samhain

Data integrity and host intrusion alert system

Install

All systems
curl cmd.cat/samhain.sh
Debian Debian
apt-get install samhain
Ubuntu
apt-get install samhain
image/svg+xml Kali Linux
apt-get install samhain
Windows (WSL2)
sudo apt-get update sudo apt-get install samhain
Raspbian
apt-get install samhain

samhain

Data integrity and host intrusion alert system

Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected on memory using steganography. Main features * Complete integrity check + uses cryptographic checksums of files to detect modifications, + can find rogue SUID executables anywhere on disk, and * Centralized monitoring + native support for logging to a central server via encrypted and authenticated connections * Tamper resistance + database and configuration files can be signed + logfile entries and e-mail reports are signed + support for stealth operation