samhain_3.1.0-7build1_i386.deb


Advertisement

Description

samhain - Data integrity and host intrusion alert system

Distribution: Ubuntu 16.04 LTS (Xenial Xerus)
Repository: Ubuntu Universe i386
Package name: samhain
Package version: 3.1.0
Package release: 7build1
Package architecture: i386
Package type: deb
Installed size: 2.24 KB
Download size: 1.02 MB
Official Mirror: archive.ubuntu.com
Samhain is an integrity checker and host intrusion detection system that can be used on single hosts as well as large, UNIX-based networks. It supports central monitoring as well as powerful (and new) stealth features to run undetected on memory using steganography. Main features * Complete integrity check + uses cryptographic checksums of files to detect modifications, + can find rogue SUID executables anywhere on disk, and * Centralized monitoring + native support for logging to a central server via encrypted and authenticated connections * Tamper resistance + database and configuration files can be signed + logfile entries and e-mail reports are signed + support for stealth operation

Alternatives

    Download

    Source package: samhain

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install samhain deb package:
      # sudo apt-get install samhain

    Files

    • /etc/init.d/samhain
    • /etc/logrotate.d/samhain
    • /etc/samhain/samhainrc
    • /usr/sbin/samhain
    • /usr/share/doc-base/samhain-manual
    • /usr/share/doc/samhain/BUGS
    • /usr/share/doc/samhain/FAQ.html
    • /usr/share/doc/samhain/HOWTO-client+server-troubleshooting.html
    • /usr/share/doc/samhain/HOWTO-client+server.html
    • /usr/share/doc/samhain/HOWTO-samhain+GnuPG.html
    • /usr/share/doc/samhain/HOWTO-write-modules.html
    • /usr/share/doc/samhain/MANUAL-2_3.pdf.gz
    • /usr/share/doc/samhain/NEWS.Debian.gz
    • /usr/share/doc/samhain/README.Debian.gz
    • /usr/share/doc/samhain/README.LZO.gz
    • /usr/share/doc/samhain/README.UPGRADE
    • /usr/share/doc/samhain/README.gcc_bug
    • /usr/share/doc/samhain/README.gz
    • /usr/share/doc/samhain/README.sstrip
    • /usr/share/doc/samhain/TODO
    • /usr/share/doc/samhain/TODO.Debian
    • /usr/share/doc/samhain/changelog.Debian.gz
    • /usr/share/doc/samhain/copyright
    • /usr/share/doc/samhain/samhain.jpg
    • /usr/share/doc/samhain/sh_mounts.txt
    • /usr/share/doc/samhain/sh_userfiles.txt
    • /usr/share/doc/samhain/simple-bignum.tar.bz2
    • /usr/share/doc/samhain/testtiger.txt
    • /usr/share/doc/samhain/examples/README
    • /usr/share/doc/samhain/examples/chroot.sh
    • /usr/share/doc/samhain/examples/example_pager.pl.gz
    • /usr/share/doc/samhain/examples/example_sms.pl.gz
    • /usr/share/doc/samhain/examples/redhat_i386.client.spec.gz
    • /usr/share/doc/samhain/examples/samhain.cgi
    • /usr/share/doc/samhain/examples/samhain.dtd
    • /usr/share/doc/samhain/examples/samhain.spec.gz
    • /usr/share/doc/samhain/examples/samhain.xsl.gz
    • /usr/share/doc/samhain/examples/samhainadmin.pl.gz
    • /usr/share/doc/samhain/examples/samhainrc.linux.gz
    • /usr/share/doc/samhain/examples/yulerc.template.gz
    • /usr/share/doc/samhain/manual.html/all-except.html
    • /usr/share/doc/samhain/manual.html/basic-configuration.html
    • /usr/share/doc/samhain/manual.html/calling-external-programs.html
    • /usr/share/doc/samhain/manual.html/checking-for-kernel-module-rootkits.html
    • /usr/share/doc/samhain/manual.html/checking-for-suid-files.html
    • /usr/share/doc/samhain/manual.html/checking-mounts.html
    • /usr/share/doc/samhain/manual.html/checking-ports.html
    • /usr/share/doc/samhain/manual.html/checking-processes.html
    • /usr/share/doc/samhain/manual.html/checking-userfiles.html
    • /usr/share/doc/samhain/manual.html/chroot.html
    • /usr/share/doc/samhain/manual.html/client-integrity.html
    • /usr/share/doc/samhain/manual.html/client-server-connectivity.html
    • /usr/share/doc/samhain/manual.html/clients.html
    • /usr/share/doc/samhain/manual.html/command-line-yule.html
    • /usr/share/doc/samhain/manual.html/command-line.html
    • /usr/share/doc/samhain/manual.html/compilation-checks.html
    • /usr/share/doc/samhain/manual.html/compilation-options.html
    • /usr/share/doc/samhain/manual.html/configfacility.html
    • /usr/share/doc/samhain/manual.html/configfile-clients.html
    • /usr/share/doc/samhain/manual.html/configuration-email.html
    • /usr/share/doc/samhain/manual.html/configuration-external.html
    • /usr/share/doc/samhain/manual.html/configuration-logserver.html
    • /usr/share/doc/samhain/manual.html/consoledetails.html
    • /usr/share/doc/samhain/manual.html/controlling-the-daemon.html
    • /usr/share/doc/samhain/manual.html/daemontool.html
    • /usr/share/doc/samhain/manual.html/database-configuration-file-download.html
    • /usr/share/doc/samhain/manual.html/database-fields.html
    • /usr/share/doc/samhain/manual.html/database.html
    • /usr/share/doc/samhain/manual.html/databasefile.html
    • /usr/share/doc/samhain/manual.html/deployment.html
    • /usr/share/doc/samhain/manual.html/design.html
    • /usr/share/doc/samhain/manual.html/dnmalloc.html
    • /usr/share/doc/samhain/manual.html/docbook.css
    • /usr/share/doc/samhain/manual.html/droproot.html
    • /usr/share/doc/samhain/manual.html/enabling-logging-to-the-server.html
    • /usr/share/doc/samhain/manual.html/extern.html
    • /usr/share/doc/samhain/manual.html/external.html
    • /usr/share/doc/samhain/manual.html/file-content-store.html
    • /usr/share/doc/samhain/manual.html/file-monitor.html
    • /usr/share/doc/samhain/manual.html/file-signatures.html
    • /usr/share/doc/samhain/manual.html/filedef.html
    • /usr/share/doc/samhain/manual.html/files-to-check.html
    • /usr/share/doc/samhain/manual.html/filetypes-defined.html
    • /usr/share/doc/samhain/manual.html/finotify.html
    • /usr/share/doc/samhain/manual.html/gcm.html
    • /usr/share/doc/samhain/manual.html/hash-function.html
    • /usr/share/doc/samhain/manual.html/improving-the-signal-to-noise-ratio.html
    • /usr/share/doc/samhain/manual.html/index.html
    • /usr/share/doc/samhain/manual.html/initializing-updating-checking.html
    • /usr/share/doc/samhain/manual.html/installation-build.html
    • /usr/share/doc/samhain/manual.html/installation-configure.html
    • /usr/share/doc/samhain/manual.html/installation-customize.html
    • /usr/share/doc/samhain/manual.html/installation-download.html
    • /usr/share/doc/samhain/manual.html/installation-initialize.html
    • /usr/share/doc/samhain/manual.html/installation-install.html
    • /usr/share/doc/samhain/manual.html/installation-requirements.html
    • /usr/share/doc/samhain/manual.html/installation-running.html
    • /usr/share/doc/samhain/manual.html/installation.html
    • /usr/share/doc/samhain/manual.html/intro.html
    • /usr/share/doc/samhain/manual.html/kerneldef.html
    • /usr/share/doc/samhain/manual.html/keypad.html
    • /usr/share/doc/samhain/manual.html/layout.html
    • /usr/share/doc/samhain/manual.html/libwrap.html
    • /usr/share/doc/samhain/manual.html/log-file-rotation.html
    • /usr/share/doc/samhain/manual.html/logging-thresholds.html
    • /usr/share/doc/samhain/manual.html/logmon-check.html
    • /usr/share/doc/samhain/manual.html/logmon.html
    • /usr/share/doc/samhain/manual.html/miscellaneous.html
    • /usr/share/doc/samhain/manual.html/mod-db-fields.html
    • /usr/share/doc/samhain/manual.html/modules.html
    • /usr/share/doc/samhain/manual.html/mondef.html
    • /usr/share/doc/samhain/manual.html/mountcheck.html
    • /usr/share/doc/samhain/manual.html/nagios.html
    • /usr/share/doc/samhain/manual.html/native-packages.html
    • /usr/share/doc/samhain/manual.html/openpgp-signatures.html
    • /usr/share/doc/samhain/manual.html/options-configuration-file.html
    • /usr/share/doc/samhain/manual.html/packing-the-executable.html
    • /usr/share/doc/samhain/manual.html/paths.html
    • /usr/share/doc/samhain/manual.html/performance-tuning-server.html
    • /usr/share/doc/samhain/manual.html/performance-tuning.html
    • /usr/share/doc/samhain/manual.html/pid-file.html
    • /usr/share/doc/samhain/manual.html/portcheck.html
    • /usr/share/doc/samhain/manual.html/preludedetails.html
    • /usr/share/doc/samhain/manual.html/processcheck.html
    • /usr/share/doc/samhain/manual.html/samhain-command-line.html
    • /usr/share/doc/samhain/manual.html/security-design.html
    • /usr/share/doc/samhain/manual.html/send-commands.html
    • /usr/share/doc/samhain/manual.html/server-logging.html
    • /usr/share/doc/samhain/manual.html/server-security.html
    • /usr/share/doc/samhain/manual.html/server-status-information.html
    • /usr/share/doc/samhain/manual.html/server-to-server.html
    • /usr/share/doc/samhain/manual.html/severity-of-events.html
    • /usr/share/doc/samhain/manual.html/signals.html
    • /usr/share/doc/samhain/manual.html/signed-files.html
    • /usr/share/doc/samhain/manual.html/sqldetails.html
    • /usr/share/doc/samhain/manual.html/stealthmode.html
    • /usr/share/doc/samhain/manual.html/suidchk.html
    • /usr/share/doc/samhain/manual.html/support.html
    • /usr/share/doc/samhain/manual.html/sys-db-fields.html
    • /usr/share/doc/samhain/manual.html/syslogdetails.html
    • /usr/share/doc/samhain/manual.html/system-v-message-queue.html
    • /usr/share/doc/samhain/manual.html/testsuite.html
    • /usr/share/doc/samhain/manual.html/the-configuration-file.html
    • /usr/share/doc/samhain/manual.html/thresholds.html
    • /usr/share/doc/samhain/manual.html/timing-file-checks.html
    • /usr/share/doc/samhain/manual.html/trustedexample.html
    • /usr/share/doc/samhain/manual.html/udp.html
    • /usr/share/doc/samhain/manual.html/updating-the-file-signature-database.html
    • /usr/share/doc/samhain/manual.html/usage.html
    • /usr/share/doc/samhain/manual.html/usercheck.html
    • /usr/share/doc/samhain/manual.html/watching-login-logout-events.html
    • /usr/share/doc/samhain/manual.html/winreg.html
    • /usr/share/doc/samhain/manual.html/yule.html
    • /usr/share/doc/samhain/manual.html/stylesheet-images/caution.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/home.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/important.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/next.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/note.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/prev.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/tip.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/toc-blank.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/toc-minus.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/toc-plus.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/up.gif
    • /usr/share/doc/samhain/manual.html/stylesheet-images/warning.gif
    • /usr/share/man/man5/samhainrc.5.gz
    • /usr/share/man/man8/samhain.8.gz

    Changelog

    2015-08-10 - Steve Langasek <steve.langasek@ubuntu.com> samhain (3.1.0-7build1) wily; urgency=medium * No-change rebuild against libprelude2v5

    2014-12-03 - Javier Fernández-Sanguino Peña <jfs@debian.org> samhain (3.1.0-7) unstable; urgency=medium * Applied patch provided by Andrea Claudi to move all non-volatile package state from /var/state/samhain to /var/lib/samhain, according to the FHS (Closes: #771461) * debian/preinst: Move the contents of /var/state/samhain (if they exist) to /var/lib/samhain on upgrades to avoid re-creating the Samhain state database on upgrades from previous versions.

    2014-06-18 - Javier Fernández-Sanguino Peña <jfs@debian.org> samhain (3.1.0-6) unstable; urgency=medium * debian/rules: Add an option to disable the ASM code when building on amd64 targets. Work around to fix the FTBFS on amd64 and kfreebsd (Closes: #735530) Patch provided by Adam Conrad. * debian/control: Change build-deps to add autotools-dev. Build on new architectures will get config.{sub,guess} automatically without you needing to do a fresh upload to update the diff. Patch provided by Adam Conrad. * debian/samhain.init,debian/postinst: Initialise the integrity database if it does not exist the first time the init.d script is run, do not do it in postinst. This prevents package installation from sending a mail to root which causes problems in automated testing tools (such as piuparts) (Closes: #749602) * debian/samhain.init: Fix call to pidofproc, provide it with the required arguments (Closes: #751747) (LP: #1330424)

    2014-01-23 - Javier Fernández-Sanguino Peña <jfs@debian.org> samhain (3.1.0-5) unstable; urgency=medium * debian/samhainrc: Use 'root@localhost' for SetMailAddress instead of just 'root' since the basic mailer configuration requires that a domain is provided in the RCPT TO. * debian/samhain.init: Improve the init script: - Do not fail in 'start' if the daemon is already started, use --oknodo (Closes: #736375) - Do not try to stop the daemon (and wait for it to stop) if it is not running - If the pidfile has been lost, try to determine the status using the process name instead * debian/control: Do not require libauparse-dev in kfreebsd (Closes: #736169) * debian/rules: update config.{sub,guess} on build if available and restore on clean

    2014-01-16 - Javier Fernández-Sanguino Peña <jfs@debian.org> samhain (3.1.0-3) unstable; urgency=medium * debian/rules: - Disable dnmalloc for all architectures expect those known to work. It seems to be the source of problems and segfaults in many different architectures (Closes: #533860, #657307) Even though dnmalloc improves samhain's security this is done to avoid potential problematic situations while we wait more information from upstream indicating in which architectures dnmalloc() can be safely enabled.

    2014-01-16 - Javier Fernández-Sanguino Peña <jfs@debian.org> samhain (3.1.0-2) unstable; urgency=medium * debian/rules: - Disable dnmalloc for s390x, as it is done for s390 already (Closes: #733875) - Preliminary code to build server (yule) and client although. This a first step to fix #343346 * debian/control - Add libauparse-dev to the Build-dependencies to ensure that audit support is enabled (Closes: #700156)

    Advertisement
    Advertisement