Projects / Procwatch

Procwatch

Procwatch is security monitor written in Perl that watches a /proc filesystem for new processes. When a process is created, procwatch reports the time, the username, the PID, and the binary that was run. Its output is suitable for logging to log files and is geared for system administrators who are testing a new but as yet untrusted UNIX system. Although it cannot detect, and is not proof against, hacked loadable kernel modules that have modified /proc, it is useful in watching for possible rogue binaries.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  23 Nov 2001 16:11

    Release Notes: This release can run as a daemon and log to a specified file.

    •  24 Mar 2001 07:08

      No changes have been submitted for this release.

      Screenshot

      Project Spotlight

      OpenStack4j

      A Fluent OpenStack client API for Java.

      Screenshot

      Project Spotlight

      TurnKey TWiki Appliance

      A TWiki appliance that is easy to use and lightweight.