Welcome on the KISS project homepage !

KISS is a host-based kernel-side security improvement for BSD and Linux operating systems. KISS can be compared as a host intrusion detection system, but we personally think it is rather more than that.

KISS is a young and opensource project, released under the terms of a dual BSD / GPL license. It means that the end-user is free to choose the license he wants.

Here are the features KISS is able to bring you :

• Checking the integrity of your binary files upon execution by computing digest MD5 signatures;
• Hiding files and processes to a list of untrusted users, using a rule-based interface like a network firewall;
• Handling actions on a few interesting internal kernel events, according to a set of processes, users or groups in the system using a tiny scripting language;
• Exchanging alarms from one or more remote KISS systems, using either plain-text or SSL connections;
• Loading plugins dynamically into gateways, and storing your alarms wherever you want. You can also write your own plugins, using the provided development kit for the C language. KISS comes with a MySQL plugin.

KISS can be installed on FreeBSD and OpenBSD, and is currently ported to the Linux platform.

The KISS handbook may provide you additional information.