|
Spot The Difference is a file integrity checker. It aims to support system administrators in detecting signs of intrusions by tracking changes to the filesystem. Intruders, in fact, almost always modify configuration files, executables and/or log files to do their evil or to make sure they can work their way back into the system. A file integrity checker first creates a database reflecting the state of the filesystem in a moment the system administrator is sure about its integrity. Then, periodically, the current state of the filesystem is compared to the database records. That's where it comes to spot the difference between two almost identical filesystems: the real filesystem and the virtual filesytem stored in the database. Spot The Difference is fully developed in python; it is OS independent (it has been tested both on UN*X and Windows systems) and it is designed to be easy to use, fast and powerful. It supports most open source databases (MySQL, PostgreSQL, SQLite and dbm files). Using dbm database files to store files information doesn't require the installation of any additional python module. If you wish to use another database, you might need to install database-specific modules. Current release is 0.2.1. |
Designed by kernel-panic |