AntiExploit is the first ON-ACCESS exploit-scanner for Linux and FreeBSD. Aexpl can help you to identify local intruders or users who want to harm your or other systems with well known tools.
aexpl uses the dazuko kernel-modul and md5sums (signatures are planed) to identify bad files when they are created or used by listenning to the kernel file systemcalls. So you can immediately interact with the file and fileowner.
