Thanks to visit codestin.com
Credit goes to github.com

Skip to content

xuyuuu/secbox

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
Makefile.clean
Makefile.clean
 
 
Makefile.control
Makefile.control
 
 
README.md
README.md
 
 
sec_box_accesslist.c
sec_box_accesslist.c
 
 
sec_box_accesslist.h
sec_box_accesslist.h
 
 
sec_box_blacklist.c
sec_box_blacklist.c
 
 
sec_box_blacklist.h
sec_box_blacklist.h
 
 
sec_box_common_list.h
sec_box_common_list.h
 
 
sec_box_control.c
sec_box_control.c
 
 
sec_box_init.c
sec_box_init.c
 
 
sec_box_md5sum.c
sec_box_md5sum.c
 
 
sec_box_md5sum.h
sec_box_md5sum.h
 
 
sec_box_netclean.c
sec_box_netclean.c
 
 
sec_box_netclean.file
sec_box_netclean.file
 
 
sec_box_netclean.lck
sec_box_netclean.lck
 
 
sec_box_netclean.sh
sec_box_netclean.sh
 
 
sec_box_ring.c
sec_box_ring.c
 
 
sec_box_ring.h
sec_box_ring.h
 
 
sec_box_socket.c
sec_box_socket.c
 
 
sec_box_socket.h
sec_box_socket.h
 
 
sec_box_swhook.c
sec_box_swhook.c
 
 
sec_box_swhook.h
sec_box_swhook.h
 
 
sec_box_tcpstat.c
sec_box_tcpstat.c
 
 
sec_box_tcpstat.h
sec_box_tcpstat.h
 
 

Repository files navigation

secbox

============================================================================= Project Introduction

This is a security project which needs to run in linux platform.
It would cleanup resource with tcp socket.
It would avoid running malicious process which in blacklist.
It would avoid killing protected process which in protectlist.
It would avoid accessing the directory which in blacklist.

============================================================================= Build and use

platform Introduction: must build in kernel 2.6.32-431(Centos-6.5).

1.Makefile run 'make' commond to produce sec_box.ko.
insmod the kernel module.

2.Makefile.control
run 'make -f Makefile.control' commond to produce sec_box_control.
run 'sec_box_control -h' commond for help.
You can use 'sec_box_control ......' tools to communicate with kernel.

3.Makefile.clean
run 'make -f Makefile.clean' commond to produce sec_box_cleaner.
run 'sec_box_cleaner -d[run in backgroud]' to scan tcp state and notify to kernel.

4.clean shell run './sec_box_netclean.sh -h' for help
run 'flock -e sec_box_netclean.lck ./sec_box_netclean.sh ......' to produce file sec_box_netclean.file
the program which run above step 3, it will notify dirty inode to kernel.

Thanks for looking !

About

TCP通信套接字泄漏清理与系统防护

Resources

Readme

License

GPL-2.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages