LSE toolsLSE toolsSamhain (321)Samhain (321)

Tool and Usage

Host-based intrusion detection system (HIDS) providing file integrity checking and log file monitoring


Samhain is a host-based intrusion detection system (HIDS). It provides file integrity checking and log file monitoring/analysis. Additional features are rootkit detection, port monitoring, detection of rogue SUID executables, and the detection of hidden processes.

Samhain is typically deployed as a standalone application, although it supports centralized logging. This makes it ideal for environments with multiple systems.

Samhain is open source software and written by Rainer Wichmann.

Usage and audience

Tool review

The review and analysis of this project resulted in the following remarks for this security tool:


  • + The source code of this software is available
This tool page was recently updated. Found an improvement? Become an influencer and submit an update.
Project details
Latest release 4.2.1 [2016-04-06]
Last updatedSept. 17, 2017

Project health

This score is calculated by different factors, like project age, last release date, etc.


 Samhain project page

Related terms