freshmeat.net: Project details for samhain

20:20 UTC

[Project]

samhain 2.3.3 (Default)

Section: Unix

Added: Mon, Nov 15th 1999 09:04 UTC (8 years, 9 months ago)

Updated: Wed, Sep 3rd 2008 04:34 UTC (3 days ago)

About:
samhain is a daemon that can check file integrity, search the file tree for SUID files, and detect kernel module rootkits (Linux only). It can be used either standalone or as a client/server system for centralized monitoring, with strong (192-bit AES) encryption for client/server connections and the option to store databases and configuration files on the server. For tamper resistance, it supports signed database/configuration files and signed reports/audit logs. It has been tested on Linux, FreeBSD, Solaris, AIX, HP-UX, and Unixware.

Release focus: Minor bugfixes

Changes:
Incompatibilities of the samhain_hide module with 2.6.19/2.6.20 kernels have been fixed. The kernel check module supports OpenBSD 4 now, and has been enhanced to verify PCI expansion ROMs on Linux. Cross-compiling has been fixed, as well as a minor problem with prelude. A bug has been fixed that caused reporting of a double leading slash for the target of symlinks in the root directory.

Author:
rainer [contact developer]

Homepage:
http://la-samhna.de/samhain/
Tar/GZ:
http://la-samhna.de/samhain/samhain-current.tar.gz

Trove categories: [change]
[Development Status] 5 - Production/Stable
[Environment] Console (Text Based), No Input/Output (Daemon)
[Intended Audience] End Users/Desktop, System Administrators
[License] OSI Approved :: GNU General Public License (GPL)
[Operating System] POSIX
[Programming Language] C
[Topic] Security

Dependencies: [change]
No dependencies filed

Project admins: [change]
» rainer (Owner)

» Rating: 8.26/10.00 (Rank N/A)
» Vitality: 28.14% (Rank 16)
» Popularity: 7.48% (Rank 376)

(click to enlarge graphs)

   Record hits: 65,015
   URL hits: 29,723
   Subscribers: 223

Projects depending on this project:
beltane

Other projects from the same categories:
Thunk
glogwatch
kopkop
jammod
mod_auth_openid

Users who subscribed to this project also subscribed to:
History Flow Visualization Application
enemy lines 5
COCANWIKI
MedCosm Hangman
PLANster

Add comment · Rate this project · Subscribe to new releases · Ignore this project · Email this project to a friend · Project record in XML

Branches

Branch Version Last release License URLs

Default 2.4.6 03-Sep-2008 GNU General Public License (GPL)

Releases

Version Focus Date

2.4.6 Minor bugfixes 03-Sep-2008 04:34

2.4.5 Minor feature enhancements 18-Aug-2008 20:33

2.4.4 Minor feature enhancements 05-May-2008 21:40

2.4.3 Minor bugfixes 05-Feb-2008 02:06

2.4.1 Major security fixes 26-Nov-2007 21:53

2.4.0 Major feature enhancements 31-Oct-2007 23:44

2.3.8 Minor feature enhancements 05-Oct-2007 06:25

2.3.7 Minor bugfixes 17-Sep-2007 20:29

2.3.6 Minor bugfixes 07-Sep-2007 09:33

2.3.5 Minor bugfixes 21-Jun-2007 18:01

Comments

[»] Samhain rocks da house!!!
by s k 0 0 t - Mar 21st 2001 12:59:05

This is bar none *THE* coolest integrity checker out there. I've played with every single one I can find: Tripwire, Sentinel, Aide, FCheck, Viper, etc., etc., and this is the sh*t!

Why?

1. Platform-independent (builds on just about anything)
2. Small footprint
3. Fast
4. Stealth mode (very cool)
5. Clean code (not somebody's sophomore C project)
6. Client / server mode (send reports to a central server over a secure channel)
7. Obscure Glen Danzig reference
8. Docs that don't suck and an active development community

[reply] [top]