» Centralized monitoring :
The client/server architecture allows central logging, central storage of baseline databases and client configurations, and central updates of baseline databases.
» Web-based management console :
The web-based Beltane console, available as separate package, allows to monitor server and client activity, view client reports, and update the baseline databases.
» Flexible logging :
Samhain supports multiple logging facilities, each of which can be configured individually.
» Tamper resistance :
Samhain offers PGP-signed database and configuration files, a stealth mode, and several more features to protect its integrity.Installation :
Read the README and/or the manual for options you may want to supply to configure, then do:
$ ./configure [options]
$ make install
(There is also a working make uninstall. Just to let you know.)
If you have an incarnation of ‘dialog’ (xdialog, dialog, lxdialog) installed, you can alternatively use the GUI install tool:
After installation, you should first review the configuration file (by default /etc/samhainrc), especially with respect to network addresses such as the email address, and files/directories you may want to have checked. Next, you have to initialize the database:
$ samhain -t init
Then, you can start samhain in daemon mode to check your system in intervals as specified in the configuration file:
$ samhain -t check -D
On most systems, after the $ make install, you can add
$ make install-boot to install the necessary scripts to start up samhain every time you boot your machine (supported: Linux, FreeBSD, MacOS X, Solaris, HP-UX, AIX).
Download right here : samhain-current.tar.gz
Read more in here : http://freecode.com/projects/samhain