Last Updated on June 21, 2007 EDT by
samhain 2.3.5 (Default branch) – samhain is a daemon that can check file integrity, search the file tree for SUID files, and detect kernel module rootkits (Linux only). It can be used either standalone or as a client/server system for centralized monitoring, with strong (192-bit AES) encryption for client/server connections and the option to store databases and configuration files on the server. For tamper resistance, it supports signed database/configuration files and signed reports/audit logs. It has been tested on Linux, FreeBSD, Solaris, AIX, HP-UX, and Unixware.
License: GNU General Public License (GPL)
Changes:
This release fixes some minor bugs. The portcheck module tears down connections for some common protocols more gracefully.
[FreshMeat]