LockdownSourceCode - Main

University of Notre Dame NetScale Laboratory

Navigation

Main Main

Webs Webs

Main » Projects » LockDown » LockdownSourceCode

Lockdown Source Code

NOTE: all code is in constant development, newer versions will be posted as they are made available, use at your own risk!

DOWNLOAD latest package (updated 10/9/2009)
- ENAVis.zip: Latest ENAVis visual analysis tool and back-end data processing program. It includes a runnable .jar file and a few other libraries. Instruction: launch the run.bat/run.sh, goes to File-open, and select all included .ght files. Note: the included data is only a portion of data required to run the visualization tool properly. A few functions will not available (or even crash) without full data from setting up server and running the agents properly. But it's good for you to get started.

Monitor: The Monitor is installed on each host within the network and is responsible for collecting the local context [netstat, ps, and lsof data] and sending it to the collecting server.
- Linux: exp_deploy.zip
  - new release, 7/23/2008:exp_deploy_pkg.zip
- OS X 10.4: Lockdown_OSX_Monitor.tar
- Solaris: Lockdown_Solaris_Monitor.tar currently does not install into startup folders

Enforcer: The Enforcer is a Linux Security Module, LSM, that is responsible for enforcing policy within the kernel.
- Linux [2.6 kernel]: update coming soon

Repository/Parser/Viewer: The server processes data uploaded by the Monitors and manages the database (SQL) for storing the information. It contains analysis functions for extracting data patterns from the database. It also contains a GUI interface (viewer) to explore the data interactively and view the network activities in graphs in terms of hosts, users and applications.
- Server [JAVA]: expsicor_server.zip update coming
  - release, 7/23/2008:eXpiscor_viewer_pkg.zip

Backend Data Processing (Parser), Repository (Aggregator and File Server), Visualization tool (GUI client): Transition from SLQ database to Lockdown File System (LFS) as the backend to speed up data processing for a even larger scale of deployment.
- new release, 10/6/2008: Lockdown.zip

Lockdown.zip: Latest ENAVis visualization tool and data processing program

ENAVis.zip: Latest ENAVis visualization tool and data processing program

Attachments Attachments

Attachment	Action	Size	Date	Who	Comment
ENAVis.zip	props, move	10327.2 K	23 Oct 2009 - 03:54	QiLiao	Latest ENAVis package (include test data)
eXpiscor_viewer_pkg.zip	props, move	5974.4 K	24 Jul 2008 - 02:39	QiLiao	NEW release of server/parser/viewer package with instructions, jar file, and source codes
exp_deploy_pkg.zip	props, move	10.0 K	23 Jul 2008 - 19:57	QiLiao	NEW release of agent installation package with instructions
lockdown-client.zip	props, move	13.1 K	05 Nov 2008 - 17:21	QiLiao	agent installation package
lockdown-server.zip	props, move	270.6 K	06 Nov 2008 - 17:54	QiLiao	data processor and server package
lockdown-viewer.zip	props, move	2334.8 K	05 Nov 2008 - 23:51	QiLiao	visualization tool package

r12 - 23 Oct 2009 - 03:54:36 - QiLiao

Copyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback

Syndicate this site RSS ATOM