Snare 1.2
Sponsored Links
Snare 1.2 Ranking & Summary
File size:
0.32 MB
Platform:
Any Platform
License:
GPL (GNU General Public License)
Price:
Downloads:
823
Date added:
2007-08-08
Publisher:
Leigh Purdie
Snare 1.2 description
SNARE (System iNtrusion Analysis and Reporting Environment) is a kernel patch, daemon, and Gnome2 GUI, that together provide a host intrusion detection facility and C2-style auditing/event logging capability for Linux similar to the Basic Security Module (BSM) for Solaris, or the Windows Event Log.
SNARE is divided into three key components:
The Kernel changes
In order to collect event log data, Snare needs to add auditing support into the operating system. You can choose to either install a binary version of the kernel, with Snare already integrated, or you can apply a patch to your kernel source.
Although we try hard to make Snare as easy to install as possible, there are hundreds of different distributions and kernel versions, and it would be an immense task to build Snare for each variant. We are hoping that recent efforts towards creating a native auditing subsystem for linux will soon mean that the kernel component of the Snare for Linux agent, will no longer be required.
The Snare Audit Daemon
The Snare audit daemon acts as an interface between the Linux kernel, and the security administrator. It allow you to turn on events, filter the output, and potentially push audit log information back to a central location for collection, analysis and archival.
The Snare Micro-Web Server, and Audit GUI
The Snare audit GUI provides a graphical user interface to the Snare audit daemon. It allows you to add, remove or modify audit objectives, and change reporting options.
The Micro-Web Server, is embedded in the audit daemon, and provides a very simple configuration capability that can be managed from your web browser.
Enhancements:
- Added support for compound matching elements (e.g. name=/etc/* name!=/etc/blah/*)
- Improved authentication support for remote control interface
- Updated SELinux policy (RHEL5 support)
- Improved automatic audit configuration using objective returncode detection to pre filter unnecessary records
- Fixed element matching error
- Fixed error in criticality reporting (e.g. criticality was always zero)
- Fixed race condition that could potentially clear all audit rules on restart
- Improved effeciency allowing a higher throughput
- Improved installer for easier deployment
- Disabled local logging by default
SNARE is divided into three key components:
The Kernel changes
In order to collect event log data, Snare needs to add auditing support into the operating system. You can choose to either install a binary version of the kernel, with Snare already integrated, or you can apply a patch to your kernel source.
Although we try hard to make Snare as easy to install as possible, there are hundreds of different distributions and kernel versions, and it would be an immense task to build Snare for each variant. We are hoping that recent efforts towards creating a native auditing subsystem for linux will soon mean that the kernel component of the Snare for Linux agent, will no longer be required.
The Snare Audit Daemon
The Snare audit daemon acts as an interface between the Linux kernel, and the security administrator. It allow you to turn on events, filter the output, and potentially push audit log information back to a central location for collection, analysis and archival.
The Snare Micro-Web Server, and Audit GUI
The Snare audit GUI provides a graphical user interface to the Snare audit daemon. It allows you to add, remove or modify audit objectives, and change reporting options.
The Micro-Web Server, is embedded in the audit daemon, and provides a very simple configuration capability that can be managed from your web browser.
Enhancements:
- Added support for compound matching elements (e.g. name=/etc/* name!=/etc/blah/*)
- Improved authentication support for remote control interface
- Updated SELinux policy (RHEL5 support)
- Improved automatic audit configuration using objective returncode detection to pre filter unnecessary records
- Fixed element matching error
- Fixed error in criticality reporting (e.g. criticality was always zero)
- Fixed race condition that could potentially clear all audit rules on restart
- Improved effeciency allowing a higher throughput
- Improved installer for easier deployment
- Disabled local logging by default
Snare 1.2 Screenshot
Snare 1.2 Keywords
Snare 1.2
Linux
for linux
snare
audit
kernel
support
subsystem
improved
Snare 1.2
Security
Miscellaneous
Bookmark Snare 1.2
Snare 1.2 Copyright
WareSeeker periodically updates pricing and software information of Snare 1.2 full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of Snare 1.2 Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
Featured Software
Want to place your software product here?
Please contact us for consideration.
Contact WareSeeker.com
Related Information
yahoo messenger for linux
for linux script
linux kernel
snare drums
auditions
msn messenger for linux
american idol auditions
snare traps
snare drum solos
auditions shoes
for linux command
kaspersky anti-virus for linux server
wine for linux
auditory processing disorder
snare drum
snare drum parts
auditorium theatre
snaresbrook crown court
Related Software
SimDock project is a fast and fully configurable dock bar for Linux. Free Download
XIAN (a cross-layer Interface for wireless ad-hoc networks) is a generic interface for experimenting cross-layer. Free Download
Syntext Serna Free is a powerful and easy-to-use XML editor for WYSIWYG content authoring intended for personal use at home, documenting open-source projects, education, and other non-commercial uses. Available for Windows, Linux, MacOsX, SunSolaris. Free Download
KBDE is a keyboard emulator. Free Download
StreamOS is a free operating system written in Object Pascal using the FreePascal compiler. Free Download
A well drawn small collection of cool New Zealand-themed icons Free Download
AOL Instant Messenger, AIM, is a free online chat service for linux. Free Download
Relax and Recover (abbreviated rear) is a highly modular disaster recovery framework for GNU/Linux based systems. Free Download
Latest Software
Popular Software
Favourite Software
