Search My Blog

Tuesday, November 23, 2010

Samhain Labs | download samhain

The SAMHAIN file integrity / intrusion detection system

License

samhain ("the software") is distributed under the terms of the GNU General Public Licence ("GPL").

Download

Version 2.8.1 samhain-current.tar.gz
MD5 checksum 2cdb375c5a29cf17117b19fb53101adb
bytes 2015830
release date Nov 17, 2010
mailing list samhain-announce
Version 2.7.2c samhain_signed-2.7.2c.tar.gz
MD5 checksum b39c49b839e09ae4022be01cdddf16c9
bytes 1927099
release date Sep 23, 2010
mailing list samhain-announce

Unpack and verify

After downloading, unzip the tar file. 

    $ gunzip samhain-current.tar.gz     $ tar -xf samhain-current.tar     samhain-2.8.1.tar.gz     samhain-2.8.1.tar.gz.asc

Get the samhain development PGP key 1024D/0F571F6C
(almost any keyserver will do if pgp.mit.edu is temporarily unavailable): 

    $ gpg --keyserver pgp.mit.edu --recv-key 0F571F6C

check the key fingerprint (EF6C EF54 701A 0AFD B86A F4C3 1AAD 26C8 0F57 1F6C) 

    $ gpg --fingerprint 0F571F6C

and verify the PGP signature on the distribution tarball: 

      $ gpg --verify samhain-2.8.1.tar.gz.asc samhain-2.8.1.tar.gz

Unzip the second-stage tar file and cd into the distribution directory: 

    $ gunzip samhain-2.8.1.tar.gz     $ tar -xf samhain-2.8.1.tar     $ cd samhain-2.8.1

Installation

Read the README and/or the manual for options you may want to supply to configure, then do: 

    $ ./configure [options]     $ make     $ make install

(There is also a working make uninstall. Just to let you know.)

If you have an incarnation of 'dialog' (xdialog, dialog, lxdialog) installed, you can alternatively use the GUI install tool: 

    $ ./Install.sh

After installation, you should first review the configuration file (by default /etc/samhainrc), especially with respect to network addresses such as the email address, and files/directories you may want to have checked. Next, you have to initialize the database: 

    $ samhain -t init

Then, you can start samhain in daemon mode to check your system in intervals as specified in the configuration file: 

    $ samhain -t check -D

On most systems, after the $ make install, you can add
$ make install-boot to install the necessary scripts to start up samhain every time you boot your machine (supported: Linux, FreeBSD, MacOS X, Solaris, HP-UX, AIX).

Go there...
http://la-samhna.de/samhain/s_download.html

Don
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)