Samhain (software)

Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected in memory, using steganography.

Samhain
Developer(s)Samhain Services
Stable release
4.4.10 / May 14, 2023 (2023-05-14)[1]
Written inC[2]
Operating systemLinux, all POSIX/UNIX Systems, Microsoft Windows
TypeSecurity, Monitoring, HIDS
LicenseGNU General Public License
Websitela-samhna.de/samhain

Main features
  • Complete integrity check
    • uses cryptographic checksums of files to detect modifications,
    • can find rogue SUID executables anywhere on a disk, and
  • Centralized monitoring
  • Tamper resistance
    • database and configuration files can be signed
    • log file entries and e-mail reports are signed
    • support for stealth operation

See also
  • Host-based intrusion detection system comparison

References
  1. "Samhain File Integrity/Intrusion Detection System - Download". Samhain Labs. Retrieved 22 August 2023.
  2. "files for revision 17". Launchpad.net. Retrieved 15 June 2017.


This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.