|File Search||Catalog||Content Search|
STEALTH uses standard available software to perform file integrity checks (like find(1) and sha1sum(1)). Using individualized policy files, it is highly adaptable to the specific characteristics of its clients.
In production environments STEALTH should be run from an isolated computer (called the `STEALTH monitor'). In optimal configurations the STEALTH monitor should be a computer not accepting incoming connections. The account used to connect to its clients does not have to be `root'; usually read-access to the client's file system is enough to perform a full integrity check. Instead of using `root' a more restrictive administrative or ordinary account might offer all necessary requirements for the desired integrity check.
STEALTH itself must communicate with the computers it should monitor. It is essential that this communication is secure. STEALTH configurations therefore normally specify SSH as the command-shell to use for connecting to clients. STEALTH may be configured so as to use but one SSH connection per client, even if integrity scans are to be performed repeatedly. Apart from this, the STEALTH monitor is commonly allowed to send e-mail to remote client systems' maintainers.
STEALTH-runs itself may start randomly within specified intervals. The resulting unpredicability of STEALTH-runs further increases STEALTH's stealthiness.
STEALTH's acronym is expanded to `Ssh-based Trust Enforcement Acquired through a Locally Trusted Host': the client's trust is enforced, the locally trusted host is the STEALTH monitor.
STEALTH SSH-based Trust Enforcement Acquired through a Locally Trusted Host Frank B. Brokken firstname.lastname@example.org * The manual is in the usr/share/doc/stealth/html subdirectory. Point your browser to its index.html or stealth.html file to start reading the manual. The more»
stealth (1.47.4-1) unstable; urgency=low Please note that starting with this release the stealth executables and scripts are expected in /usr/bin rather than /usr/sbin, following a suggestion made in Bug Report #530657. The package puts stealth in /usr/bin, but support scripts (stealthcleanup.gz, stealthcron.gz, stealthmail.gz) are found in /usr/share/doc/stealth/scripts/ more»
stealth(1) Security Enhancement stealth(1) NAME stealth - Stealthy File Integrity Scanner SYNOPSIS stealth -dcnoq -i <interval> -r <nr> -s skip-files [--max-size <size>[BKMG] ] [--keep-alive pidfile [--repeat <seconds> ] ] policy stealth [--rerun | --resume | --suppress | --terminate] pid‐ file DESCRIPTION The nam more»
stealth (2.10.00-1) unstable; urgency=low * New upstream release + new option --reload and su more»
1.31 Added options --suppress and --resume to allow logfile rotations --resume implies more»
This package was debianized by Frank B. Brokken <email@example.com> on Wed, 18 Jun 2003 12:13:41 +0 more»