[an error occurred while processing this directive]

3. File signatures

samhain works by generating a database of file signatures, and later comparing file against that database to recognize file modifications and/or added/deleted files.

File signatures include:

Depending on the policy chosen for a particular file, only a subset of these may be checked for modifications (see Section 4.1 ), but usually all these informations are collected.

[an error occurred while processing this directive]