O'Reilly logo

DTrace: Dynamic Tracing in Oracle by Jim Mauro, Brendan Gregg

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

11. Security

Since DTrace can examine custom events on the system with whatever additional data is of interest, it can be applied for various uses in computer security. These include the following:

• Sniffing, such as real-time forensics

• Monitoring:

– Custom auditing

– Host-based Intrusion Detection Systems (HIDS)

• Policy enforcement

• Security debugging:

– Privilege debugging

– Reverse engineering

Scripts are provided in this chapter to demonstrate these uses. These and additional topics including DTrace privileges and DTrace-based attacks are discussed first.

Privileges, Detection, and Debugging

In this section, we discuss the Solaris privileges associated with using DTrace and how DTrace can be used in several important security scenarios. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required