Kalpana Kalpana (Editor)

Samhain (software)

Updated on
Edit
Like
Comment
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit
Developer(s)
  
Samhain Services

Website
  
la-samhna.de/samhain

Stable release
  
4.1.5 / August 9, 2016; 7 months ago (2016-08-09)

Operating system
  
Linux, all POSIX/UNIX Systems

Type
  
Security, Monitoring, HIDS

License
  
GNU General Public License

Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected in memory, using steganography.

Main features

  • Complete integrity check
  • uses cryptographic checksums of files to detect modifications,
  • can find rogue SUID executables anywhere on disk, and
  • Centralized monitoring
  • native support for logging to a central server via encrypted and authenticated connections
  • Tamper resistance
  • database and configuration files can be signed
  • log file entries and e-mail reports are signed
  • support for stealth operation

    • References

    Samhain (software) Wikipedia
    (Text) CC BY-SA


    Similar Topics