Login or Register to Ask a Question and Join Our Community


Software Releases - RSS News

samhain 2.5.2 (Default branch)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Software Releases - RSS News samhain 2.5.2 (Default branch)
# 1  
Old 01-29-2009
samhain 2.5.2 (Default branch)
samhain is a daemon that can check file integrity, search the file tree for SUID files, and detect kernel module rootkits (Linux only). It can be used either standalone or as a client/server system for centralized monitoring, with strong (192-bit AES) encryption for client/server connections and the option to store databases and configuration files on the server. For tamper resistance, it supports signed database/configuration files and signed reports/audit logs. It has been tested on Linux, FreeBSD, Solaris, AIX, HP-UX, and Unixware. License: GNU General Public License (GPL) Changes:
This release provides a new option to avoid reports for timestamp changes on directories. For open ports, PID is determined now, and reporting of open ports to prelude has been improved. A bug has been fixed that could cause truncation of the reported file size upon entering into an RDBMS, and some build problems have been fixed. Image

Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT ULTRIX

lockd

lockd(8c)																 lockd(8c)

Name
       lockd - network lock daemon

Syntax
       /usr/etc/lockd [ -t timeout ] [ -g graceperiod ]

Description
       The  daemon processes lock requests that are either sent locally by the kernel or remotely by another lock daemon.  The NFS locking service
       makes this advisory locking support possible by using the system call and the subroutine.  The daemon forwards  lock  requests  for  remote
       data  to  the  server  site's lock daemon.  The daemon then requests the status monitor daemon, for monitor service.  The reply to the lock
       request is not sent to the kernel until the status daemon and the server site's lock daemon have replied.

       If either the status monitor or server site's lock daemon is unavailable, the reply to a lock request for remote data is delayed until  all
       daemons become available.

       When  a server recovers, it waits for a grace period for all client site daemons to submit reclaim requests.  Client site daemons are noti-
       fied by of the server recovery and promptly resubmit previously granted lock requests.  If a client site's daemon fails	to  secure  previ-
       ously  granted  locks  at  the server site, the daemon sends the signal SIGLOST to all the processes that were previously holding locks and
       cannot reclaim them.

Options
       -t timeout      The daemon uses timeout (in seconds) as the interval instead of the default value  of  15  seconds  to  retransmit  a  lock
		       request to the remote server.

       -g graceperiod  The daemon uses graceperiod (in seconds) as the grace period duration instead of the default value of 45 seconds.

See Also
       fcntl(2), lockf(3), signal(3), statd(8c)

																	 lockd(8c)