Linux Intrusion Detection System

In

computer security, the Linux Intrusion Detection System 

(LIDS) is a patch to the Linux kernel and associated administrative

tools that enhances the kernel's security by implementing  [[Mandatory 

Access Control]] (MAC). When LIDS is in effect, chosen file access, all system network administration operations, any capability use, raw device, memory, and I/O access can be made impossible, even for root. One

can define which programs can access specific files. It uses and 

extends the system capabilities bounding set to control the whole system

and adds some network and filesystem security features to the kernel to
enhance the security. One can finely tune the security protections 

online, hide sensitive processes, receive security alerts through the network, and more. LIDS currently supports Linux kernel 2.6, 2.4. LIDS is released under the terms of the GNU General Public License (GPL).

As of 2013, the Project appears to be dead. The last updates on the homepage and in the associated forum are from 2010.

• Top 75 security tools in 2003, [http://sectools.org/tools2003.html

http://sectools.org/tools2003.html]

• Top 50 Security tools in 2000, [http://sectools.org/tools2000.html

http://sectools.org/tools2000.html]

• Best of Linux for October 9, 2000, [http://Linux.DaveCentral.com

http://Linux.DaveCentral.com]

• AppArmor
• Security-Enhanced Linux

• LIDS homepage