This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these messages)
(Learn how and when to remove this message)
|
| Samhain | |
|---|---|
| Developer | Samhain Services |
| Stable release | |
| Written in | C[2] |
| Operating system | Linux, all POSIX/UNIX Systems, Microsoft Windows |
| Type | Security, Monitoring, HIDS |
| License | GNU General Public License |
| Website | la-samhna.de/samhain |
Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected in memory, using steganography.
Main features
[edit]- Complete integrity check
- uses cryptographic checksums of files to detect modifications,
- can find rogue SUID executables anywhere on a disk, and
- Centralized monitoring
- native support for logging to a central server via encrypted and authenticated connections
- Tamper resistance
- database and configuration files can be signed
- log file entries and e-mail reports are signed
- support for stealth operation
See also
[edit]
References
[edit]- ^ "Samhain File Integrity/Intrusion Detection System - Download". Samhain Labs. Retrieved 16 March 2026.
- ^ "files for revision 17". Launchpad.net. Retrieved 15 June 2017.
External links
[edit]
Hidden categories:
- Articles with short description
- Short description matches Wikidata
- Articles needing additional references from October 2014
- All articles needing additional references
- Articles with topics of unclear notability from October 2014
- All articles with topics of unclear notability
- Products articles with topics of unclear notability
- Articles with multiple maintenance issues
- All stub articles