KmemGuard is a tool I wrote for Linux Kernel 2.6.7., when the S.P.I.N.E. project was still alive. It protects and eventually repairs the syscalltable using /dev/kmem. One can use it as a first countermeasure against malicious syscalltable injections, often performed by rootkits. As a proof of concept, it is usable although by no means complete.