These notes refer to the Linux Intrusion Detection System
If you have no experience in installing a new Kernel please refer to the KernelNotes section.
Assumes the lids package is installed in /usr/src/lids-{version}-{kernel-version}, and the kernel source is installed to /usr/src/linux-{kernel-version}. The examples will assume kernel 2.6.0 and lids 2.0.3 for 2.6.0.
Patch the source of the 2.6.x kernel with the LIDS patch
% cd /usr/src/linux-2.6.0 % patch -p1 < /usr/src/lids-2.0.3-2.6.0/lids-2.0.3-2.6.0.patch
Configure the lidstools package
% cd /usr/src/lids-2.0.3-2.6.0/lidstools-0.5.1 % ./configure KERNEL_DIR=/usr/src/linux-2.6.0
Install the lidstools package
% make % make install
Configure the 2.6.x kernel (make config|menuconfig|xconfig) and enable LIDS
% cd /usr/src/linux-2.6.0 % make menuconfig
--> Security Options
[*? Enable Different Security Models < > Default Linux Capabilities --> Linux Intrusion Detection System
<M> Linux Intrusion Detection System support (EXPERIMENTAL)
Build the new kernel
% make all % make modules_install
Setup the ACLs for your LIDS installation (/etc/lids)
% cd /etc/lids
check the files: lids.ini, lids.net, lids.*.cap, lids.*.conf
Install the new kernel
Don't forget to update your BootLoader (GRUB, LILO, or other) to be able to load the new kernel.
Test the kernel
% reboot
Load the LIDS module
% modprobe lids
No page links to LIDSNotes.