Saint Jude software aims to safeguard the authenticity of host systems by building Kernel-Level IDS mechanisms.
As a Linux kernel module, Saint Jude should be loaded as quickly as possible to ensure continuous monitoring of all daemon processes, including those that start via the rc scripts. Therefore, it is recommended to load the module as an init process before executing the rc scripts to ensure uninterrupted monitoring of the system.
To use Saint Jude, one must compile and configure the module in two distinct modes- learning mode, and normal mode. During learning mode, the software generates a series of log files through klogd, which will be used to develop a customized rule set for each host system. Once the ruleset has been developed, it can replace the default ruleset, and the module can be compiled into normal mode, where it will actively enforce and protect the host system.
Overall, Saint Jude is an exceptional software solution that offers an advanced level of protection for the host system. The software has been designed with user convenience in mind, and it comes with easy-to-follow instructions that make it easy to compile, configure and use the module.
Version 0.23: N/A