473,383 Members | 1,891 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > c / c++ > questions > recording process startup (forks/exec etc) in unix

Join Bytes to post your question to a community of 473,383 software developers and data experts.

Recording Process Startup (forks/exec etc) in Unix

Hi All,

I am trying to find a way to record when processes on a Unix/Linux system
are started and when (i.e. new process ID, parent process ID, spawning
user,time) as a way of modeling user behavior in order to allow intrusion
detection. I was thinking of perhaps catching the SIGCHILD signal or
recording exec system calls. I could probably run this as root, so this
would probably be a daemon and record these to a logfile for a separate
analysis routine.

I am not opposed to roundabout programming, but I would like to do this
fairly efficiently. I could probably parse out the "/proc" filesystem or
the output of "/bin/ps", but I think that would make this method of
collection cause a performance hit in the system.

Does anyone know of any resources related to this or have any idea of how
to begin? I'd like to keep it in C if possible.

I appreciate your help!

Thanks,

Craig
Nov 13 '05 #1
1 1647
On Mon, 27 Oct 2003 20:45:05 GMT, The Boss
<bo****@deletethis.cs.usm.maine.edu> wrote in comp.lang.c:
Hi All,

I am trying to find a way to record when processes on a Unix/Linux system


Cross posting to this many newsgroups is rude. Especially when it is
off-topic in at least one of them, as it is in comp.lang.c. There are
no processes nor is there a UNIX or Linux in the C language.

Go to news:news.announce.newusers and read some articles on proper
posting manners. Scattering a question to every group with a name
that happens to make you think it might be relevant is just plain bad
manners.

[posted and mailed]

--
Jack Klein
Home: http://JK-Technology.Com
FAQs for
comp.lang.c http://www.eskimo.com/~scs/C-faq/top.html
comp.lang.c++ http://www.parashift.com/c++-faq-lite/
alt.comp.lang.learn.c-c++ ftp://snurse-l.org/pub/acllc-c++/faq
Nov 13 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
runtime.exec Process
by: uwnewsgroup | last post by:
When I was using Runtime.exec(String cmd) to run a unix utility (join), and try to get its standard output by using Process.getOutputStream(), it blocks forever. I tried it using Java 1.4 and...
Java
1
PEP 324: popen5 - New POSIX process module
by: Peter Åstrand | last post by:
There's a new PEP available: PEP 324: popen5 - New POSIX process module A copy is included below. Comments are appreciated. ---- PEP: 324 Title: popen5 - New POSIX process module
Python
0
(Win32) Timing out a process while reading process' output?
by: rtm | last post by:
I am interested in running a process with a timeout. Also I'm interested in analyzing the output of this process. Under Unix, the solution is described clearly in the Perl Cookbook "16.10: ...
Perl
6
Who spawns a dedicated server process?
by: Michael J. Moore | last post by:
Is it the listener process, or some other Oracle process. Also, on a UNIX system, when you do "ps -ef" to see your processes, the PPID points back to a process named "init". Why does the PPID not...
Oracle Database
2
Detecting problems in a forked process
by: James Colannino | last post by:
Hey everyone. I'm writing a small application in Python that uses os.fork() to create a separate process in which another application is run in the background. The problem is that I need to know...
Python
4
Security in an process started with exec
by: a | last post by:
Hi, The php script that processes user input from a form, starts a new process using exec. In my case, the process may contain arbitrary, user defined functionality. How do I ensure that that...
PHP
1
new to inter-process programming
by: JimC | last post by:
Hi all, Here's the problem: my main program forks two children, each of which execl() another program. That program is supposed to wait for the parent program to send a string to it (via...
C / C++
8
how to run multiple processes from a single process?
by: mandydhaliwal | last post by:
Hi all, I am porting a win32 c++ program on Linux which first reads a list of processes and their paths from a file.Then this program should launch all of thesese processes. I tried to...
C / C++
4
Kill Child Process
by: Ashit Vora | last post by:
Hi, My query is... I have a parent process which forks a child process to perform certain task. I wish to terminate the child process after certain amount of time (say 60 secs). Since I dont...
C / C++
1
Cloud Servers without Credit Card and Email Registration: A Simpler Way to Get on the Cloud
by: CloudSolutions | last post by:
Introduction: For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
General
0
Wordpress or something else?
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
Content Management Systems
0
isladogs
Access Europe: Command bars, the Access Shortcut Tool and a simple Audit Log - Wed 3 April
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...
General
0
One-click Importing Excel Data into a*Database
by: ryjfgjl | last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
Microsoft Excel
0
Easy Steps to Fix "Canon Printer Won't Connect to WiFi Network"
by: taylorcarr | last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
General
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!