search

gmagklaras / POFR

Penguin OS Forensic (or Flight) Recorder
GNU General Public License v2.0
37 stars 5 forks source link

Fixdatarelationsgeorgios22102022 #3

Closed gmagklaras closed 1 year ago

gmagklaras commented 1 year ago

In an attempt to increase the accuracy of data and attempt to fix correlations between socket inodes and pids on the netinfo tables:

  1. Inserted in the SQL schema also the effective uid and effective guid data.
  2. Modified all client and server parsing logic to accommodate for 2.
  3. Attempted to increase the problematic correlations between socket numbers and pid at the netinfo tables.