As many of you may or may not know there is a handy utility available for
Intrusion detection, SNARE. The SNARE software, rpm and source, are
available at http://www.intersectalliance.com/projects/Snare/index.html.
I am running into issues compiling this software on my Z/VM guest running
SuSE
: Eric Sammons [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 02, 2003 9:12 AM
To: [EMAIL PROTECTED]
Subject: SNARE install on SuSE 2.4.7-timer-SMP
As many of you may or may not know there is a handy utility available for
Intrusion detection, SNARE. The SNARE software, rpm and source
:
Subject:Re: SNARE install on SuSE 2.4.7-timer-SMP
Eric,
If you have the kernel-source RPM installed, you'll need to run a make
dep
command to create the include/linux/version.h file. To do this, you'll
probably have to do:
cd /usr/src/linux
cp /boot/kernel/.config
Those messages indicate you're compiling code targetted at the x86
architecture.
-Original Message-
It seems that the below got me further; however, I am not investigating
the following errors:
gcc -c -g -O6 -DMODULE -D__KERNEL__
-I/lib/modules/2.4.7-timer-SMP/build/include
/2003 12:42 PM
Please respond to Linux on 390 Port
To: [EMAIL PROTECTED]
cc:
Subject:Re: SNARE install on SuSE 2.4.7-timer-SMP
Those messages indicate you're compiling code targetted at the x86
architecture.
-Original Message-
It seems that the below
have the fixes for it
already.
Mark Post
-Original Message-
From: Eric Sammons [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 02, 2003 12:39 PM
To: [EMAIL PROTECTED]
Subject: Re: SNARE install on SuSE 2.4.7-timer-SMP
Not being that familar with the Z/Linux implementation and building
That's not what I mean. It appears the routine audit_execve in auditmodule.c
assumes a kernel structure to which it refers contains places to store the
x86 registers like ebx. This is probably some context information found in
places like tss_struct (in processor.h) or sigcontext (in
