thr3ads.net - dtrace discuss - [dtrace-discuss] use dtrace as a security auditing tool [Jan 2008]

If this information is useful, please help other people find it:
Share via:

陶捷 TaoJie

2008-Jan-14 23:36 UTC

[dtrace-discuss] use dtrace as a security auditing tool

hi all:

I''ve read a silder, wrote by some sun engineer, talking about some key
features and key fbt/syscall/usdt ways to monitor the user''s
behavious.
Has anyone finished the whole scripts now? Is it practical in the real world?

Are there any references on the web?

thank you

kind regards,
TJ

Alan Coopersmith

2008-Jan-14 23:42 UTC

head link

[dtrace-discuss] use dtrace as a security auditing tool

?? TaoJie wrote:> I''ve read a silder, wrote by some sun engineer, talking about some
key
> features and key fbt/syscall/usdt ways to monitor the user''s
> behavious.
> Has anyone finished the whole scripts now? Is it practical in the real
world?
Wouldn''t dtrace''s design of dropping data when
there''s too much to avoid
impacting the system conflict with the goals of recording absolutely
everything that most auditing systems have?

-- 
	-Alan Coopersmith-           alan.coopersmith at sun.com
	 Sun Microsystems, Inc. - X Window System Engineering

dtrace discuss - Jan 2008 - use dtrace as a security auditing tool

[dtrace-discuss] use dtrace as a security auditing tool

[dtrace-discuss] use dtrace as a security auditing tool