samhain is a file system integrity checker that can be used for both single hosts and networks. You can trace what changes have occurred in your system, when they occurred, and who was logged in at the time. The program uses cryptographic checksums to monitor file integrity and detect unauthorized modifications of a file system. It's designed for tamper resistance, even if an intruder has obtained root privileges. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available.
DocumentationUser manual in PDF format included
released on 5 July 2005
|License||Verified by||Verified on||Notes|
|GPLv2||Janet Casey||20 March 2001|
Leaders and contributors
Resources and communication
This entry (in part or in whole) was last reviewed on 6 July 2005.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.
The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.