A collection of three tools that are designed to protect linux from rootkits.
Protects the system call table, by monitoring it. In case of an attempt of modifying the system call table, it will get a snapshot of the processes running in the system and freeze the machine.
Dresden blocks all the attempts to insert modules in the kernel. In case of attempting to insert a module, apart from blocking it, it will dump its instruction memory and log a warning message.
Logs all network communication by probing the inet stack of the kernel.
In case you want to support the development, feel free to send a few bits here 17U479M6uMfsqh7vP2ZMKr62pNVjvCNxvu