1 |
|
---|
2 | SAMHAIN distributed host monitoring system
|
---|
3 | ------------------------------------------
|
---|
4 |
|
---|
5 | Copyright (C) 1999-2009 Rainer Wichmann
|
---|
6 |
|
---|
7 | This program is free software; you can redistribute it and/or modify
|
---|
8 | it under the terms of the GNU General Public License as published by
|
---|
9 | the Free Software Foundation; either version 2 of the License, or
|
---|
10 | (at your option) any later version.
|
---|
11 |
|
---|
12 | This program is distributed in the hope that it will be useful,
|
---|
13 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
15 | GNU General Public License for more details.
|
---|
16 |
|
---|
17 | You should have received a copy of the GNU General Public License
|
---|
18 | along with this program; if not, write to the Free Software
|
---|
19 | Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
---|
20 |
|
---|
21 |
|
---|
22 | Incorporated code
|
---|
23 | -----------------
|
---|
24 |
|
---|
25 | (i) Support for the TIGER cryptographic checksum algorithm
|
---|
26 | is provided by the reference implementation, which includes
|
---|
27 | the following statement:
|
---|
28 |
|
---|
29 | * Tiger: A Fast New Hash Function
|
---|
30 | *
|
---|
31 | * Ross Anderson and Eli Biham
|
---|
32 | *
|
---|
33 | * Tiger has no usage restrictions nor patents. It can be used freely,
|
---|
34 | * with the reference implementation,
|
---|
35 | * with other implementations or with
|
---|
36 | * a modification to the reference implementation (as long as it still
|
---|
37 | * implements Tiger). We only ask you to let us know about your
|
---|
38 | * implementation and to cite the origin of Tiger and of the reference
|
---|
39 | * implementation.
|
---|
40 | *
|
---|
41 | * The authors' home pages can be found both in
|
---|
42 | * http://www.cs.technion.ac.il/~biham/ and in
|
---|
43 | * http://www.cl.cam.ac.uk/users/rja14/.
|
---|
44 | * The authors' email addresses are biham@cs.technion.ac.il
|
---|
45 | * and rja14@cl.cam.ac.uk.
|
---|
46 |
|
---|
47 |
|
---|
48 |
|
---|
49 | (ii) Support for testing write access by untrusted users
|
---|
50 | to any element in the path of a file is provided by the
|
---|
51 | public domain trustfile library, which includes the following
|
---|
52 | statement:
|
---|
53 |
|
---|
54 | * Author information:
|
---|
55 | * Matt Bishop
|
---|
56 | * Department of Computer Science
|
---|
57 | * University of California at Davis
|
---|
58 | * Davis, CA 95616-8562
|
---|
59 | * phone (916) 752-8060
|
---|
60 | * email bishop@cs.ucdavis.edu
|
---|
61 | *
|
---|
62 | * This code is placed in the public domain. I do ask that
|
---|
63 | * you keep my name associated with it, that you not represent
|
---|
64 | * it as written by you, and that you preserve these comments.
|
---|
65 | * This software is provided "as is" and without any guarantees
|
---|
66 | * of any sort.
|
---|
67 |
|
---|
68 | (iii) Support for big integer arithmetic is provided by the bignum
|
---|
69 | package (v. 1.2) by Henrik.Johansson@Nexus.Comm.SE,
|
---|
70 | which includes the following statement:
|
---|
71 |
|
---|
72 | * Everyone is allowed to distribute this package to anyone
|
---|
73 | * else, as long as all changes are recorded and mentioned.
|
---|
74 | * If you are including this in a commercial product, be sure
|
---|
75 | * to distribute _all_ of the package with the product.
|
---|
76 | *
|
---|
77 | * (...writing more stuff here later, but I guess everyone
|
---|
78 | * knows the approximate contents of it - no warranty, no
|
---|
79 | * charge, and so on. I guess it is like the GNU concept.
|
---|
80 | * Read that for further details...)
|
---|
81 |
|
---|
82 | (iv) Support for compression is provided by the (mini) LZO library,
|
---|
83 | which includes the following statement:
|
---|
84 |
|
---|
85 | * Copyright (C) 1999 Markus Franz Xaver Johannes Oberhumer
|
---|
86 | * Copyright (C) 1998 Markus Franz Xaver Johannes Oberhumer
|
---|
87 | * Copyright (C) 1997 Markus Franz Xaver Johannes Oberhumer
|
---|
88 | * Copyright (C) 1996 Markus Franz Xaver Johannes Oberhumer
|
---|
89 | *
|
---|
90 | * The LZO library is free software; you can redistribute it and/or
|
---|
91 | * modify it under the terms of the GNU General Public License as
|
---|
92 | * published by the Free Software Foundation; either version 2 of
|
---|
93 | * the License, or (at your option) any later version.
|
---|
94 | *
|
---|
95 | * The LZO library is distributed in the hope that it will be useful,
|
---|
96 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
97 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
98 | * GNU General Public License for more details.
|
---|
99 | *
|
---|
100 | * You should have received a copy of the GNU General Public License
|
---|
101 | * along with the LZO library; see the file COPYING.
|
---|
102 | * If not, write to the Free Software Foundation, Inc.,
|
---|
103 | * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
---|
104 | *
|
---|
105 | * Markus F.X.J. Oberhumer
|
---|
106 | * <markus.oberhumer@jk.uni-linz.ac.at>
|
---|
107 | * http://wildsau.idv.uni-linz.ac.at/mfx/lzo.html
|
---|
108 |
|
---|
109 | (v) Support for determining the type of a file system is provided by
|
---|
110 | code from the GNU find(1) utility which includes the following statement:
|
---|
111 |
|
---|
112 | /* fstype.c -- determine type of filesystems that files are on
|
---|
113 | Copyright (C) 1990, 91, 92, 93, 94 Free Software Foundation, Inc.
|
---|
114 |
|
---|
115 | This program is free software; you can redistribute it and/or modify
|
---|
116 | it under the terms of the GNU General Public License as published by
|
---|
117 | the Free Software Foundation; either version 2, or (at your option)
|
---|
118 | any later version.
|
---|
119 |
|
---|
120 | This program is distributed in the hope that it will be useful,
|
---|
121 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
122 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
123 | GNU General Public License for more details.
|
---|
124 |
|
---|
125 | You should have received a copy of the GNU General Public License
|
---|
126 | along with this program; if not, write to the Free Software
|
---|
127 | Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA */
|
---|
128 |
|
---|
129 | /* Written by David MacKenzie <djm@gnu.ai.mit.edu>. */
|
---|
130 |
|
---|
131 |
|
---|
132 | (vi) Support for the MD5 hash algorithm is provided by code
|
---|
133 | from busybox which is distributed under the GPL.
|
---|
134 |
|
---|
135 | /* md5.c - Functions to compute MD5 message digest of files or memory blocks
|
---|
136 | * according to the definition of MD5 in RFC 1321 from April 1992.
|
---|
137 | * Copyright (C) 1995, 1996 Free Software Foundation, Inc.
|
---|
138 | *
|
---|
139 | * NOTE: The canonical source of this file is maintained with the GNU C
|
---|
140 | * Library. Bugs can be reported to bug-glibc@prep.ai.mit.edu.
|
---|
141 | *
|
---|
142 | * This program is free software; you can redistribute it and/or modify it
|
---|
143 | * under the terms of the GNU General Public License as published by the
|
---|
144 | * Free Software Foundation; either version 2, or (at your option) any
|
---|
145 | * later version.
|
---|
146 | *
|
---|
147 | * This program is distributed in the hope that it will be useful,
|
---|
148 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
149 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
150 | * GNU General Public License for more details.
|
---|
151 | *
|
---|
152 | * You should have received a copy of the GNU General Public License
|
---|
153 | * along with this program; if not, write to the Free Software Foundation,
|
---|
154 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
---|
155 | */
|
---|
156 |
|
---|
157 | /* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. */
|
---|
158 |
|
---|
159 |
|
---|
160 | (vi) Support for the SHA-1 hash algorithm is provided by code
|
---|
161 | from mhash which includes the following statement:
|
---|
162 |
|
---|
163 | /* sha.c - Implementation of the Secure Hash Algorithm
|
---|
164 | *
|
---|
165 | * Copyright (C) 1995, A.M. Kuchling
|
---|
166 | *
|
---|
167 | * Distribute and use freely; there are no restrictions on further
|
---|
168 | * dissemination and usage except those imposed by the laws of your
|
---|
169 | * country of residence.
|
---|
170 | *
|
---|
171 | * Adapted to pike and some cleanup by Niels Möller.
|
---|
172 | */
|
---|
173 |
|
---|
174 | /* $Id: sha1.c,v 1.2 2001/01/24 08:20:29 nmav Exp $ */
|
---|
175 |
|
---|
176 | /* SHA: NIST's Secure Hash Algorithm */
|
---|
177 |
|
---|
178 | /* Based on SHA code originally posted to sci.crypt by Peter Gutmann
|
---|
179 | in message <30ajo5$oe8@ccu2.auckland.ac.nz>.
|
---|
180 | Modified to test for endianness on creation of SHA objects by AMK.
|
---|
181 | Also, the original specification of SHA was found to have a weakness
|
---|
182 | by NSA/NIST. This code implements the fixed version of SHA.
|
---|
183 | */
|
---|
184 |
|
---|
185 | (vii) Support for AVL Trees is provided by code
|
---|
186 | from AVLTree which includes the following statement:
|
---|
187 |
|
---|
188 | /* zAVLTree.h: Header file for zAVLTrees.
|
---|
189 | * Copyright (C) 1998,2001 Michael H. Buselli
|
---|
190 | * This is version 0.1.3 (alpha).
|
---|
191 | * Generated from $Id: xAVLTree.h.sh,v 1.5 2001/06/07 06:58:28 cosine Exp $
|
---|
192 | *
|
---|
193 | * This library is free software; you can redistribute it and/or
|
---|
194 | * modify it under the terms of the GNU Library General Public
|
---|
195 | * License as published by the Free Software Foundation; either
|
---|
196 | * version 2 of the License, or (at your option) any later version.
|
---|
197 | *
|
---|
198 | * This library is distributed in the hope that it will be useful,
|
---|
199 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
200 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
---|
201 | * Library General Public License for more details.
|
---|
202 | *
|
---|
203 | * You should have received a copy of the GNU Library General Public
|
---|
204 | * License along with this library; if not, write to the Free
|
---|
205 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
---|
206 | *
|
---|
207 | * The author of this library can be reached at the following address:
|
---|
208 | * Michael H. Buselli
|
---|
209 | * 30051 N. Waukegan Rd. Apt. 103
|
---|
210 | * Lake Bluff, IL 60044-5412
|
---|
211 | *
|
---|
212 | * Or you can send email to <cosine@cosine.org>.
|
---|
213 | * The official web page for this product is:
|
---|
214 | * http://www.cosine.org/project/AVLTree/
|
---|
215 | */
|
---|
216 |
|
---|
217 | (viii) The modules sh_userfiles.c and sh_mounts.c have been
|
---|
218 | contributed by Eircom Net Computer Incident Response Team and
|
---|
219 | are authored by Jerry Connolly and Cian Synnott, respectively.
|
---|
220 |
|
---|
221 | They are released under the terms of the GNU General Public
|
---|
222 | License as published by the Free Software Foundation; either
|
---|
223 | version 2 of the License, or (at your option) any later version:
|
---|
224 |
|
---|
225 | "Feel free to GPL those files -
|
---|
226 | they were fully released by our company to the project.
|
---|
227 |
|
---|
228 | Cian
|
---|
229 |
|
---|
230 | --
|
---|
231 | Cian Synnott
|
---|
232 | Eircom Net Computer Incident Response Team"
|
---|
233 |
|
---|
234 | (ix) Enhanced functionality for the SUID check has been
|
---|
235 | contributed with a patch copyright by Rob Rati <rob.rati@motorola.com>.
|
---|
236 | The patch is licensed under the GPL with the following statement:
|
---|
237 |
|
---|
238 | "Here is the patch with the aforementioned feature enhancements, and I
|
---|
239 | license all changes within this patch under the GNU Public License (GPL)
|
---|
240 | GNU General Public License as published by the Free Software Foundation;
|
---|
241 | either version 2 of the License, or (at your option) any later version."
|
---|
242 |
|
---|
243 | (x) Unit testing uses the 'cutest' framework by Asim Jalis, (files
|
---|
244 | CuTest.h, CuTest.c, make-tests.sh) which is licensed under the zlib license:
|
---|
245 |
|
---|
246 | * Copyright (c) 2003 Asim Jalis
|
---|
247 | *
|
---|
248 | * This software is provided 'as-is', without any express or implied
|
---|
249 | * warranty. In no event will the authors be held liable for any damages
|
---|
250 | * arising from the use of this software.
|
---|
251 | *
|
---|
252 | * Permission is granted to anyone to use this software for any purpose,
|
---|
253 | * including commercial applications, and to alter it and redistribute it
|
---|
254 | * freely, subject to the following restrictions:
|
---|
255 | *
|
---|
256 | * 1. The origin of this software must not be misrepresented; you must not
|
---|
257 | * claim that you wrote the original software. If you use this software in
|
---|
258 | * a product, an acknowledgment in the product documentation would be
|
---|
259 | * appreciated but is not required.
|
---|
260 | *
|
---|
261 | * 2. Altered source versions must be plainly marked as such, and must not
|
---|
262 | * be misrepresented as being the original software.
|
---|
263 | *
|
---|
264 | * 3. This notice may not be removed or altered from any source
|
---|
265 | * distribution.
|
---|
266 |
|
---|
267 | (xi) The dnmalloc library used by samhain is Copyright (C) 2005, Yves Younan,
|
---|
268 | Wouter Joosen and Frank Piessens, and licensed under the LGPL:
|
---|
269 |
|
---|
270 | * This library is free software; you can redistribute it and/or
|
---|
271 | * modify it under the terms of the GNU Lesser General Public
|
---|
272 | * License as published by the Free Software Foundation; either
|
---|
273 | * version 2.1 of the License, or (at your option) any later version.
|
---|
274 | *
|
---|
275 | * This library is distributed in the hope that it will be useful,
|
---|
276 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
277 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
---|
278 | * Lesser General Public License for more details.
|
---|
279 | *
|
---|
280 | * You should have received a copy of the GNU Lesser General Public
|
---|
281 | * License along with this library; if not, write to the Free Software
|
---|
282 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
---|
283 |
|
---|
284 |
|
---|
285 | Other
|
---|
286 | -----
|
---|
287 |
|
---|
288 | Depending on the compilation options used, samhain may use the
|
---|
289 | SRP authentication algorithm (in an independent implementation,
|
---|
290 | without any use of code from the SRP software).
|
---|
291 | The original SRP software contains the following license statement:
|
---|
292 |
|
---|
293 | The SRP License
|
---|
294 | ---------------
|
---|
295 |
|
---|
296 | SRP and all related technologies are free for both commercial and
|
---|
297 | non-commercial use. They are distributed under a standard
|
---|
298 | X11-style Open Source license which is shown below.
|
---|
299 |
|
---|
300 | The SRP distribution contains parts from various freeware
|
---|
301 | packages; these parts fall under both the SRP Open Source license
|
---|
302 | and any existing licenses. Care has been taken to ensure that
|
---|
303 | these licenses are compatible with Open Source distribution,
|
---|
304 | but it is the responsibility of the licensee to comply with these
|
---|
305 | licenses. The file "Copyrights" contains a list of the copyrights
|
---|
306 | incorporated by portions of the software.
|
---|
307 |
|
---|
308 | This software is covered under the following copyright:
|
---|
309 |
|
---|
310 | /*
|
---|
311 | * Copyright (c) 1997-1999 The Stanford SRP Authentication Project
|
---|
312 | * All Rights Reserved.
|
---|
313 | *
|
---|
314 | * Permission is hereby granted, free of charge, to any person obtaining
|
---|
315 | * a copy of this software and associated documentation files (the
|
---|
316 | * "Software"), to deal in the Software without restriction, including
|
---|
317 | * without limitation the rights to use, copy, modify, merge, publish,
|
---|
318 | * distribute, sublicense, and/or sell copies of the Software, and to
|
---|
319 | * permit persons to whom the Software is furnished to do so, subject to
|
---|
320 | * the following conditions:
|
---|
321 | *
|
---|
322 | * The above copyright notice and this permission notice shall be
|
---|
323 | * included in all copies or substantial portions of the Software.
|
---|
324 | *
|
---|
325 | * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
|
---|
326 | * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
|
---|
327 | * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
---|
328 | *
|
---|
329 | * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
|
---|
330 | * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
|
---|
331 | * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
|
---|
332 | * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
|
---|
333 | * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
---|
334 | *
|
---|
335 | * In addition, the following conditions apply:
|
---|
336 | *
|
---|
337 | * 1. Any software that incorporates the SRP authentication technology
|
---|
338 | * must display the following acknowlegment:
|
---|
339 | * "This product uses the 'Secure Remote Password' cryptographic
|
---|
340 | * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)."
|
---|
341 | *
|
---|
342 | * 2. Any software that incorporates all or part of the SRP distribution
|
---|
343 | * itself must also display the following acknowledgment:
|
---|
344 | * "This product includes software developed by Tom Wu and Eugene
|
---|
345 | * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)."
|
---|
346 | *
|
---|
347 | * 3. Redistributions in source or binary form must retain an intact copy
|
---|
348 | * of this copyright notice and list of conditions.
|
---|
349 | */
|
---|