Tool and Usage
|Latest release||4.2.1 |
Samhain is a host-based intrusion detection system (HIDS). It provides file integrity checking and log file monitoring/analysis. Additional features are rootkit detection, port monitoring, detection of rogue SUID executables, and the detection of hidden processes.
Samhain is typically deployed as a standalone application, although it supports centralized logging. This makes it ideal for environments with multiple systems.
Samhain is open source software and written by Rainer Wichmann.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
Similar tools to Samhain:
OSSEC is an open source host-based intrusion detection system (HIDS). It performs log analysis, integrity checking, rootkit detection, and more.
Bro is a network security monitoring tool (NSM) and helps with monitoring. It can also play an active rol in performing forensics and incident response.
Snort is a network intrusion detection system (NIDS) that runs on Linux and other platforms.
Found an improvement? Help the community by submitting an update.