Samhain (software)
Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected in memory, using steganography.
| Developer(s) | Samhain Services |
|---|---|
| Stable release | 4.3.2
/ January 7, 2019[1] |
| Written in | C[2] |
| Operating system | Linux, all POSIX/UNIX Systems |
| Type | Security, Monitoring, HIDS |
| License | GNU General Public License |
| Website | la-samhna.de/samhain |
Main features
- Complete integrity check
- uses cryptographic checksums of files to detect modifications,
- can find rogue SUID executables anywhere on a disk, and
- Centralized monitoring
- native support for logging to a central server via encrypted and authenticated connections
- Tamper resistance
- database and configuration files can be signed
- log file entries and e-mail reports are signed
- support for stealth operation
gollark: Ask squid.
gollark: It was added at the same time as the disk startup disabling was.
gollark: You can do it.
gollark: It works.
gollark: BREAK IT.
References
- "archive". Retrieved 20 May 2019.
- "files for revision 17". Launchpad.net. Retrieved 15 June 2017.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.