Yin Yang is a real-time Linux file scanner that is activated whenever a file is accessed. When a file opening system call is detected, it will send the full pathname of the file to a network daemon. The network daemon will then pass the pathname of the file to a file scanner, such as an anti-virus scanner, and return the status. The status will then be reported back to the network daemon, and the response will be passed back to the system call. The default action logs a message to the system logger. The file scanner is wrapped with the original file opening system call, so it will open the file normally after the file scanning.
|Tags||Other/Nonlisted Topic Security Filesystems Logging Monitoring|
|Operating Systems||POSIX Linux|
No changes have been submitted for this release.