stealth - stealthy File Integrity Checker

Distribution: Ubuntu 16.04 LTS (Xenial Xerus)
Repository: Ubuntu Universe i386
Package name: stealth
Package version: 4.01.04
Package release: 1
Package architecture: i386
Package type: deb
Installed size: 273 B
Download size: 89.24 KB
Official Mirror:
The STEALTH program performs File Integrity Checks on (remote) clients. It differs from other File Integrity Checkers by not requiring baseline integrity data to be kept on either write-only media or in the client's file system. In fact, clients will hardly contain any indication suggesting that they are being monitored, thus improving the stealthiness of the integrity scans. STEALTH uses standard available software to perform file integrity checks (like find(1) and sha1sum(1)). Using individualized policy files, it is highly adaptable to the specific characteristics of its clients. In production environments STEALTH should be run from an isolated computer (called the `STEALTH monitor'). In optimal configurations the STEALTH monitor should be a computer not accepting incoming connections. The account used to connect to its clients does not have to be `root'; usually read-access to the client's file system is enough to perform a full integrity check. Instead of using `root' a more restrictive administrative or ordinary account might offer all necessary requirements for the desired integrity check. STEALTH itself must communicate with the computers it should monitor. It is essential that this communication is secure. STEALTH configurations therefore normally specify SSH as the command-shell to use for connecting to clients. STEALTH may be configured so as to use but one SSH connection per client, even if integrity scans are to be performed repeatedly. Apart from this, the STEALTH monitor is commonly allowed to send e-mail to remote client systems' maintainers. STEALTH-runs itself may start randomly within specified intervals. The resulting unpredicability of STEALTH-runs further increases STEALTH's stealthiness. STEALTH's acronym is expanded to `Ssh-based Trust Enforcement Acquired through a Locally Trusted Host': the client's trust is enforced, the locally trusted host is the STEALTH monitor.



    Source package: stealth

    Install Howto

    1. Update the package index:
      # sudo apt-get update
    2. Install stealth deb package:
      # sudo apt-get install stealth


    • /usr/bin/stealth
    • /usr/share/doc/stealth/NEWS.Debian.gz
    • /usr/share/doc/stealth/changelog.Debian.gz
    • /usr/share/doc/stealth/copyright
    • /usr/share/doc/stealth/stealthman.html
    • /usr/share/doc/stealth/scripts/etc/logrotate.d/target.gz
    • /usr/share/doc/stealth/scripts/etc/stealth/cleanup.rc.gz
    • /usr/share/doc/stealth/scripts/usr/bin/stealthcleanup.gz
    • /usr/share/doc/stealth/scripts/usr/bin/stealthcron.gz
    • /usr/share/doc/stealth/scripts/usr/bin/stealthmail.gz
    • /usr/share/man/man1/stealth.1.gz


    2015-12-24 - Frank B. Brokken <> stealth (4.01.04-1) unstable; urgency=medium * New upstream release streamlines the installation procedure * Adapted debian/rules so that the user guide and comparable documentation is installed in stealth-doc*.deb

    2015-12-21 - Frank B. Brokken <> stealth (4.01.03-2) unstable; urgency=medium * Build depends on icmake 8.00.05 * Reinstalled debian/rules file's execute permissions * Fixed a flaw in the debian/rules file installation specifications

    2015-12-20 - Frank B. Brokken <> stealth (4.01.03-1) unstable; urgency=medium * Upstream adapted build scripts to icmake 8.00.04

    2015-10-06 - Frank B. Brokken <> stealth (4.01.02-1) unstable; urgency=medium * Upstream fixed a flaw in the installation script, Upstream's 'build' script now supports -P to prevent the use of precompiled headers

    2015-10-03 - Frank B. Brokken <> stealth (4.01.01-1) unstable; urgency=medium * New upstream release uses precompiled headers and redefines its installation procedure. The debian/rules file was adapted accordingly * now depends on libbobcat-dev >= 4.00.00 * Removed git-orig-source target from debian/rules * New Homepage:

    2015-08-12 - tony mancill <> stealth (4.01.00-3) unstable; urgency=medium * Rebuild against bobcat >= 3.25.02-3 for g++5 ABI transition. * Add -n option to gzip to avoid timestamps in gzipped documentation.

    2015-05-01 - tony mancill <> stealth (4.01.00-2) unstable; urgency=medium * Upload to unstable.

    2015-03-07 - Frank B. Brokken <> stealth (4.01.00-1) experimental; urgency=low * New upstream release adds IPC option --ping and updates the /usr/bin/stealthcron script.

    2015-02-15 - Frank B. Brokken <> stealth (4.00.00-1) experimental; urgency=low [ Frank B. Brokken ] * New major release uses Unix Domain Sockets instead of signals for communication between Stealth daemons and Stealth programs doing IPC requests. See the upstream's changelog for further details. * Removed Tony's 3.00.00-2 patch: the upstream CLS setting has now been disabled. * Fixed compilation errors that emerged with g++-5, reported by Matthias Klose. (Closes: #778131) [ tony mancill ] * Upload to experimental.

    2014-09-01 - tony mancill <> stealth (3.00.00-2) unstable; urgency=medium * Disable definition of CLS in icmconf. This is causing build failures on the buildds.