Integrit 4.0 review

Download
by rbytes.net on

integrit is a more simple alternative to file integrity verification programs like tripwire and aide

License: GPL (GNU General Public License)
File size: 0K
Developer: Ed L Cashin
0 stars award from rbytes.net

integrit is a more simple alternative to file integrity verification programs like tripwire and aide. It helps you determine whether an intruder has modified a computer system.

Without a system like integrit, a sysadmin can't know whether the tools he/she uses to investigate a potential break in are trojan horses or not. e.g., If the machine has a "/tmp/. " directory containing a shell that's setuid root, and you want to investigate to determine how badly the cracker has compromised the machine, how do you know that the attacker hasn't replaced your "find" and "ls" commands with tampered versions that fail to report the cracker's files?

A system like integrit works by creating a database that is a snapshot of the most essential parts of your computer system. You put the database somewhere safe, and then later you can use it to make sure that no one has made any illicit modifications to the computer system. In the case of a break in, you know exactly which files have been modified, added, or removed.

integrit is a robust, stable piece of software designed for professionals.

Here are some key features of "Integrit":
small memory footprint during runtime
This is a big deal because a machine that is important enough to protect is probably doing important things. Since the other processes are important, integrit doesn't step on anyone's toes: its conservative with memory.
simple, modular design and implementation means a smaller learning curve and better potential for open-source development
uses up-to-date cryptographic algorithms from gnupg.
designed with unattended use in mind
e.g., integrit includes the MD5 checksum of newly generated databases in its report
intuitive cascading rulesets for the paths listed in the configuration file
an option to reset the access times of selected files or directory trees after doing checksums
output format can be XML or an easy-to-scan human-readable format
simultaneous check and update: integrit can generate a new database while running a check against an old database
distribution contains standalone auxiliary programs for convenience that you can safely ignore or else use when needed.
builds quickly and easily source

Integrit 4.0 keywords