HOME

TheInfoList



Click Here for Items Related To - Samhain (software)
OR:
Samhain (software) on:   [Wikipedia]   [Google]   [Amazon]

Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large,
UNIX Unix (; trademarked as UNIX) is a family of multitasking, multiuser computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, a ...
-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected in
memory Memory is the faculty of the mind by which data or information is encoded, stored, and retrieved when needed. It is the retention of information over time for the purpose of influencing future action. If past events could not be remembered ...
, using steganography.


Main features

* Complete integrity check ** uses cryptographic checksums of files to detect modifications, ** can find rogue SUID executables anywhere on a disk, and * Centralized monitoring ** native support for logging to a central server via
encrypted In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...
and authenticated connections * Tamper resistance **
database In computing, a database is an organized collection of data stored and accessed electronically. Small databases can be stored on a file system, while large databases are hosted on computer clusters or cloud storage. The design of databases spa ...
and
configuration file In computing, configuration files (commonly known simply as config files) are files used to configure the parameters and initial settings for some computer programs. They are used for user applications, server processes and operating system ...
s can be signed **
log file In computing, logging is the act of keeping a log of events that occur in a computer system, such as problems, errors or just information on current operations. These events may occur in the operating system or in other software. A message or ...
entries and
e-mail Electronic mail (email or e-mail) is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronic ( digital) version of, or counterpart to, mail, at a time when "mail" mean ...
reports are signed ** support for stealth operation


See also

* Host-based intrusion detection system comparison


References


External links


Samhain Homepage
Privacy software Unix security-related software Intrusion detection systems Free security software programmed in C {{security-software-stub