Samhain

I ran across this article on Host-based intrusion detection with samhain. There is an actively maintained FreeBSD port so I may try samhain. An alternative is AIDE, also with a FreeBSD port and an older 2001 article on using AIDE with Linux. The commercial standard is still Tripwire. Update: A cross-platform file integrity checker that works with Windows and UNIX is Another File Integrity Checker. You might also like md5deep.

Comments

Popular posts from this blog

Zeek in Action Videos

MITRE ATT&CK Tactics Are Not Tactics

New Book! The Best of TaoSecurity Blog, Volume 4