Ubuntu 14.04 (kerner ver. 3.13.0-32 generic) compatibility with Xen 4.6 about drakvuf HOT 3 CLOSED

No, the kernel should work just fine, I have several servers running Xen
4.6 with 14.04 dom0. The EFI warning you can ignore if your system is set
to legacy boot. I found that to be easier to deal with generally.
On Feb 2, 2016 5:51 AM, "Preetixen" [email protected] wrote:

Hi,

I am installing DRAKVUF but afer running make -j4 install xen
Error: EFI_VENDOR not set comes I tried to fix the issue but i could not
resolved it

Also, I searched Xen 46 compatibility with UBUNTU 1404 I found that ubuntu
1404 has no repository for installing xen 46 However, it has repository for
xen 44

Is this related with the compatibility issue with ubuntu 1404 kernel?

—
Reply to this email directly or view it on GitHub
#56.

from drakvuf.

Hi, I reolved the EFI partitioning issue. However, full installation is under progress. some more error comming.

Th main reason for setting up DRAKVUF is to extract the behavior of different user function calls and kernel function calls as well.

1. I have read DRAKVUF provides the trapping of kernel function calls and hence easy to detect rootkits. Is it possible to trap the user level function calls also.
2. I have to gather system call traces of different malware and monitored user programs running in virtual machine using DRAKVUF. How to do it?

from drakvuf.

1. Not at the moment, right now the only supported monitoring is of the Windows kernel's internals. I have plans to add support for user-space monitoring as well but it may be a while before that is added.
2. I'm not sure I understand the question. You compile DRAKVUF and start it on a VM where you have the malware running. You can start the execution of the malware sample if you provide the -i and -e options. Type drakvuf --help to see all available options.

I'm closing this issue as the topic seem to have diverged from what it was originally about. Feel free to open another issue if you have more questions.

from drakvuf.