This repository has been archived by the owner on Nov 14, 2021. It is now read-only.

[Feature Request] Kernel Module Insertion Alert #4

Open

nbulischeck opened this issue Oct 3, 2018 · 0 comments

Assignees

Labels

Owner

nbulischeck commented Oct 3, 2018

There is currently no alert system, but generating an alert every time a new module is inserted into the kernel would be helpful.

This can be done by:

Grabbing a list of currently installed kernel modules on init.
Storing that list of kernel modules in an internal linked list (preferably using the kernel's linked list implementation).
Comparing each run to see whether or not a module has been loaded/unloaded.

You could probably also use a refactored form of the analyze_modules function here to search for hidden modules as well.

The text was updated successfully, but these errors were encountered:

nbulischeck added the enhancement label

nbulischeck assigned klsimps

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.