Sentinel is a fast file integrity checker similar to Tripwire or ViperDB with built in authentication using the RIPEMD 160 bit MAC hashing function. It uses a single database similar to Tripwire, maintains file integrity using the RIPEMD algorithm and also produces secure, signed logfiles. Its main design goal is to detect intruders modifying files. It also prevents intruders with root/superuser permissions from tampering with its log files and database.
99707698a2a7d4bd78f5f2d02cf28df6ed1cc818d354adea561001735cac2a5b
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, tamper-resistant log file, and syslog) are available. Tested on Linux, AIX 4.1, HP-UX 10.20, Unixware 7.1.0, and Solaris 2.6.
7586fdf2b2be87916768c7d10baaa36b29608cb4bde146ce3e9a228ca9029385
incident.pl is a small script that, when given logs generated by snort, can generate an incident report for every event that appears to be an attempted security attack, and report the attack to the appropriate administrators.
084366c6d9ca979363725bfc619c05624f1a3fad5f91c8ffe79c9c82827f54ee