hallo
we're a couple of students at the faculty of engineering cairo university doing our graduation project about intrusion detection
our goal is to design a intrusion detection system under linux and to develop it
it's our first time to work with linux so we have some problems
we could use any help about linux or about the development under it

the project data are:

language: C, C++
development env: Kdevelop
we are of communications major not CS so we are somehow behind in programming and OS

we would need some help in the following areas:

QT (GUI)
threads and processes
compiling and debugging in kdevelop

if anyone is intrested mail me: k_hassib@hotmail.com
thank you very much
and best regards

Did you check this thread ??
http://www.linux-egypt.org/showthread.php?threadid=1015

Regards & good luck

Hi there
do you need help as you need people to code the project with you? or you have specific questions about certain things?
you must have already taken a look at http://www.snort.org
if not, then you better do.
I have written a QT based app before so i can give you some high level guidelines.
basically what I think is the best idea , is to use designer which ships with QT3 and design the GUI in whatever way you want.
there, you specify the signals and slots and save the .ui file
from there you should convert that .ui file to .h and .cpp
$uic -o MyGUI.h MyGUI.ui
$uic -o MyGUI.cpp -impl MyGUI.h MyGUI.ui

this is going to generate the header and the base class implementation.
YOU DON't WANT TO modify those now.
what you should do is derive a class from class MyGUI
class RealGUI : public MyGUI
{
//
}
then there you can override whatever you want.
I believe you wont be able to make the functions pure virtual but in the base class but you could try.

after that you will use moc to generate the moc_ files of both the base class and the derived class.

one trick, if you modify the derived class, be sure that when you generate the moc the needed heders files are there, I have experienced a bug where the headers files wouldn't be there after I generate a new moc_*.cpp so I had to add them manually.

Now one thing you want to do , is think about your design and how the classes will interact with each other.
meanning : try to keep GUI related code sperated from the non GUI code, and decide wether the highest encapsulation should be :
-----------------------------------------
| |
| |
| GUI |
| |
| |
----------------------------------------
|
|
|
\/
----------------------------------------------
| Init interface |
| intialize the promiscious interface |
-----------------------------------------------
|
|
|
\/
-----------------------------------------------------
| |
| Grabber |
| (Grab the packets from the interface) |
----------------------------------------------------
|
|
| ------------------------------
------------->| Packet Queue |
| (Storage for packets) |
| so Grabber is not tied |
-------------------------------
/\
|
|
|
--------------->----------------
| QueuePOP |
|Get PK from Q |
-------------------
|
|
|
-------------
|
|
\/
--------------------
| Matcher |
|Get Sig Match |
-------------------
|
|
\/
----------------------------
| Alert/Log/UpdateGUI|
-----------------------------
This of course is not complete or 100% accurate but that is what I would think how to do it.

Let me know what has been done already or if you have a different prespective.

One of te most improtant things is to decide whether your going to use GUI or Not Because It will take a lot of work .

And You have to learn it from the beguining .

About the threads : I guess you should search this forum first cause there exist a similar post .

About Process : "KProcess" . I guess the help in KDevelop console will be suffient for your start .