Windows has a number of programs (generally referred to as Host-based Intrusion Prevention Systems) that offer protection against difficult security threats (such as zero-day exploits) by blocking potentially dangerous program behavior and asking the user whether to allow it. Linux has the "blocking behavior" part well covered by features such as SELinux and AppArmor, but is there anything (eg, a GUI for these features) that allows the decisions to allow behavior or to create new rules to be made interactively as the computer is used?
Asked
Active
Viewed 3,459 times
1 Answers
0
A HIPS is not necessary. If you want something that "locks down processes" then you should look into SELinux or AppArmor. I recommend AppArmor if you're a newb. Both SELinux and AppArmor are what are known as Mandatory Access Controls.
And, oh yeah, if you want a HIDS, then I suggest AIDE (free version of Tripwire), as the guy above mentioned.
Eds_k
- 111