| 关于Linux审计信息的获取 |
| |
| 引用本文: | 卢纲,张丽芬.关于Linux审计信息的获取[J].北京理工大学学报,2001,21(1):69-72. |
| |
| 作者姓名: | 卢纲 张丽芬 |
| |
| 作者单位: | 北京理工大学 计算机科学与工程系, |
| |
| 摘 要: | 为了达到安全管理单机或网络系统的目的,需要全面地获取Linux系统下各种所需的审计信息。通过分析Linux内核源代码,并根据Linux系统提供的内核可加载模块以及系统调用的机制,找出获取Linux审计信息的方法。通过编写核心监控模块和记录构造模块,实出了在Linux系统下获取各种审计信息。证明了利用改造内核获取系统审计信息方法的可行性,并且克服了Linux系统原有日志信息的不足。
|
| 关 键 词: | 日志信息 审计信息 操作系统 WIX操作系统 Linux |
| 文章编号: | 1001-0645(2001)01-0069-04 |
| 修稿时间: | 2000年6月25日 |
Getting AuditInformation in Linux |
| |
| LU Gang,\ ZHANG Li fen.Getting AuditInformation in Linux[J].Journal of Beijing Institute of Technology(Natural Science Edition),2001,21(1):69-72. |
| |
| Authors: | LU Gang \ ZHANG Li fen |
| |
| Abstract: | To achieve the goal of administrating mainframe and network safely, it is necessary to acquire various audit information in a Linux system completely. According to the mechanisms of Linux's loadable module and system call, the sources are analyzed and the method of getting audit information in Linux is determined. By constructing the kernel monitor module and record creating module, the aim in getting various audit information in a Linux system is achieved. Finally, the method of getting audit information of a system by customizing the kernel is demonstrated to be feasible and reliable, and the insufficiency of Linux's original log information is overcome. |
| |
| Keywords: | log information audit information operating system |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《北京理工大学学报》浏览原始摘要信息 |
| 点击此处可从《北京理工大学学报》下载免费的PDF全文 |
