This is a great tools to protect linux system. Basic setup and don't have to recompile other program to work.. just nice. I looking forward for sandbox feature from kernel 2.4 to 2.6. which is missing.
Also like to see one technique in future, process isolation via old chroot method .. using init like process to be isolated into an enviroment. Acting more like virtual host.
important bug fix for lids-0.9.7
There is a problem with the admin tool (lidsadm-0.9.7) included in the lids-0.9.7 package which does effectively deny switching off lids locally and reloading of the lids configuration. As I can't reach the author right now I posted a fix to the lids mailing list. Details and the fix can be found at:
LIDS - Linux Intrusion Detection System
Even if this is a very early version of this software, i find it quite intriguing. This will make software like Tripwire or Fcheck obsolete, or at least redundant. I can't think of a better way of protecting files than doing it at kernel level (well...read-only media are better i guess :). Protect your binaries. Protect your kernel file. Protect your lilo.conf. Now you got a secure system, and all that's left to hope is that your system was not trojanized BEFORE applying the patch :)
I look forward for the next releases of this patch. Good work guy.
An open, cross-platform journaling program.
A scientific plotting package.