20 projects tagged "Operating System Kernels"
Updated 29 Jan 2001
Astaro Portscan Detection
| Pop | 107.99 |
|---|---|
| Vit | 67.26 |
Astaro Portscan Detection is a netfilter target which will attempt to detect TCP and UDP port scans and log them to syslog. This target is based upon Solar Designer's scanlogd. It suppports mutliple levels of logging, custom prefixes for entries, weighted total port scan detection, and port scan temporal spread detection.
Updated 10 Mar 2002
Extended Attributes and ACLs for Linux
| Pop | 132.83 |
|---|---|
| Vit | 3.49 |
Linux, in the tradition of UNIX-like operating systems, implements file system permissions using a rather coarse scheme. While this is sufficient for a surprisingly large set of applications, it is too inflexible for many other scenarios. For that reason, all the major commercial UNIX operating systems have extended this simple scheme in one way or the other. This is an effort to implement POSIX-like Access Control Lists for Linux. Access Control Lists are built on top of Extended Attributes, which can also be used to associate other pieces of information with files such as Filesystem Capabilities, or user data like mime type and search keywords.
Updated 22 May 2005
IP Masquerade HOWTO
| Pop | 130.10 |
|---|---|
| Vit | 3.20 |
The IP Masquerade HOWTO is the document that contains instructions on understanding, configuring, and troubleshooting NAT or Network Address Translation for Linux. It covers topics such as IPTABLES, PORTFW, IPCHAINS, IPFWADM, stronger packet firewalls, multiple network segments, and configuring many client operating systems. It also has an extensive FAQ and troubleshooting section.
Updated 27 Nov 2010
KBDlock
| Pop | 28.72 |
|---|---|
| Vit | 2.00 |
KBDlock is a patch that allows you to implement keyboard locking under Linux.
Updated 22 Feb 2002
LOMAC
| Pop | 45.60 |
|---|---|
| Vit | 3.85 |
LOMAC uses Low Water-Mark Mandatory Access Control to protect the integrity of processes and data from viruses, trojan horses, malicious remote users, and compromised network server daemons. The LOMAC loadable kernel module can be used to harden Linux systems without any changes to existing kernels, applications, or configuration files. Due to its simplicity, LOMAC itself requires no configuration, regardless of the users and applications present on the system. Although some features and fixes remain to be implemented, LOMAC presently provides sufficient protection to thwart some attacks, and is stable enough for everyday use.
Updated 13 Dec 2007
Linux Intrusion Detection System
| Pop | 278.85 |
|---|---|
| Vit | 5.45 |
The Linux Intrusion Detection System (LIDS) is a patch which enhances the kernel's security by implementing a reference monitor and Mandatory Access Control (MAC). When it is in effect, chosen file access, all system/network administration operations, any capability use, raw device, memory, and I/O access can be made impossible even for root. You can define which programs can access specific files. It uses and extends the system capabilities bounding set to control the whole system and adds some network and filesystem security features to the kernel to enhance the security. You can finely tune the security protections online, hide sensitive processes, receive security alerts through the network, and more.
Updated 05 Jan 2002
Linux VPN Masquerade
| Pop | 74.57 |
|---|---|
| Vit | 2.74 |
Linux VPN Masquerade allows you to use an IPSec or PPTP VPN host (client or server) behind a Linux masquerading firewall. No more hogging the cable modem when you need to connect to the office network.
Updated 02 Apr 2007
Linux-VServer
| Pop | 270.75 |
|---|---|
| Vit | 8.78 |
Linux-VServer allows you to create virtual private servers and security contexts which operate like a normal Linux server, but allow many independent servers to be run simultaneously in one box at full speed. All services, such as ssh, mail, Web, and databases, can be started on such a VPS, without modification, just like on any real server. Each virtual server has its own user account database and root password and doesn't interfere with other virtual servers.
Updated 16 Apr 2002
Medusa DS9
| Pop | 51.87 |
|---|---|
| Vit | 3.28 |
Medusa DS9 is used to increase Linux's security. It consists of two major parts, Linux kernel changes and the user-space daemon. Kernel changes do the monitoring of syscalls, filesystem actions, and processes, and they implement the communication protocol. The security daemon communicates with the kernel using the character device to send and receive packets. It contains the whole logic and implements the concrete security policy. That means that Medusa can implement any model of data protection; it depends only on configuration file, which is in fact a program in the internal programming language, somewhat similiar to C.
Updated 09 Mar 2005
NSA Security-enhanced Linux
| Pop | 283.79 |
|---|---|
| Vit | 6.60 |
NSA Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control architecture into the major subsystems of the kernel. It provides a mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications. It includes a set of sample security policy configuration files designed to meet common, general-purpose security goals.
