking the LD_XXXX. Some other changes.

tags | kernel, root

systems | linux

MD5 | e8cbb00a25506284c0bd544d06cd6da7

Download | Favorite | Comments (0)

lids-2.2.1rc2-2.6.11.6.tar.gz

Posted Mar 29, 2005

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Minor bug fixes, feature enhancements.

tags | kernel, root

systems | linux

MD5 | 81828e5931fe0030742634ae8773e6de

Download | Favorite | Comments (0)

lids-2.2.1pre1-2.6.9.tar.gz

Posted Dec 30, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Minor bug fixes, feature enhancements.

tags | kernel, root

systems | linux

MD5 | a36bd23eb085b2f1dbd3c3128c903156

Download | Favorite | Comments (0)

lids-2.2.0rc2-2.6.7.tar.gz

Posted Jul 9, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Minor bug fixes, feature enhancements.

tags | kernel, root

systems | linux

MD5 | 611d1c70d8fd8d1bc65d67e1154ba94f

Download | Favorite | Comments (0)

lids-2.2.0rc1-2.6.6.tar.gz

Posted Jun 18, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Various bug fixes including a patch to fix a buffer overflow.

tags | kernel, root

systems | linux

MD5 | 41fef19259e24d5c34f33b426291b036

Download | Favorite | Comments (0)

lids-2.2.0pre4-2.6.6.tar.gz

Posted May 19, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Bind checker bug fixed, removed fast guessing acl searching instead using old way, added lids_bprm_apply_creds.

tags | kernel, root

systems | linux

MD5 | 4746d32acfd38895f33ac97248c1c5ed

Download | Favorite | Comments (0)

lids-2.2.0pre3-2.6.5.tar.gz

Posted Apr 20, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Kconfig ifdef cleanup, added back the fastguessing for acl searching, capability fixed up.

tags | kernel, root

systems | linux

MD5 | 794ee8f6ed8eb59243a8e8a3c625e738

Download | Favorite | Comments (0)

lids-2.2.0pre2-2.6.5.tar.gz

Posted Apr 12, 2004

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Release for 2.6.5. Added filesystem support, Enhanced ACL/searching performance, various other feature additions.

tags | kernel, root

systems | linux

MD5 | a2e115240f8e31495af8587ae8807333

Download | Favorite | Comments (0)

lids-2.0.1-2.5.47.tar.gz

Posted Nov 19, 2002

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs may access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.

Changes: Code was cleaned up and some unused configuration options were removed.

tags | kernel, root

systems | linux

MD5 | d0e933c88dd459c05dc0ad8012f6c583

Download | Favorite | Comments (0)

lids-1.1.0-2.4.16.tar.gz

Posted Dec 29, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: LIDS can be used for the 2.4.16 kernel, /etc/lids access deny is no more hardcoded and has to be included in the configuration and several bugs where fixed.

tags | kernel, root

systems | linux

MD5 | d136b6aa536027a514e6e5a04914a35d

Download | Favorite | Comments (0)

lids-1.0.15-2.4.9.tar.gz

Posted Sep 22, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Fixed inheritance problems including the kernel going into an endless loop and more lidsadm fixes and code cleanup.

tags | kernel, root

systems | linux

MD5 | 0ffdf8255f6c8078f96990ba7cf672c5

Download | Favorite | Comments (0)

lids-0.10.1-2.2.19.tar.gz

Posted Aug 26, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Time_scale and port_scale support from LIDS 1.0.14-2.4.9, bug fixes, changes to Config.in to allow users to change the default selected item when reconfiguring the kernel.

tags | kernel, root

systems | linux

MD5 | 1ef982472608c218a38d923faef606c3

Download | Favorite | Comments (0)

lids-1.0.14-2.4.9.tar.gz

Posted Aug 19, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Ported to kernel v2.4.9 and bugfixes.

tags | kernel, root

systems | linux

MD5 | f7b51e3b0d89856443a183226cfdaead

Download | Favorite | Comments (0)

lids-1.0.9-2.4.5.tar.gz

Posted Jun 4, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Ported to kernel v2.4.5, bugfixes, fixes for qmail, restrictions for LIDS mode switching on specified terminals, and adds code cleanups.

tags | kernel, root

systems | linux

MD5 | be4b57bd2ce6f2f85264af1cb8940e67

Download | Favorite | Comments (0)

lids-0.10-2.2.19.tar.gz

Posted May 30, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: This is a stable version of LIDS. It contains a sent mail alert compatible with qmail. There are many code cleanups, and many typos have been fixed. An added return character in do_execve() has been fixed.

tags | kernel, root

systems | linux

MD5 | 89ea35c3c57ba8297f676b61f87c9ee4

Download | Favorite | Comments (0)

lids-1.0.8-2.4.4.tar.gz

Posted May 23, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Updated for kernel v2.4.4. Most of the "-EROFS" have been changed to to "-EPERM" (the output of the violation would be "permission deny", not "Read only file system").

tags | kernel, root

systems | linux

MD5 | dd481a76c50f3787b9358d8ab71b2ef6

Download | Favorite | Comments (0)

lids-1.0.7-2.4.3.tar.gz

Posted Apr 17, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection. LIDS FAQ available here.

Changes: Now works with kernel 2.4.3! Also includes an update for the lidsadm package, cleaner code, and better makefiles.

tags | kernel, root

systems | linux

MD5 | 1b4e278735056eac00a525ff1456dfad

Download | Favorite | Comments (0)

lids-0.9.15-2.2.19.tar.gz

Posted Mar 28, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Now works with kernel 2.2.19! Also includes bugfixes in sysctl, and a new lids.conf format checker in lidsadm. Changelog available here.

tags | kernel, root

systems | linux

MD5 | a02f109af93dc7f60b24db9ccafd7873

Download | Favorite | Comments (0)

lids-1.0.6-2.4.2.tar.gz

Posted Mar 19, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: This release includes an inheritable level (TTL) feature, modifications to the inheritable routine in do_fork() and do_execve(), updates to the lidsadm and lidsadm man pages, a parent pid in lids security alert message, and some code clean-ups. Changelog available here.

tags | kernel, root

systems | linux

MD5 | 8c6e59910825eb6af2c3a4d51d0cc863

Download | Favorite | Comments (0)

lids-0.9.13-2.2.18.tar.gz

Posted Mar 10, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: The lidsadm compiling error was fixed. The code was cleaned. Information when accessing a hidden file was added. A lids_script.sh was added. The default lids.conf was fixed. Changelog available here.

tags | kernel, root

systems | linux

MD5 | da19d1267545032b05656148ef6213db

Download | Favorite | Comments (0)

lids-1.0.5-2.4.1.tar.gz

Posted Feb 4, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Now works with kernel v2.4.1 and fixes a memory crash in open_namei(), some tty_name export bugs, and a problem with lidsadm compiling thanks to the lidsext.h header file. Changelog available here.

tags | kernel, root

systems | linux

MD5 | 066b86447b727436d6da83a9383f7d88

Download | Favorite | Comments (0)

lids-0.9.12-2.2.18.tar.gz

Posted Jan 15, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: The file that acls inherit has had several bugs removed. Multiplatform support has been added to the makefile. Changelog available here.

tags | kernel, root

systems | linux

MD5 | 8cac5d7ec5749fcba0486331cb8c6d75

Download | Favorite | Comments (0)

lids-1.0.4-2.4.0.tar.gz

Posted Jan 10, 2001

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Ported to 2.4.0, minor bug fixes. Changelog available here.

tags | kernel, root

systems | linux

MD5 | 8cef87ae1898d25364c8568fb1cd1842

Download | Favorite | Comments (0)

lids-0.9.11-2.2.18.tar.gz

Posted Dec 15, 2000

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: This release includes various bugfixes in lidsadm and is compatible with kernel 2.2.18.

tags | kernel, root

systems | linux

MD5 | 85c638f6e5a8d9a4a95e7b9091f587f9

Download | Favorite | Comments (0)

lids-0.9.11-2.2.17.tar.gz

Posted Dec 2, 2000

Authored by Xie Hua Gang | Site lids.org

The Linux Intrusion Detection System is a patch which enhances the kernel's security. When it's in effect, many system administration operations can be made impossible even for root. You can turn the security protection on or off on the fly and you can hide sensitive processes and prevent anyone from using ptrace or any other capability on your system. LIDS can also provide raw device and I/O access protection.

Changes: Bugfixed the file ACLs inherit, add EXEC domain support in kernel and lidsadm, and other bug fixes.

tags | kernel, root

systems | linux

MD5 | 72c89288c0b8ab21224fd50abfea6526

Download | Favorite | Comments (0)