OSDN -- 开发和下载开源软件
简体中文翻译状态 translation status for zh

RSS
Download List

项目描述

samhain is a daemon that can check file integrity, search the file tree for SUID files, and detect kernel module rootkits (Linux only). It can be used either standalone or as a client/server system for centralized monitoring, with strong (192-bit AES) encryption for client/server connections and the option to store databases and configuration files on the server. For tamper resistance, it supports signed database/configuration files and signed reports/audit logs. It has been tested on Linux, FreeBSD, Solaris, AIX, HP-UX, and Unixware.

系统要求

System requirement is not defined
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.

2013-01-20 00:01
3.0.10

此版本修复了作出无限期阻止如果使用 inotify 模式的文件检查了死神的回归。
标签: bugfix
This release fixes a regression that made samhain block indefinitely if the inotify mode for file checking was used.

2012-12-29 07:08
3.0.9

已修复某些生成错误,以及服务器 (客户端可能错误地省略在某些条件下) 的 '探讨' 命令。选项已被添加至 Windows 注册表检查以忽略更改,如果只发生了更改的时间戳,和完全扫描的 inotify 模块的要求现在才会运行有时已配置为定期完整扫描。
标签: Feature Enhancements, Bug fixes
Some build errors have been fixed, as well as the 'probe' command for the server (clients could be erroneously omitted under certain conditions). An option has been added to the Windows registry check to ignore changes if only the timestamp has changed, and full scans requested by the inotify module will now only run at times configured for regular full scans.

2012-02-24 07:34
3.0.2

此版本修复了可能导致 segfault 在启动时不具有 inotify 系统的回归。
标签: Bugfixes
This release fixes a regression that could cause a segfault at startup on systems that don't have inotify.

2011-12-09 08:22
3.0.1

此版本修复 inotify 支持,以及潜在的死锁的代码中的内存泄漏。中的 suid.check 和端口的错误检查模块已得到修复,并在 FreeBSD 上的编译问题已得到解决。
标签: Bugfixes
This release fixes a memory leak in the code for inotify support, as well as a potential deadlock. Bugs in the suid.check and port check modules have been fixed, and compile problems on FreeBSD have been resolved.

2011-11-09 08:11
3.0.0

此版本在 Linux 上,以实现对文件的更改立即报告并降低 I/O 负载增加 inotify 的支持。现在,调试输出为 IPv6 问题是更完整和结合,prelink 支持与 suid 文件检查的问题已得到解决。
标签: Major feature enhancements, Bug fixes
This release adds support for inotify on Linux, to enable immediate reports on file changes and reduce I/O load. Debugging output for IPv6 issues is more complete now, and a problem with the combination of prelink support and the suid file check has been fixed.

Project Resources

Project Page 首页 下载: TGZ