krd prototype structure

version 0.1 pre

Modules found in krd:

* kcore reader, 1 function:

- kcore reader reads the complete /proc/kcore file and returns data sequences to the signature engine.

* signature engine, 2 functions:

- creates the signatures database via a text file named signatures.txt (located in /usr/local/etc/krd)

- checks for strings returned by the kcore reader module which matches with signatures and alerts the user

signatures engine functions:

void hex2str(); void generate_buffer(); void free_buffer(); void signatures_engine();

kcore reader functions:

void open_kcore(); void read_kcore(); void close_kcore(); void kcore_reader(); void krd_engine(char,unsigned char);

krd/general.txt · Last modified: 2010/04/15 21:18 (external edit)