Systrace 1.6d
Sponsored Links
Systrace 1.6d Ranking & Summary
File size:
0.20 MB
Platform:
Any Platform
License:
BSD License
Price:
Downloads:
1285
Date added:
2006-04-24
Publisher:
Niels Provos
Systrace 1.6d description
The policy is generated interactively. Operations not covered by the policy raise an alarm, allowing an user to refine the currently configured policy.
For complicated applications, it is difficult to know the correct policy before running them. Initially, Systrace notifies the user about all system calls that an application tries to execute. The user configures a policy for the specific system call that caused the warning. After a few minutes, a policy is generated that allows the application to run without any warnings. However, events that are not covered still generate a warning. Normally, that is an indication of a security problem. Systrace improves cyber security by providing intrusion prevention.
Alternatively, policies can be learned automatically. In many instances, the automatically learned policies can be used for sandboxing immediately. Sometimes, minimal manual post-processing is necessary.
With Systrace, untrusted binary applications can be sandboxed. Their access to the system can be restricted almost arbitrarily. Sandboxing applications that are available only as binaries is only sensible, as it is not possible to directly analyze what they are designed to do. However, constraining the system calls that large open-source applications are allowed to execute is useful too, as it is very difficult to determine their correctness.
System call arguments can be rewritten dynamically. This effects a virtual chroot for the sandboxed application. It also prevents race conditions in the argument evaluation.
Main features:
- Confines untrusted binary applications.
- Interactive Policy Generation with Graphical User Interface.
- Supports different emulations:
- GNU/Linux, BSDI, etc..
- System Call Argument Rewriting.
- Non-interactive Policy Enforcement.
- Remote Monitoring and Intrusion Detection.
- Privilege Elevation: Add-on capabilities.
For complicated applications, it is difficult to know the correct policy before running them. Initially, Systrace notifies the user about all system calls that an application tries to execute. The user configures a policy for the specific system call that caused the warning. After a few minutes, a policy is generated that allows the application to run without any warnings. However, events that are not covered still generate a warning. Normally, that is an indication of a security problem. Systrace improves cyber security by providing intrusion prevention.
Alternatively, policies can be learned automatically. In many instances, the automatically learned policies can be used for sandboxing immediately. Sometimes, minimal manual post-processing is necessary.
With Systrace, untrusted binary applications can be sandboxed. Their access to the system can be restricted almost arbitrarily. Sandboxing applications that are available only as binaries is only sensible, as it is not possible to directly analyze what they are designed to do. However, constraining the system calls that large open-source applications are allowed to execute is useful too, as it is very difficult to determine their correctness.
System call arguments can be rewritten dynamically. This effects a virtual chroot for the sandboxed application. It also prevents race conditions in the argument evaluation.
Main features:
- Confines untrusted binary applications.
- Interactive Policy Generation with Graphical User Interface.
- Supports different emulations:
- GNU/Linux, BSDI, etc..
- System Call Argument Rewriting.
- Non-interactive Policy Enforcement.
- Remote Monitoring and Intrusion Detection.
- Privilege Elevation: Add-on capabilities.
Systrace 1.6d Screenshot
Systrace 1.6d Keywords
Systrace 1.6d
systrace enforces system call policies
enforces system call policies
system call
can be
access to
Systrace
system
applications
policy
policies
user
Systrace 1.6d
Security
Miscellaneous
Bookmark Systrace 1.6d
Systrace 1.6d Copyright
WareSeeker periodically updates pricing and software information of Systrace 1.6d full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of Systrace 1.6d Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
Featured Software
Want to place your software product here?
Please contact us for consideration.
Contact WareSeeker.com
Related Information
applications for employment
systemax
perl system call
solar system
systrace equivalent
job applications
system sensor
applications for jobs
open door policy
system calls
system of a down
applications for blackberry storm
unix system calls
system32
applications of computer
blackberry applications
digestive system
policy manual
Related Software
Tresys Brickwall software makes it easy to manage the power of SELinux. Free Download
tagji implements a fake but working tagging file system. Free Download
TOPCASED is a Toolkit in OPen source for Critical Applications and SystEm Development Free Download
The issPolicy utility allows ISS RealSecure Network Sensor and policy files to be converted into a single HTML file. Free Download
Konstruct is a toolset for installing KDE with KOffice, KDevelop, and other applications. Free Download
KeyCluster is a high availability (HA) system for mission critical applications running on Solaris (Sparc and x86), Linux, AIX. Free Download
schedtool can be used to query or alter a process scheduling policy under linux. Free Download
MUSCLE is a multiplatform, multilanguage, N-way client/server protocol library and server. Free Download
Latest Software
Popular Software
Favourite Software
