Tool and Usage
Host-based intrusion detection system (HIDS) providing file integrity checking and log file monitoring
Samhain is a host-based intrusion detection system (HIDS). It provides file integrity checking and log file monitoring/analysis. Additional features are rootkit detection, port monitoring, detection of rogue SUID executables, and the detection of hidden processes.
Samhain is typically deployed as a standalone application, although it supports centralized logging. This makes it ideal for environments with multiple systems.
Samhain is open source software and written by Rainer Wichmann.
Usage and audience
- + The source code of this software is available