integrit
integrit is an alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system. integrit's major advantages are a small memory footprint and simplicity. It works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and you can then use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.
| Tags | Security Utilities Linux C Unix |
|---|---|
| Licenses | GPL |
| Operating Systems | POSIX BSD FreeBSD GNU/Hurd Linux Other Solaris |
| Implementation | C |
Recent releases
- 02 Jun 2007 15:32
Release Notes: This version fixes exit status codes when just "missing files" are found.
- 04 Aug 2006 07:12
Release Notes: RipeMD160 is now used for both current-state reports and file checksums, instead of MD5 and SHA1 (respectively). This release introduces support for delayed failures.
- 21 Sep 2005 01:07
Release Notes: Changes in the file type are now detected correctly, as are changes to device node major/minor numbers and symlink targets. Support for systems without static linking support was added. Directories configured to be ignored are now ignored.
- 09 Sep 2002 01:41
Release Notes: Large file support is now built-in by default on platforms that have LFS. There was a minor bugfix in the human-readable reporting of files that were changed to symlink.
- 19 Jul 2002 21:22
Release Notes: This stable release includes many portability enhancements. auxiliary tools in utils directory now display checksums by default.
Recent comments
another c++ project on the same topic
here are links for 'osec' integrity checker tool used in ALT Linux:
you might be interested in sharing some effort.
PS: how does wmnd do? :)
nice
This tool is pretty nice and it has most of the things I wanted
from a file integrity verification system: constant datbases,
file attributes like inode, pemissions, number of links, uid,
gid, file size, access and modification times, and of course
SHA checksums. It's statically linked with OpenSSL and CDB,
so things don't get messed up if someone poisons your libs.
Very simple config file syntax (syslog.conf like) and checksum
generation for the current/known state database so you know
if it's been tampered with. See the homepage for more info.
Keep up the good work, I'd like to see this included in Debian ;*)
ecashin
21 Dec 2000 19:37
Heartbeat
- Popularity Score
- 130.08
- Vitality Score
- 5.45
- Subscriptions
- 39
