Quote:
Originally Posted by shahg_shahg
i badly need an "application behavior detection system"
|
Could you tell us why or what requires this? I'm asking because passive or on the fly detection can be done by a host of things, for reactive detection ideas see Systrace or equivalent, but adding the term "behaviour" sounds like a) marketoid language from Intrusion Prevention Systems (IPS) vendors, and b) points to a framework or application having a prefab ruleset, learning and blocking capabilities. AFAIK there is no such thing (usable, complete, polished) for GNU/Linux right now. If you're haven't done so already I would suggest to first take measures you can do right now to harden your machine and worry about this later on.
Quote:
Originally Posted by shahg_shahg
especially for the undetected computer viruses ...
|
Viruses are not the biggest threat to GNU/Linux. Please search Linuxquestions.org for discussions about viruses to learn why.