SID-IDS is a PTY host intrusion detection system.
The kernel part plugs into a terminal-processing
subsystem and logs hashed terminal lines. The user
part reads log entries (hashes) and takes
appropriate action upon unexpected log entries.
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.
The user part now supports privilege separation. A
fix on the Linux 2.6 kernel part makes sure
multicharacter input in the read buffer is handled
correctly.
This release comprises packaging support for Debian systems with 2.6 kernels. A binary Debian SID kernel package for 2.6 kernels is also included (though it will probably only work with kernel version 2.6.8-1-386 #1).
This release comprises first-time x86 Linux 2.6 kernel
support. A minor bugfix in the user part concerning segfaults
for the SHA-1 passphrase creation mode is applied as well.
The option to syntax check a configuration file has been added to the user part. A HUP signal sent to the (user) daemon reloads the configuration or loads a new configuration. As for bugfixes, children (leftover from automated actions) are now collected by the parent; some code cleanup was applied to the user tree in order to remove remainders of the original 'allowed commands' feature. There were no changes for the kernel parts (neither Solaris nor Linux 2.4).
The user part shouldn't crash anymore when executing automated actions upon intrusions. The '-s' command line flag should now work as advertised in the usage.
