Publisher review:Samhain is a multiplatform, open source solution for centralized file integrity checking / host-based intrusion detection on POSIX systems. Samhain is a multiplatform, open source solution for centralized file integrity checking / host-based intrusion detection on POSIX systems (Unix, Linux, Cygwin/Windows).
It has been designed to monitor multiple hosts with potentially different operating systems from a central location, although it can also be used as standalone application on a single host.
Features
Centralized monitoring The client/server architecture of samhain allows central logging to the server, central storage of baseline databases and client configuration data, and central updates of baseline databases. Web-based management console A web-based console - Beltane - is available as separate package. Beltane allows to monitor server and client activity, view client reports, and update the baseline databases on the server side. Multiple logging facilities Samhain supports multiple logging facilities, each of which can be configured individually; e.g. tamper-resistant logfile, syslog, email, relational databases (MySQL, PostgreSQL, Oracle, or unixODBC) and the Prelude IDS. Tamper resistance Samhain offers PGP-signed database and configuration files, a stealth mode, and several more features to protect against attempts to subvert the integrity of the samhain client / agent.
Samhain 2.4.0 is a C/C++ script for Security Systems scripts design by Rainer Wichmann.
It runs on following operating system: Windows / Linux / Mac OS / BSD / Solaris.
Operating system:Windows / Linux / Mac OS / BSD / Solaris