-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Andy Pieters wrote:
| Hi all | | Those of you who have had the punishment of maintaining | workstations with m$ on it might have heard, or even used filemon | (from sysinternals). It hooks itself on the kernel and keeps an | eye on what application accesses what file. | | Is anyone aware of such an utlity for Linux? No fancy gui needed, | plain old cli will suffice. | | Basically what I want to do is launch the app, then run another | program and see what files are being opened by that program. | | | Kind regards | | | Andy |
Dear Andy
take a look at grsecurity patch for example (http://www.grsecurity.net), also theres the hashing approach (integrit, tripwire, ....)
maybe one of these is interresting for you...
Greetings Oliver Leitner Technical Staff http://www.shells.at -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32)
iD8DBQFCp449xHPquN24yVsRAt+VAKDuLJ8sSYdwrtIB5ETDcLDxmZcgJACfQ5uN UKQTpuIVQSkzCqU1VbXo/hw= =FhGE -----END PGP SIGNATURE-----
