[SAMHAIN v3.0.11 & BELTANE v2.4.6] Host-based intrusion detection system (HIDS)

The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.

Samhain been designed to monitor multiple hosts with potentially different operating systems, providingcentralized logging and maintenance, although it can also be used as standalone application on a single host.
Samhain is an open-source multiplatform application for POSIX systems (Unix, Linux, Cygwin/Windows).

Changelog


SAMHAIN v3.0.11
  • Log rotation is handled more gracefully now under favourable conditions (logfile is moved so inode is kept, and it does not get compressed immediately).
  • Debian client packages can be created with a preset password now (this was possible for RPMs since 3.0.8).
  • An option IgnoreModified has been added to cover transient files that not only get added/deleted but also modified during their lifetime.
  • An option KernelCheckProc has been added to suppress the kernel /proc test.
  • Large groups are handled better now.
  • A compile error on HP-UX has been fixed.
  • Reconnecting to a temporarily unavailable Oracle database has been fixed.

BELTANE v2.4.6
Version 2.4.6 of the Beltane II web frontend has been released.
Changes:
  • Better detection of setup problems (e.g. missing PHP posix module).
  • Minor UI improvements.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s