fsVeracicor

www.HEPArts.com

Up to FileSystem Utilities

fsVeracicor

[Pronounced ef - es - ver - RASS - seh - core
from the Latin root, verac, meaning "Truth".]

This is an Intrusion Detection program. It is used to take a Security snapshot of directories and files in a known good state, in order to monitor the veracity of the File System. Then, nightly it compares the current state to this snapshot. It evaluates the differences and EMails a report to the person managing the computer.

The main purpose of an Intrusion Detection program is to monitor System files. When a Hacker breaks into a machine, the first thing he does is replace system executables with hacked versions which will hide his presence and give him more access. Ideally, the system executables would reside on a read-only file-system, which would prevent this replacement from being even possible. Short of that, we must monitor these files daily to trigger an alarm when they get replaced. Then, the Administrator can jump in and cleanup the intrusion.

Syntax

This is a command-line utility.

Usage: fsVeracicor [options] [-s input-filename] [-o output-filename] [dirname]

Simple Options:
    --help    | -h -> output this help message
    --version | -V -> version of the program.
    --verbose | -v -> Enable Verbose mode
                -q -> quiet = disable printout and overwrite checking

Choice of Procedure to perform:
  --test        | -t -> check whether the whole setup is self-consistent
  --make-keys   | -K -> generate Keys for signing config and DB
  --sign-config | -S -> Sign the Configuration file
  --init        | -i -> initialize the database
  --check       | -c -> check the current state against the snapshot
  --update      | -u -> update the snapshot against the current state
                        (Operator can edit changes before committing)
  --list        | -l -> list the contents of the snapshot or differences

Specification of Locations:
  --basename          | -b <basename> use this name instead of Hostname
  --config-directory  | -D <dirname>  use this Configuration directory
  --config-file       | -C <pathname> use this configuration file
  --reports-directory | -R <dirname>  use this output directory for Reports
  --trunkDirname      | -T <trunkDirname> use this directory as topmost-dir

File Handling Options:
  --snapshot    | -s <pathname>   input snapshot for comparison to current
  --output      | -o <pathname>  output filename for snapshot or delta-file
  --error-file  | -e <pathname>  output filename for errors
  --stdout      | -O          -> put output data on 

When making Keys initially, one can choose the Validity Period.
This is normally 7 years, but one can choose a different value:
  --n-years | -y <(float)years>   fractional number of years.

Purchase

Price: $ 500

Export Restrictions

Because Encryption is restricted under U.S. Export Law, programs purchased to be used outside the United States must have encryption crippled. Because the security of the snapshot depends on using strong encryption, we just cannot sell it to non-US Customers at this time. Currently, only Customers within the United States may purchase this program. Sorry.

Download Packages

After you have purchased your License, you may go to the Download Page to copy the program package down to your computer. You must run the program package to extract the program and to activate it, using your License Number and Activation Code.

Proceed to the Download Page.

Instructions

Instructions for how to install and setup fsVericacor on your system can be found on the Instructions Page.

webmaster@HEPArts.com