Yin Yang - Linux Real-Time On-Access File Scanner
Kernel module to detect file opening and passes it to
a daemon for action such as logging file transactions,
anti-virus checking, and other file activities.
Ideal for real-time on-access file scanning.
------------------------------------------------------------------------------
1. File opening intercepted 7. Call original file open
(e.g. /bin/cat /var/log/messages) (e.g. /var/log/messages)
|| /\
\/ ||
2. Kernel module (e.g. /var/log/messages) 6. Kernel module
(Get full path of file from file opening signal) (Message logged if virus)
|| /\
\/ ||
3. User daemon (e.g. TCP/IP 127.0.0.1:50951) 5. User daemon (e.g. "1")
(Passes the pathname to file scanning script (Get status and
e.g. anti-virus) return response)
|| /\
|| ||
=============> 4. Script (e.g. scannersock.pl -> anti-virus) ===========
(Returns status from file scanning)
------------------------------------------------------------------------------
Download Full Version (GPL Licensed)
Primac