[rsbac] RSBAC HIDS ?

frealek frealek at myra.homelinux.net
Sat Jul 16 12:26:59 CEST 2005


Is anyone aware of Tiger's features as a HIDS ?
I wonder if it would be possible to integrate a host intrusion detection 
system into RSBAC's arch, because any user-land HIDS is not trustable, 
using it in a secure kernel would be great

What would be the best imho is to select a set of nice features from 
Tiger, seccheck (SUSE), checksecurity (OpenBSD), chkrootkit, rkhunter, 
... and create an RSBAC HIDS module

suggestions, critics, notes, all appreciated

PD : does this kind of stuff already exist in RSBAC ?

More information about the rsbac mailing list