Samhain (software)
Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected in memory, using steganography.
| Developer(s) | Samhain Services |
|---|---|
| Stable release | 4.3.2
/ January 7, 2019[1] |
| Written in | C[2] |
| Operating system | Linux, all POSIX/UNIX Systems |
| Type | Security, Monitoring, HIDS |
| License | GNU General Public License |
| Website | la-samhna.de/samhain |
Main features
- Complete integrity check
- uses cryptographic checksums of files to detect modifications,
- can find rogue SUID executables anywhere on a disk, and
- Centralized monitoring
- native support for logging to a central server via encrypted and authenticated connections
- Tamper resistance
- database and configuration files can be signed
- log file entries and e-mail reports are signed
- support for stealth operation
gollark: Most are 14 days though.
gollark: They range from 2 or so for Teleport to 28 for Corporealize.
gollark: They have cooldowns though.
gollark: Ah, soulpeace's expunge, yes.
gollark: Basically, æons have precognition, pinks have influence, whites have ward, reds have incubate, magis have teleport, purples have fertility, greens have earthquake, plus there are some other more exotic ones (bite, corporealize).
References
- "archive". Retrieved 20 May 2019.
- "files for revision 17". Launchpad.net. Retrieved 15 June 2017.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.