LSE toolsLSE toolsSamhain (512)Samhain (512)

Tool and Usage

Project details
Latest release4.2.1 []

Project health

This score is calculated by different factors, like project age, last release date, etc.


Samhain is a host-based intrusion detection system (HIDS). It provides file integrity checking and log file monitoring/analysis. Additional features are rootkit detection, port monitoring, detection of rogue SUID executables, and the detection of hidden processes.

Samhain is typically deployed as a standalone application, although it supports centralized logging. This makes it ideal for environments with multiple systems.

Samhain is open source software and written by Rainer Wichmann.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + The source code of this software is available

Samhain alternatives

Similar tools to Samhain:



OSSEC is an open source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, rootkit detection, and more.



Bro is a network security monitoring tool (NSM) and helps with monitoring. It can also play an active rol in performing forensics and incident response.



Snort is a network intrusion detection system (NIDS) that runs on Linux and other platforms.

All Samhain alternatives

Found an improvement? Help the community by submitting an update.

Related tool information