Top > Security > procwatch

procwatch - Watches a /proc filesystem for new messages

Procwatch watches a /proc filesystem for new processes. When a process is created, procwatch reports the time, the username, the PID, and the binary that was run. Its output is suitable for logging to log files and is geared for system administrators who are testing a new but as yet untrusted UNIX system. Although it cannot detect, and is not proof against, hacked loadable kernel modules that have modified /proc, it is useful in watching for possible rogue binaries.

Obtaining

Web pagehttp://www.speakeasy.net/~aguyot/procwatch
Source tarball http://www.speakeasy.net/~aguyot/procwatch/procwatch-1.2.tar.gz
Version 1.2 (stable) released on 2001-11-23
Licensed under Perl.
This is not a GNU package.

Support contacts

Help List<aguyot@xif.com>
Developer List<aguyot@xif.com>
Bug List<aguyot@xif.com>

Project contacts

Maintainers
Developers

Related information

Interfacescommand line
Source languagesPerl
Supported languagesPerl

Entry information

License verified byJanet Casey <jcasey@gnu.org> on 2001-03-26
Entry compiled byJanet Casey <jcasey@gnu.org>

Categories


The copyright licensing notice below applies to this text. The software described in this text has its own copyright notice and license, which can usually be found in the distribution itself.

Copyright © 2000, 2001, 2002, 2003 Free Software Foundation, Inc.

Permission is granted to copy, distribute, and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of this license is included in the file COPYING.DOC.

Please report any problems in this page to bug-directory@gnu.org, or find out how you can help fix them.

The FSF provides this directory as a service to the free software community. Please consider donating to the FSF to help support this project.