ITP: samhain -- a data integrity / intrusion detection system

To: debian-devel@lists.debian.org
Subject: ITP: samhain -- a data integrity / intrusion detection system
From: Brian Russo <brusso@phys.hawaii.edu>
Date: Sun, 21 Jan 2001 21:38:23 -1000
Message-id: <[🔎] 20010121213823.B21695@uhhepr.phys.hawaii.edu>

Package: wnpp
Severity: wishlist

URI: http://lah-samhna.de/samhain/
License: GPL

There's an excellent summary/plenty of docs on the website, so just enough to
appease you..

open source file integrity and IDS

for each file it records:
	o a checksum
	o type of file, and it's inode
	o timestamps, size, number of hardlinks
	o owner, group, permissions
	o if it is a link, what it links to/from

you can configure if you want all/some of the above.
on a per-file/per-dir basis also.

supports central logging, built-in SMTP, so no reliance on an external MTA.
centralized monitoring of multiple hosts, authentication, signing and
encryption of communications between clients and central host(s).
HTML summary page, etc.

lots of other stuff.. for the sake of brevity..

note:
I'm not too naive. I'm a new maintainer,  don't want/trust
me packaging an IDS that people will rely on, etc? Completely reasonable
concerns. I will not be offended, If you do comment, please direct
explicitly to me, I'm not on -devel.

tks
 - brian.
-- 
Brian Russo <brusso@phys.hawaii.edu> GPG ID: 54D81666
Debian/GNU OS: www.debian.org <wolfie@debian.org>
magnus frater spectat te - encrypt whenever possible

Reply to:

Prev by Date: Re: intent to package tth
Next by Date: Re: dpkg -L (was: Re: conflicts with libcap-dev)
Previous by thread: Re: dpkg-dev-emacs vs. debian-changelog-mode vs...
Next by thread: swapon on degraded raid is ok for 2.4.0
Index(es):
- Date
- Thread