1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105
|
Source: stealth
Section: admin
Priority: optional
Maintainer: Frank B. Brokken <f.b.brokken@rug.nl>
Uploaders: George Danchev <danchev@spnet.net>,
tony mancill <tmancill@debian.org>
Build-Depends: debhelper-compat (= 12),
libbobcat-dev (>= 5.00.00),
icmake (>= 9.02.04),
yodl (>= 4.02.00)
Build-Depends-Indep: texlive-latex-base,
texlive-plain-generic,
texlive-latex-recommended,
texlive-fonts-recommended,
texlive-latex-extra,
cm-super-minimal,
ghostscript
Standards-Version: 4.5.0
Vcs-Browser: https://salsa.debian.org/debian/stealth
Vcs-Git: https://salsa.debian.org/debian/stealth.git
Homepage: https://fbb-git.gitlab.io/stealth
Rules-Requires-Root: no
Package: stealth
Architecture: any
Depends: ${shlibs:Depends}, ${misc:Depends}
Suggests: stealth-doc
Description: stealthy File Integrity Checker
The STEALTH program performs File Integrity Checks on (remote) clients. It
differs from other File Integrity Checkers by not requiring baseline
integrity data to be kept on either write-only media or in the client's file
system. In fact, clients will hardly contain any indication suggesting that
they are being monitored, thus improving the stealthiness of the integrity
scans.
.
STEALTH uses standard available software to perform file integrity checks
(like find(1) and sha1sum(1)). Using individualized policy files, it is
highly adaptable to the specific characteristics of its clients.
.
In production environments STEALTH should be run from an isolated computer
(called the `STEALTH monitor'). In optimal configurations the STEALTH
monitor should be a computer not accepting incoming connections. The account
used to connect to its clients does not have to be `root'; usually
read-access to the client's file system is enough to perform a full integrity
check. Instead of using `root' a more restrictive administrative or
ordinary account might offer all necessary requirements for the desired
integrity check.
.
STEALTH itself must communicate with the computers it should monitor. It is
essential that this communication is secure. STEALTH configurations
therefore normally specify SSH as the command-shell to use for connecting to
clients. STEALTH may be configured so as to use but one SSH connection per
client, even if integrity scans are to be performed repeatedly. Apart from
this, the STEALTH monitor is commonly allowed to send e-mail to remote
client systems' maintainers.
.
STEALTH-runs itself may start randomly within specified intervals. The
resulting unpredicability of STEALTH-runs further increases STEALTH's
stealthiness.
.
STEALTH's acronym is expanded to `Ssh-based Trust Enforcement Acquired
through a Locally Trusted Host': the client's trust is enforced, the locally
trusted host is the STEALTH monitor.
Package: stealth-doc
Architecture: all
Section: doc
Depends: ${shlibs:Depends}, ${misc:Depends}
Description: stealthy File Integrity Checker documentation
STEALTH program performs File Integrity Checks on (remote) clients. It
differs from other File Integrity Checkers by not requiring baseline
integrity data to be kept on either write-only media or in the client's file
system. In fact, client's will contain hardly any indication at all that they
are being monitored, thus improving the stealthiness of the integrity scans.
.
STEALTH uses standard available software to perform file integrity checks
(like find(1) and md5sum(1)). Using individualized policy files, it is highly
adaptable to the specific requirements of its clients.
.
In production environments STEALTH should be run from an isolated computer
(called the `STEALTH monitor'). In optimal configurations the STEALTH
monitor should be a computer not accepting incoming connections. The account
used to connect to its clients does not have to be `root': usually
read-access to the client's file system is enough to perform a full integrity
check. Instead of using `root' a more restrictive administrative or
ordinary account might offer all requirements for the desired integrity
check.
.
STEALTH itself must communicate with the computers it should monitor. It is
essential that this communication is secure, and STEALTH configurations will
therefore normally specify SSH as the command-shell to use to connect to its
clients. STEALTH may be configured so as to use but one SSH connection per
client, even if integrity scans are to be performed repeatedly. Apart from
this, the STEALTH monitor might be allowed to send e-mail to remote clients
system's maintainers.
.
STEALTH-runs itself may start randomly within specified intervals. The
resulting unpredicability of STEALTH-runs further increases STEALTH's
stealthiness.
.
STEALTH's acronym is expanded to `Ssh-based Trust Enforcement Acquired
through a Locally Trusted Host': the client's trust is enforced, the locally
trusted host is the STEALTH monitor.
.
This package provides the supplemental documentation for Stealth.
|