src: i.ytimg.com
Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected in memory, using steganography.
Video Samhain (software)
Main features
- Complete integrity check
- uses cryptographic checksums of files to detect modifications,
- can find rogue SUID executables anywhere on disk, and
- Centralized monitoring
- native support for logging to a central server via encrypted and authenticated connections
- Tamper resistance
- database and configuration files can be signed
- log file entries and e-mail reports are signed
- support for stealth operation
Maps Samhain (software)
References
src: th01.deviantart.net
See also
- Host-based intrusion detection system comparison
src: i.ytimg.com
External links
- Samhain Homepage
Source of the article : Wikipedia
0 Comments