||<>|| = Intrusion Detection = As a part of your comprhensive security management the '''samhain''' host based intrusion detection system (HIDS) should be an integral component. HIDS is a proactive measure to help avoid rootkits, unplanned system changes and other potentially nefarious activity. = Samhain Labs, samhain IDS = Samhain is a full system integrity monitoring and reporting application designed to alert you, good sysadmin, to suspect changes and activities on your host(s). Samhain operates in a client/server daemon environment. Host file checksums and properties are centrally stored in a variety of database servers. e.g., PostgreSQL, MySQL, etc. Extra documentation, details and FAQ's at: http://www.la-samhna.de/samhain = Samhain Installation and Configuration = == Install and Preconfigure a Database Server == Choose a supported database server and have it installed and pre-configured prior to configuring samhain. I've chosen ''PostgreSQL''. == Install == Ubunutu Feisty Fawn 7.04 has a samhain package in ''System Administration (universe)''. {{{ apt-get install samhain }}} == Configuration == = Creative Commons License = Author: James B. Crocker EMail: james@constantsc.net [[http://i.creativecommons.org/l/by-sa/3.0/88x31.png]] This work is licensed under a [[http://creativecommons.org/licenses/by-sa/3.0/|Creative Commons Attribution-Share Alike 3.0 License]]. ---- CategorySecurity