[rsbac] RSBAC HIDS ?
frealek at myra.homelinux.net
Sat Jul 16 12:26:59 CEST 2005
Is anyone aware of Tiger's features as a HIDS ?
I wonder if it would be possible to integrate a host intrusion detection
system into RSBAC's arch, because any user-land HIDS is not trustable,
using it in a secure kernel would be great
What would be the best imho is to select a set of nice features from
Tiger, seccheck (SUSE), checksecurity (OpenBSD), chkrootkit, rkhunter,
... and create an RSBAC HIDS module
suggestions, critics, notes, all appreciated
PD : does this kind of stuff already exist in RSBAC ?
More information about the rsbac