Samhain is host-based intrusion detection system and file integrity checker.
Samhain is open source and effective network security software.
Samhain provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.
It is designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as standalone application on a single host.
Some good features:
Centralized monitoring
Web-based management console
Multiple logging facilities
Tamper resistance
Supported OS
POSIX (e.g. Linux, *BSD, Solaris 2.x, AIX 5.x, AIX 4.x, HP-UX 10.20, HP-UX 11, Unixware 7.1.0, Alpha/True64, and Mac OS X)
Windows 2000 / WindowsXP with POSIX emulation (e.g. Cygwin)
It uses the beltane web-based console so it can be easily managed anywhere from the web, making it easy and simple.
Deployment is just so simple and mass deployment is so easy with a simple commands.
What we like about this software is its integration with Prelude, Nagios, and other generic interfaces and active response.
Download Samhain here.
Related External Links
- TechLiteracy » 802.11 Network Forensic Analysis
- Wireshark Network Forensics and Security DVD (WSU04)
open source host based IDS, samhain ids, host based open source ids, samhain ids howto, samhain ids tutorial, samhain nagios, Samhain open source host-based intrusion detection system, samhain tutorials, samhain web based management, samhain windows, tutorial samhain, Host based IDS download for windows, open sources for host-based ids, Open Source Host-Based IDS, nagios samhain, ids using samhain tutorial, Host-Based intrusion Windows, host-based ids open source, host based intrusion detection mac os x, host based ids windows
You must log in to post a comment.