Software:Samhain
From HandWiki
Developer(s) | Samhain Services |
---|---|
Stable release | 4.4.10
/ May 14, 2023[1] |
Written in | C[2] |
Operating system | Linux, all POSIX/UNIX Systems, Microsoft Windows |
Type | Security, Monitoring, HIDS |
License | GNU General Public License |
Website | la-samhna.de/samhain |
Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected in memory, using steganography.
Main features
- Complete integrity check
- uses cryptographic checksums of files to detect modifications,
- can find rogue SUID executables anywhere on a disk, and
- Centralized monitoring
- native support for logging to a central server via encrypted and authenticated connections
- Tamper resistance
- database and configuration files can be signed
- log file entries and e-mail reports are signed
- support for stealth operation
See also
References
- ↑ "Samhain File Integrity/Intrusion Detection System - Download". https://www.la-samhna.de/samhain/s_download.html. Retrieved 22 August 2023.
- ↑ "files for revision 17". Launchpad.net. https://bazaar.launchpad.net/~ubuntu-branches/ubuntu/vivid/samhain/vivid/files/head:/src/. Retrieved 15 June 2017.
External links