Loading ...
Sorry, an error occurred while loading the content.

ANN: syscalltrack version 0.60 released

Expand Messages
  • mulix
    [ apologies to those of you who get this announcement more than once ] Haifux, the Haifa Linux Club (http://linuxclub.il.eu.org) is proud to present
    Message 1 of 1 , Sep 18 11:39 AM
      [ apologies to those of you who get this announcement more than once ]

      Haifux, the Haifa Linux Club (http://linuxclub.il.eu.org) is proud to
      present 'syscalltrack-0.60', the first _alpha_ release of the
      system-call-tracking linux kernel module and user space utilities.
      'syscalltrack' supports both versions 2.2.x and 2.4.x of the linux

      * What is syscalltrack?

      Imagine you have a file being deleted every day at midnight. How will
      you know which process does it?

      Imagine you wish to know when any non root process tries to open a file
      for writing, but you dont care if it tries to open it for reading. How
      will you do that?

      Imagine you wish to know when _any_ process tries to temper with
      /var/log/messages. How will you do it?

      'syscalltrack' is a linux kernel module which allows you to hijack and
      track any system call invocation on your linux box. Using a
      configuration utility you can specify 'filters' based on both system
      call parameters and process state parameters. You also specify 'actions'
      to take if the the filter matches - for example, you can log the
      invocation to a log file. More actions are planned but not yet

      For example, you might say "log all processes which try to 'unlink'
      '/etc/passwd" or "log all processes which try to 'open' '/dev/dsp' with
      a mode of O_CREAT, where the UID is less than 100 and the GID is more
      than 1000".

      * Where can i get it?

      Information on 'syscalltrack' is available on the project's homepage:
      http://syscalltrack.sf.net, and in the project's file release.

      Files and development information are available from

      You can download the source directly from:

      * Call for developers:

      The syscalltrack project is looking for developers, both for kernel
      space and user space. If you want to join in on the fun, get in touch
      with us on the 'syscalltrack-hackers' mailing list

      * License and NO Warrany

      'syscalltrack' is Free Software, licensed under the GNU General Public
      License (GPL) version 2. The 'sct_ctrl_lib' library is licensed under
      the GNU Lesser General Public License (LGPL).

      'syscalltrack' is in early _alpha_ stages and comes with NO warranty. If
      it breaks something, you get to keep all of the pieces. You have been
      warned (TM).

      Happy hacking and tracking!


    Your message has been successfully submitted and would be delivered to recipients shortly.