Mozilla has released a tool that allows for real-time scan the memory of a great number of servers on any suspicious items. The open source developer manages thousands of servers for the development of products and offering services.
Developed to monitor the security of these servers was the Mozilla Investigator (MIG). MIG can the file system and network information on thousands of machines simultaneously monitors, which should provide more insight into the infrastructure.Until recently, however, it was not possible to isolate MIG to analyze the memory of running processes. Yet it would be for security investigation.
Masche
In recent months developed several students why a "memory forensics library" on Linux, Mac OS and Windows is running. Masche , as the tool is called, can scan the memory of running processes, without having impact on the system. It does not offer the same detail as advanced forensic software, but is focusing on " regexes "and" byte strings "in the processes of many systems.
This makes it possible to monitor the memory of such systems quickly and in real-time. The source code of Masche is completely open source and available on Github . Mozilla tool will integrate within MIG and deploy within their own infrastructure. This should ultimately improve scanning performance of the tool, which in turn Mozilla will share with the community.
No comments:
Post a Comment