Chris Gondolin Samhain
- By Chris Stratford
- Security
Channel | Revision | Published | Runs on |
---|---|---|---|
latest/stable | 8 | 18 Mar 2021 | |
latest/edge | 8 | 18 Mar 2021 |
juju deploy chris-gondolin-samhain
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
Data integrity and host intrusion alert system
Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected on memory using steganography. Main features * Complete integrity check + uses cryptographic checksums of files to detect modifications, + can find rogue SUID executables anywhere on disk, and * Centralized monitoring + native support for logging to a central server via encrypted and authenticated connections * Tamper resistance + database and configuration files can be signed + logfile entries and e-mail reports are signed + support for stealth operation