Samhain is an integrity checker and host intrusion detection system
that can be used on single hosts as well as large, UNIX-based
networks. It supports central monitoring as well as powerful (and
new) stealth features to run undetected on memory using
Main features:
- Complete integrity check
- uses cryptographic checksums of files to detect modifications,
- can find rogue SUID executables anywhere on disk
- Centralized monitoring
- native support for logging to a central server via encrypted and authenticated connections
- Tamper resistance
- database and configuration files can be signed
- logfile entries and e-mail reports are signed
- support for stealth operation .
version: samhain 2.8.3a-1
size: 1.7 MB to download, 7.6 MB when installed
for more details: http://la-samhna.de/