next up previous
次へ: lidstoolsのコンパイル 上へ: LIDSのインストール 戻る: LIDSのインストール

kernelにパッチをあてる

lidstoolsは、コンパイル時にデフォルトで、パッチのあたったカーネルソースを要求するので、最初にカーネルにパッチをあてておきます。
[root@localhost work]# cd /usr/src/linux
[root@localhost linux]# ls
COPYING        MAINTAINERS  REPORTING-BUGS  drivers  init    lib  scripts
CREDITS        Makefile     Rules.make      fs       ipc     mm
Documentation  README       arch            include  kernel  net
[root@localhost linux]$ patch -p1 < /home/omok/work/lids/lids-1.1.2rc5-2.4.20/lids-1.1.2rc5-2.4.20.patch
patching file arch/alpha/config.in
patching file arch/alpha/defconfig
patching file arch/arm/defconfig
patching file arch/cris/defconfig
patching file arch/i386/config.in
patching file arch/i386/defconfig
patching file arch/i386/kernel/ioport.c
patching file arch/i386/kernel/ptrace.c
patching file arch/i386/kernel/vm86.c
patching file arch/ia64/config.in
patching file arch/ia64/defconfig
patching file arch/m68k/defconfig
patching file arch/mips/config.in
patching file arch/mips64/config.in
patching file arch/mips64/defconfig
patching file arch/parisc/config.in
patching file arch/parisc/defconfig
patching file arch/ppc/config.in
patching file arch/ppc/defconfig
patching file arch/s390/config.in
patching file arch/s390/defconfig
patching file arch/s390x/defconfig
patching file arch/sh/config.in
patching file arch/sh/defconfig
patching file arch/sparc/config.in
patching file arch/sparc/defconfig
patching file arch/sparc64/config.in
patching file Documentation/Configure.help
patching file fs/buffer.c
patching file fs/dcache.c
patching file fs/dquot.c
patching file fs/exec.c
patching file fs/namei.c
patching file fs/namespace.c
patching file fs/open.c
patching file fs/proc/base.c
patching file fs/proc/root.c
patching file fs/readdir.c
patching file fs/read_write.c
patching file fs/super.c
patching file include/linux/capability.h
patching file include/linux/lidsext.h
patching file include/linux/lids.h
patching file include/linux/lidsif.h
patching file include/linux/rmd160.h
patching file include/linux/sched.h
patching file include/linux/sysctl.h
patching file include/linux/tty.h
patching file init/main.c
patching file kernel/Config.in
patching file kernel/exit.c
patching file kernel/fork.c
patching file kernel/klids.c
patching file kernel/ksyms.c
patching file kernel/lids.c
patching file kernel/lids_logs.c
patching file kernel/lids_mail_script.c
patching file kernel/lids_net.c
patching file kernel/lids_syslog_script.c
patching file kernel/Makefile
patching file kernel/ptrace.c
patching file kernel/rmd160.c
patching file kernel/signal.c
patching file kernel/sys.c
patching file kernel/sysctl.c
patching file net/core/rtnetlink.c
patching file net/ipv4/af_inet.c
patching file net/ipv4/lids_check_scan.c
patching file net/ipv4/Makefile
patching file net/ipv4/netfilter/ip_queue.c
patching file net/ipv4/proc.c
patching file net/ipv4/tcp_ipv4.c
patching file net/ipv4/udp.c
patching file net/ipv6/af_inet6.c
patching file net/ipv6/netfilter/ip6_queue.c
patching file net/socket.c

[root@localhost linux]$
/usr/src/linuxでmake menuconfigをしてみると、LIDSの項目が増えている事が分かります。
図 1: Linux Intruder Detection Systemの項目が追加されている。
\includegraphics[width=10cm clip]{/home/omok/tex/koedo_may_2003/LIDS1.ps}
LIDSの項目の中には、いろいろとオプションがあります。詳細は後述します。
図 2: Linux Intruder Detection System内のオプション。
\includegraphics[width=10cm clip]{/home/omok/tex/koedo_may_2003/LIDS2.ps} \includegraphics[width=10cm clip]{/home/omok/tex/koedo_may_2003/LIDS3.ps} \includegraphics[width=10cm clip]{/home/omok/tex/koedo_may_2003/LIDS4.ps}


Kazuki Omo 平成15年5月16日