OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: IDS: kernel implementations
From: Dug Song (dugsongmonkey.org)
Date: Fri Jul 21 2000 - 11:19:44 CDT

Archive: http://msgs.securepoint.com/ids
FAQ: http://www.ticm.com/kb/faq/idsfaq.html
IDS: http://www-rnks.informatik.tu-cottbus.de/~sobirey/ids.html
HELP: Having problems... email questions to ids-owneruow.edu.au
NOTE: Remove this section from reply msgs otherwise the msg will bounce.
SPAM: DO NOT send unsolicted mail to this list.
UNSUBSCRIBE: email "unsubscribe ids" to majordomouow.edu.au
-----------------------------------------------------------------------------
On Thu, 20 Jul 2000, John S Flowers wrote:

> Alternately, I believe there's a Linux based IDS solution called LIDS
> that does some of this, but they aren't achieving anywhere near the
> speeds we're getting with our OpenBSD modifications.

LIDS does nothing of the sort, actually. they're focusing on providing
kernel audit facilities, finer-grained access controls, and an analog to
BSD securelevels.

you're probably thinking of Alexey Kuznetsov's "turbopacket" kernel
patch for Linux:

http://www.tux.org/pub/net/ip-routing/lbl-tools/http://www.tux.org/pub/net/ip-routing/lbl-tools/http://www.tux.org/pub/net/ip-routing/lbl-tools/kernel-turbopacket.dif.gz

-d. 

---
http://www.monkey.org/~dugsong/