Real-time exploits tracking with Anti-Exploit
Source: IT Observer - Posted by Pax Dickinson   
Host Security This is a review of the first on-access Anti-Exploit scanner. Anti-Exploit can help IT professionals to discover local attackers before they manage to execute malicious programs.

The Anti-Exploit exploit scanner utilizes kernel features to identify suspicious files when they are created or used. Anti-Exploit tags suspicious file by checking its md5 value (will be changed to signature-based) and comparing it against a database of well-known malicious tools such as exploits, rootkits, etc.

Anti-Exploit does not require any special modules for installation and on most systems it will be installed smoothly. The only additional package required is Dazuko Linux kernel module, which provides an interface for file system access control. Anti-Exploit comes with a configuration file, enables one to modify settings such as proxy information (for updates), email alerts and more. It must be edited prior executing the final installation step.

Read this full article at IT Observer

Only registered users can write comments.
Please login or register.

Powered by AkoComment!