If there is a site that should be listed here or if a link goes dead, please let us know.
- AIDE Advanced Intrusion Detection Environment
unix, free, tripwire replacement
- ICU (Integrity Checking Utility)
for executing AIDE filesystem integrity checks on remote hosts from an ICU server and sending reports via email
- CodeSafe
protect EXEs and DLLs from being cracked or run without your permission
- Win98, ME, NT, W2K, XP Host Integrity and Audititing
(June 2001)
- Importance of Change Detection whitepaper
- Intact Change Detection System nt, w2k, unix, commercial
- Intact Open Use NT, free, reduced functionality
- Rootkits :
- adore – linux module backdoor
- Analysis of N.F.O hacking- / rootkit NT, commercial
- Analysis of the KNARK Rootkit
- Carbonite – a rootkit detection and analyzer
- Checkps – a rootkit detection and analyzer
- chkrootkit: shell script that checks system binaries for rootkit modification unix, free
- Linux Rootkit IV
- NT / W2K Rootkit
- rkdet – rootkit detector for Linux
- SucKIT – easy-to-use, Linux-i386 kernel-based rootkit
works on systems which do not have kernel module support built in
- adore – linux module backdoor
- SecureEXE 100% protection against compromised executables NT, commercial
- Slogger: Secure Logger NT, freeware
Designed to replace the Event Logger, slogger implements a cryptographic protocol called PEO-1 that allows the remote auditing of system logs. Auditing remains possible even if an intruder gains superuser privileges i n the system, the protocol guarantees that the information logged before and during the intrusion process cannot be modified without the auditor (on a remote, trusted host) noticing.
- Veracity File Integrity Assessment windows, unix