Filewatcher File Search File Search
Content Search
» » » » »


stealthy File Integrity Checker

STEALTH program performs File Integrity Checks on (remote) clients. It differs from other File Integrity Checkers by not requiring baseline integrity data to be kept on either write-only media or in the client's file system. In fact, client's will contain hardly any indication at all that they are being monitored, thus improving the stealthiness of the integrity scans.

STEALTH uses standard available software to perform file integrity checks (like find(1) and md5sum(1)). Using individualized policy files, it is highly adaptable to the specific requirements of its clients.

In production environments STEALTH should be run from an isolated computer (called the `STEALTH monitor'). In optimal configurations the STEALTH monitor should be a computer not accepting incoming connections. The account used to connect to its clients does not have to be `root': usually read-access to the client's file system is enough to perform a full integrity check. Instead of using `root' a more restrictive administrative or ordinary account might offer all requirements for the desired integrity check.

STEALTH itself must communicate with the computers it should monitor. It is essential that this communication is secure, and STEALTH configurations will therefore normally specify SSH as the command-shell to use to connect to its clients. STEALTH may be configured so as to use but one SSH connection per client, even if integrity scans are to be performed repeatedly. Apart from this, the STEALTH monitor might be allowed to send e-mail to remote clients system's maintainers.

STEALTH-runs itself may start randomly within specified intervals. The resulting unpredicability of STEALTH-runs further increases STEALTH's stealthiness.

STEALTH's acronym is expanded to `Ssh-based Trust Enforcement Acquired through a Locally Trusted Host': the client's trust is enforced, the locally trusted host is the STEALTH monitor.

This package provides the supplemental documentation for Stealth.

Package version:2.10.00-1


stealth (1.47.4-1) unstable; urgency=low

    Please note that starting with this release the stealth executables and
    scripts are expected in /usr/bin rather than /usr/sbin, following a
    suggestion made in Bug Report #530657.

    The package puts stealth in /usr/bin, but support scripts
    (stealthcleanup.gz, stealthcron.gz, stealthmail.gz) are found in


stealth (2.10.00-1) unstable; urgency=low

  * New upstream release
    + new option --reload and supports skipping directories
  * Added relro to LDFLAGS

 -- Frank B. Brokken <>  Sat, 16 Jun 2012 16:03:36 +0200

stealth (2.04.00-1) unstable; urgency=low

  * New upstream release fixes failing command recognition

 -- Frank B. Brokken <>  Sun, 03 Jun 2012 16:23



    Added options --suppress and --resume to allow logfile rotations
        --resume implies a --rerun
        --terminate can be used following --suppress

    Removed ::exit() and atexit() calls, using exceptions instead.

    Added `Monitor', containing all process-control functions previously 
        provided by Scanner itself. Scanner now only performs the scanning


This package was debianized by Frank B. Brokken <> on
Wed, 18 Jun 2003 12:13:41 +0

Browse inside stealth-doc_2.10.00-1_all.deb

         [DIR]DEBIAN/ (2)  65535+ mirrors
         [DIR]usr/ (1)  65535+ mirrors

Download stealth-doc_2.10.00-1_all.deb

Results 1 - 1 of 1
Help - FTP Sites List - Software Dir.
Search over 15 billion files
© 1997-2017