LinuxQuestions.org - Sys call hooking

- Programming (https://www.linuxquestions.org/questions/programming-9/)

- - Sys call hooking - tracing (https://www.linuxquestions.org/questions/programming-9/sys-call-hooking-tracing-634082/)

return.c

04-08-2008 11:52 PM

Sys call hooking - tracing

I am developing a small program to monitor the Linux kernel for any Trojan / rootkit infection. I want to monitor the kernel, if any malware changes the system calls and alert the user. How to do this or what function calls to use for monitoring system call hooking ?

jailbait

04-09-2008 06:42 PM

You might be able to do what you want by using the kernel debug routine:

http://www.ibm.com/developerworks/li...brary/l-kdbug/

-----------------
Steve Stites

All times are GMT -5. The time now is 10:03 PM.