The Hacker News Logo
Subscribe to Newsletter

SAMHAIN v2.8.5 - intrusion detection system

SAMHAIN v2.8.5 - intrusion detection system

The samhain open source host-based intrusion detection system (HIDS) provides file integrity checking and logfile monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.
It has been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as standalone application on a single host.

The official change log:

  1. For the kernel check, the configure script should now detect if /dev/kmem exists but is dysfunctional. Also, a bug in the samhain_kmem kernel module has been fixed.
  2. The LogmonMarkSeverity option has been fixed
  3. Timeserver response is cached now for one second
  4. The Unix entropy gatherer supports /opt/local/bin now
  5. A compile time option has been added to disable the expansion of $(shell command) in the configuration file. Also, the signature of a signed configuration file is checked earlier now.

Download SAMHAIN v2.8.5

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.