* SNARE and C2 auditing under 2.5.x
@ 2003-06-10 11:57 Red Phoenix
2003-06-10 14:42 ` 536EP linux winmodem Nicolas
0 siblings, 1 reply; 4+ messages in thread
From: Red Phoenix @ 2003-06-10 11:57 UTC (permalink / raw)
To: linux-kernel
Sorry for the late reply - I've only just spotted the May 21 thread.
>I may be repeating this question, but is there an effort to brigning
>snare code to 2.5.x?
If people are interested, then definitely!
I'm about 80% of the way through a kernel-patch version of snare, and have
it working nicely on a 2.4.18 based system. I'm just about to try and
re-apply the changes to 2.4.20 tonight.
For those that don't know, Snare is a C2-style auditing capability, roughly
analagous to Solaris BSM, or the Windows EventLog subsystem. Until recently,
Snare existed as a kernel module that used sys_call_table to overlay
auditing functionality on a bunch of system calls (yes, I know - it should
be the 8th deadly sin ;). It's now being retooled as a kernel patch.
I've heard through the grapevine that Snare is a required part of the US DoD
Common Operating Environment for Linux installations, has been evaluated by
mitre.org, was one of the apps in the 'use of open source tools in the DoD'
report that came out a while back, is in use inside the Aussie intelligence
community (no jokes about contradictions please ;), was recently featured at
SANS, and is also part of RH Adv Server... so it's probably becoming too
popular to run as a 'two occasional developers' project - at least for the
kernel components.
Although I've been working with audit logs on a bunch of systems for
many-a-year, my kernel experience is limited, so although the RH kernel team
has helped out in the past, and AC has offered to cast an eye or two over
the code, it's probably time that we consider including more capable hands
in the development process - any assistance, or suggestions on the way
forward, would definitely be welcome!
Regards,
Leigh. (please cc me in replies - Leigh [dot] Purdie at intersectalliance
DOT com)
.. sorry in advance for any hotmail crud below - front-line spam defence..
_________________________________________________________________
MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
http://join.msn.com/?page=features/virus
^ permalink raw reply [flat|nested] 4+ messages in thread
* 536EP linux winmodem
2003-06-10 11:57 SNARE and C2 auditing under 2.5.x Red Phoenix
@ 2003-06-10 14:42 ` Nicolas
2003-06-11 19:54 ` Pavel Machek
0 siblings, 1 reply; 4+ messages in thread
From: Nicolas @ 2003-06-10 14:42 UTC (permalink / raw)
To: linux-kernel
Hello,
Sorry to disturb with a winmodem ...
don't flame me please !
Is there somebody having a working 536EP linux modem driver
on 2.5.xx series ?, I began to port the old
driver but with many irq problems related stuff, just
compilation stage at this time ... :(
Regards.
Nicolas.
00:0a.0 Communication controller: Intel Corp. 536EP Data Fax Modem
Subsystem: Creatix Polymedia GmbH V.9X DSP Data Fax Modem
Flags: bus master, medium devsel, latency 32, IRQ 17
Memory at e8000000 (32-bit, non-prefetchable) [size=4M]
Capabilities: <available only to root>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: 536EP linux winmodem
2003-06-10 14:42 ` 536EP linux winmodem Nicolas
@ 2003-06-11 19:54 ` Pavel Machek
2003-06-12 7:24 ` Nicolas
0 siblings, 1 reply; 4+ messages in thread
From: Pavel Machek @ 2003-06-11 19:54 UTC (permalink / raw)
To: Nicolas; +Cc: linux-kernel
Hi!
> Sorry to disturb with a winmodem ...
> don't flame me please !
>
> Is there somebody having a working 536EP linux modem driver
> on 2.5.xx series ?, I began to port the old
> driver but with many irq problems related stuff, just
> compilation stage at this time ... :(
Do you have driver sources?
Pavel
> 00:0a.0 Communication controller: Intel Corp. 536EP Data Fax Modem
> Subsystem: Creatix Polymedia GmbH V.9X DSP Data Fax Modem
> Flags: bus master, medium devsel, latency 32, IRQ 17
> Memory at e8000000 (32-bit, non-prefetchable) [size=4M]
> Capabilities: <available only to root>
--
When do you have a heart between your knees?
[Johanka's followup: and *two* hearts?]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: 536EP linux winmodem
2003-06-11 19:54 ` Pavel Machek
@ 2003-06-12 7:24 ` Nicolas
0 siblings, 0 replies; 4+ messages in thread
From: Nicolas @ 2003-06-12 7:24 UTC (permalink / raw)
To: Pavel Machek; +Cc: linux-kernel
You have access to a part of the sources :(
http://linmodems.technion.ac.il/packages/Intel/
but there is a big "536epcore.lib",
I don't know if it is workable in a 2.5 kernel ...
I was just trying to compile the source part and it doesn't
because of irq related stuffs at this time.
Maybe I'm too naive, and
536epcore.lib is a big problem...
Nicolas.
Le Mercredi 11 Juin 2003 21:54, Pavel Machek a écrit :
> Hi!
>
> > Sorry to disturb with a winmodem ...
> > don't flame me please !
> >
> > Is there somebody having a working 536EP linux modem driver
> > on 2.5.xx series ?, I began to port the old
> > driver but with many irq problems related stuff, just
> > compilation stage at this time ... :(
>
> Do you have driver sources?
> Pavel
>
> > 00:0a.0 Communication controller: Intel Corp. 536EP Data Fax Modem
> > Subsystem: Creatix Polymedia GmbH V.9X DSP Data Fax Modem
> > Flags: bus master, medium devsel, latency 32, IRQ 17
> > Memory at e8000000 (32-bit, non-prefetchable) [size=4M]
> > Capabilities: <available only to root>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2003-06-12 7:08 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-06-10 11:57 SNARE and C2 auditing under 2.5.x Red Phoenix
2003-06-10 14:42 ` 536EP linux winmodem Nicolas
2003-06-11 19:54 ` Pavel Machek
2003-06-12 7:24 ` Nicolas
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.