May 26, 2018

Samhain Intrusion Detection System

Samhain is an open source file integrity and host-based intrusion detection system for Linux and Unix. It can run as a daemon process, and and thus can remember file changes - contrary to a tool that runs from cron, if a file is modified you will get only one report, while subsequent checks of that file will ignore the modification as it is already reported unless the file is modified again.

Samhain can optionally be used as client/server system to provide centralized monitoring for multiple host. Logging to a MySQL or PostgreSQL database is supported.

WWW http//