Every hacker needs a way to know if a person is inside a system, does not matter is the hacker owned system or he is protecting someone else s. For this kind of tasks there are a re tools that allows you to detect the intrusion.
We present you now an intrusion detection system called Samhain. This is a host-based intrusion detection system ( a.k.a. HIDS) that provides a full file integrity checking and logging for files monitoring or analysis, it will also offer a root-kit detection, port monitoring, detection of rogue SUID executable, and hidden processes.
Intrusion detection system for hackers
This tool has been designed with the goal to monitor multiple hosts using any Operating System, offering centralized logs and maintenance tasks. Samhain can also be used as standalone app on a single host.
Samhain is an open-source multi-platform application for POSIX systems (Unix, Linux, Cygwin/Windows).
Changelog SAMHAIN v3.1.4 (bugfix)
A bug has been fixed that was introduced in version 3.1.2 and would cause the database initialization to fail if the configuration asks to check a non-existent file.
A problem in handling very large UNIX groups has been fixed.
Detection of the rpmbuild top directory (for ‘make rpm’) has been improved.
Changelog BELTANE v2.4.9 (minor enhancements)
GPG signing can be done for individual clients now (from the drop-down menu in the client panel).
The host-name is automatically enclosed in delimiters now when ‘bulk update’ is invoked from the client panel for a single client.
Feel free to comment and leave your opinion and experience with intrusion systems.