Real time integrity control of operating systems
MetadataShow full item record
It can be critical if an intruder gains access to an operating system and modify files. To prevent this Norwegian Defence Research Establishment has proposed a thesis that it is possible to do a real time integritycheck of a virtual operating system. We have looked upon a system using VMware Workstation 4 as the Virtual machine and Tripwire as the integrity controller. We have used Linux in the host operating system and in the virtual operating system. By modifying the host operating system’s IDE driver it is possible to monitor which blocks the virtual operating system is writng. These blocks are then used to find the inode and the path for the file that is written. The file is then integrity checked with Tripwire. The system we have developed uses approximately 45 seconds from a file is written and until it is discovered that the integrityis violated.
Masteroppgave i informasjons- og kommunikasjonsteknologi 2004 - Høgskolen i Agder, Grimstad
PublisherHøgskolen i Agder
Agder University College