Collect information about writers

Question

Collect information about writers

GoogleCodeExporter opened this issue 10 years ago · 5 comments

GoogleCodeExporter commented 10 years ago

Whenever a process writes data to the emulated device, the honeypot should 
collect data about that process.

Original issue reported on code.google.com by sebastian.poeplau on 12 Jun 2012 at 9:08

Answer 1 · 2015-03-23T17:01:14.000Z

Fixed milestone for issue.

Original comment by sebastian.poeplau on 12 Jun 2012 at 9:11

Added labels: Milestone-Release0.2

Answer 2 · 2015-03-23T17:01:14.000Z

Extracted information from kernel data structures (33e46e1c723e). Has yet to be 
stored in memory (only printed at the moment).

Original comment by sebastian.poeplau on 12 Jun 2012 at 11:30

Changed state: Started

Answer 3 · 2015-03-23T17:01:14.000Z

Original comment by sebastian.poeplau on 12 Jun 2012 at 9:08

Answer 4 · 2015-03-23T17:01:15.000Z

The information about processes that write data to the emulated device is now 
stored in the device's context structure (commit 2f0a5a4f5e73). The maximum 
number of writer info structs is limited to 32 in order to avoid excessive 
memory consumption. The user mode app will get an option to remove elements 
from the list to allow for new info structs (see issue 2).

Original comment by sebastian.poeplau on 15 Jun 2012 at 10:40

Changed state: Fixed

Answer 5 · 2015-03-23T17:01:15.000Z

Verified during mid-term evaluation of HP summer of code.

Original comment by sebastian.poeplau on 2 Aug 2012 at 12:50

Changed state: Verified