SAMHAIN v3.1.2 - File Integrity Checker / Host-Based Intrusion Detection System
The Samhain
host-based intrusion detection system (HIDS) provides
file integrity checking
and log file monitoring/analysis,
as well as rootkit detection, port monitoring, detection of rogue
SUID executables, and hidden processes.
Samhain been designed to monitor multiple hosts
with potentially different operating systems, providing
centralized logging and maintenance,
although it can also be used as standalone application on a single
host.
Samhain is an open-source multiplatform application for POSIX systems
(Unix, Linux, Cygwin/Windows).
Features
» Centralized monitoring
The client/server architecture allows
central logging, central storage of
baseline databases and
client configurations, and central updates of
baseline databases.
» Web-based management console
The web-based Beltane console,
available as separate package, allows to monitor server and
client activity, view client reports,
and update the baseline databases.
» Flexible logging
Samhain supports
multiple logging
facilities, each of which can be configured individually.
» Tamper resistance
Samhain offers PGP-signed database and configuration files,
a stealth mode, and
several more features to protect
its integrity.
SAMHAIN v3.1.2 - File Integrity Checker / Host-Based Intrusion Detection System
![SAMHAIN v3.1.2 - File Integrity Checker / Host-Based Intrusion Detection System]()
Reviewed by Zion3R
on
8:31 PM
Rating:
