latchset / crypto-auditing Goto Github PK
View Code? Open in Web Editor NEWProvides a way to monitor cryptographic operations performed on a system
License: GNU General Public License v3.0
Provides a way to monitor cryptographic operations performed on a system
License: GNU General Public License v3.0
Similarly to TLS context names and TLS events, we should define IPsec (IKE) specific context names and events.
It would be nice if the crypto-auditing-event-broker
service is activated through a socket. This would require constructing UnixStream
from an FD received with receive_descriptors
in the libsystemd crate.
It would make sense to define some probe points for generic crypto operations, in a protocol agnostic way, for example:
pk::sign
, pk::encrypt
, pk::decrypt
, aead::encrypt
, aead::decrypt
context nameshash::algorithm
, pk::algorithm
, pk::key_size
, aead::algorithm
eventsMaybe we could use OID for *::algorithm
events if it is not too much burden to parse.
It would be useful if the agent can be compiled without support for io_uring, which is currently a hard requirement.
It would be nice to collect library names where probes are instrumented. This could be done in the following steps:
bpf_get_stack(..., BPF_F_USER_STACK)
/proc/$PID/map_files
directory and finds the library which is loaded and mapped to a memory area containing the symbol addressAs this may affect performance, a caching mechanism would be desired.
It would be nice to create a client that feeds events directly to Grafana as a data source when they arrive.
tokio_uring::fs::write_at
tries to write the entire content of buffer but the entire write may fail. It would be nice to schedule retry in that case.
This is not the case with tokio::io::AsyncWriteExt::write_all
.
Similarly to TLS context names and TLS events, we should define SSH specific context names and events.
We currently only have a couple of unit tests. It would be nice to have integration tests that exercise communication between the components (agent, event-broker, and client).
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.