[1] | 1 |
|
---|
| 2 | SAMHAIN distributed host monitoring system
|
---|
| 3 | ------------------------------------------
|
---|
| 4 |
|
---|
| 5 | Copyright (C) 1999-2004 Rainer Wichmann
|
---|
| 6 |
|
---|
| 7 | This program is free software; you can redistribute it and/or modify
|
---|
| 8 | it under the terms of the GNU General Public License as published by
|
---|
| 9 | the Free Software Foundation; either version 2 of the License, or
|
---|
| 10 | (at your option) any later version.
|
---|
| 11 |
|
---|
| 12 | This program is distributed in the hope that it will be useful,
|
---|
| 13 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 15 | GNU General Public License for more details.
|
---|
| 16 |
|
---|
| 17 | You should have received a copy of the GNU General Public License
|
---|
| 18 | along with this program; if not, write to the Free Software
|
---|
| 19 | Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
---|
| 20 |
|
---|
| 21 |
|
---|
| 22 | Incorporated code
|
---|
| 23 | -----------------
|
---|
| 24 |
|
---|
| 25 | (i) Support for the TIGER cryptographic checksum algorithm
|
---|
| 26 | is provided by the reference implementation, which includes
|
---|
| 27 | the following statement:
|
---|
| 28 |
|
---|
| 29 | * Tiger: A Fast New Hash Function
|
---|
| 30 | *
|
---|
| 31 | * Ross Anderson and Eli Biham
|
---|
| 32 | *
|
---|
| 33 | * Tiger has no usage restrictions nor patents. It can be used freely,
|
---|
| 34 | * with the reference implementation,
|
---|
| 35 | * with other implementations or with
|
---|
| 36 | * a modification to the reference implementation (as long as it still
|
---|
| 37 | * implements Tiger). We only ask you to let us know about your
|
---|
| 38 | * implementation and to cite the origin of Tiger and of the reference
|
---|
| 39 | * implementation.
|
---|
| 40 | *
|
---|
| 41 | * The authors' home pages can be found both in
|
---|
| 42 | * http://www.cs.technion.ac.il/~biham/ and in
|
---|
| 43 | * http://www.cl.cam.ac.uk/users/rja14/.
|
---|
| 44 | * The authors' email addresses are biham@cs.technion.ac.il
|
---|
| 45 | * and rja14@cl.cam.ac.uk.
|
---|
| 46 |
|
---|
| 47 |
|
---|
| 48 |
|
---|
| 49 | (ii) Support for testing write access by untrusted users
|
---|
| 50 | to any element in the path of a file is provided by the
|
---|
| 51 | public domain trustfile library, which includes the following
|
---|
| 52 | statement:
|
---|
| 53 |
|
---|
| 54 | * Author information:
|
---|
| 55 | * Matt Bishop
|
---|
| 56 | * Department of Computer Science
|
---|
| 57 | * University of California at Davis
|
---|
| 58 | * Davis, CA 95616-8562
|
---|
| 59 | * phone (916) 752-8060
|
---|
| 60 | * email bishop@cs.ucdavis.edu
|
---|
| 61 | *
|
---|
| 62 | * This code is placed in the public domain. I do ask that
|
---|
| 63 | * you keep my name associated with it, that you not represent
|
---|
| 64 | * it as written by you, and that you preserve these comments.
|
---|
| 65 | * This software is provided "as is" and without any guarantees
|
---|
| 66 | * of any sort.
|
---|
| 67 |
|
---|
| 68 | (iii) Support for big integer arithmetic is provided by the bignum
|
---|
| 69 | package (v. 1.2) by Henrik.Johansson@Nexus.Comm.SE,
|
---|
| 70 | which includes the following statement:
|
---|
| 71 |
|
---|
| 72 | * Everyone is allowed to distribute this package to anyone
|
---|
| 73 | * else, as long as all changes are recorded and mentioned.
|
---|
| 74 | * If you are including this in a commercial product, be sure
|
---|
| 75 | * to distribute _all_ of the package with the product.
|
---|
| 76 | *
|
---|
| 77 | * (...writing more stuff here later, but I guess everyone
|
---|
| 78 | * knows the approximate contents of it - no warranty, no
|
---|
| 79 | * charge, and so on. I guess it is like the GNU concept.
|
---|
| 80 | * Read that for further details...)
|
---|
| 81 |
|
---|
| 82 | (iv) Support for compression is provided by the (mini) LZO library,
|
---|
| 83 | which includes the following statement:
|
---|
| 84 |
|
---|
| 85 | * Copyright (C) 1999 Markus Franz Xaver Johannes Oberhumer
|
---|
| 86 | * Copyright (C) 1998 Markus Franz Xaver Johannes Oberhumer
|
---|
| 87 | * Copyright (C) 1997 Markus Franz Xaver Johannes Oberhumer
|
---|
| 88 | * Copyright (C) 1996 Markus Franz Xaver Johannes Oberhumer
|
---|
| 89 | *
|
---|
| 90 | * The LZO library is free software; you can redistribute it and/or
|
---|
| 91 | * modify it under the terms of the GNU General Public License as
|
---|
| 92 | * published by the Free Software Foundation; either version 2 of
|
---|
| 93 | * the License, or (at your option) any later version.
|
---|
| 94 | *
|
---|
| 95 | * The LZO library is distributed in the hope that it will be useful,
|
---|
| 96 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 97 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 98 | * GNU General Public License for more details.
|
---|
| 99 | *
|
---|
| 100 | * You should have received a copy of the GNU General Public License
|
---|
| 101 | * along with the LZO library; see the file COPYING.
|
---|
| 102 | * If not, write to the Free Software Foundation, Inc.,
|
---|
| 103 | * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
---|
| 104 | *
|
---|
| 105 | * Markus F.X.J. Oberhumer
|
---|
| 106 | * <markus.oberhumer@jk.uni-linz.ac.at>
|
---|
| 107 | * http://wildsau.idv.uni-linz.ac.at/mfx/lzo.html
|
---|
| 108 |
|
---|
| 109 | (v) Support for determining the type of a file system is provided by
|
---|
| 110 | code from the GNU find(1) utility which includes the following statement:
|
---|
| 111 |
|
---|
| 112 | /* fstype.c -- determine type of filesystems that files are on
|
---|
| 113 | Copyright (C) 1990, 91, 92, 93, 94 Free Software Foundation, Inc.
|
---|
| 114 |
|
---|
| 115 | This program is free software; you can redistribute it and/or modify
|
---|
| 116 | it under the terms of the GNU General Public License as published by
|
---|
| 117 | the Free Software Foundation; either version 2, or (at your option)
|
---|
| 118 | any later version.
|
---|
| 119 |
|
---|
| 120 | This program is distributed in the hope that it will be useful,
|
---|
| 121 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 122 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 123 | GNU General Public License for more details.
|
---|
| 124 |
|
---|
| 125 | You should have received a copy of the GNU General Public License
|
---|
| 126 | along with this program; if not, write to the Free Software
|
---|
| 127 | Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
|
---|
| 128 |
|
---|
| 129 | /* Written by David MacKenzie <djm@gnu.ai.mit.edu>. */
|
---|
| 130 |
|
---|
| 131 |
|
---|
| 132 | (vi) Support for the MD5 hash algorithm is provided by code
|
---|
[30] | 133 | from busybox which is distributed under the GPL.
|
---|
[1] | 134 |
|
---|
[30] | 135 | /* md5.c - Functions to compute MD5 message digest of files or memory blocks
|
---|
| 136 | * according to the definition of MD5 in RFC 1321 from April 1992.
|
---|
| 137 | * Copyright (C) 1995, 1996 Free Software Foundation, Inc.
|
---|
| 138 | *
|
---|
| 139 | * NOTE: The canonical source of this file is maintained with the GNU C
|
---|
| 140 | * Library. Bugs can be reported to bug-glibc@prep.ai.mit.edu.
|
---|
| 141 | *
|
---|
| 142 | * This program is free software; you can redistribute it and/or modify it
|
---|
| 143 | * under the terms of the GNU General Public License as published by the
|
---|
| 144 | * Free Software Foundation; either version 2, or (at your option) any
|
---|
| 145 | * later version.
|
---|
| 146 | *
|
---|
| 147 | * This program is distributed in the hope that it will be useful,
|
---|
| 148 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 149 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 150 | * GNU General Public License for more details.
|
---|
| 151 | *
|
---|
| 152 | * You should have received a copy of the GNU General Public License
|
---|
| 153 | * along with this program; if not, write to the Free Software Foundation,
|
---|
| 154 | * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
---|
| 155 | */
|
---|
[1] | 156 |
|
---|
[30] | 157 | /* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. */
|
---|
| 158 |
|
---|
| 159 |
|
---|
[1] | 160 | (vi) Support for the SHA-1 hash algorithm is provided by code
|
---|
| 161 | from mhash which includes the following statement:
|
---|
| 162 |
|
---|
| 163 | /* sha.c - Implementation of the Secure Hash Algorithm
|
---|
| 164 | *
|
---|
| 165 | * Copyright (C) 1995, A.M. Kuchling
|
---|
| 166 | *
|
---|
| 167 | * Distribute and use freely; there are no restrictions on further
|
---|
| 168 | * dissemination and usage except those imposed by the laws of your
|
---|
| 169 | * country of residence.
|
---|
| 170 | *
|
---|
| 171 | * Adapted to pike and some cleanup by Niels Möller.
|
---|
| 172 | */
|
---|
| 173 |
|
---|
| 174 | /* $Id: sha1.c,v 1.2 2001/01/24 08:20:29 nmav Exp $ */
|
---|
| 175 |
|
---|
| 176 | /* SHA: NIST's Secure Hash Algorithm */
|
---|
| 177 |
|
---|
| 178 | /* Based on SHA code originally posted to sci.crypt by Peter Gutmann
|
---|
| 179 | in message <30ajo5$oe8@ccu2.auckland.ac.nz>.
|
---|
| 180 | Modified to test for endianness on creation of SHA objects by AMK.
|
---|
| 181 | Also, the original specification of SHA was found to have a weakness
|
---|
| 182 | by NSA/NIST. This code implements the fixed version of SHA.
|
---|
| 183 | */
|
---|
| 184 |
|
---|
| 185 | (vii) Support for AVL Trees is provided by code
|
---|
| 186 | from AVLTree which includes the following statement:
|
---|
| 187 |
|
---|
| 188 | /* zAVLTree.h: Header file for zAVLTrees.
|
---|
| 189 | * Copyright (C) 1998,2001 Michael H. Buselli
|
---|
| 190 | * This is version 0.1.3 (alpha).
|
---|
| 191 | * Generated from $Id: xAVLTree.h.sh,v 1.5 2001/06/07 06:58:28 cosine Exp $
|
---|
| 192 | *
|
---|
| 193 | * This library is free software; you can redistribute it and/or
|
---|
| 194 | * modify it under the terms of the GNU Library General Public
|
---|
| 195 | * License as published by the Free Software Foundation; either
|
---|
| 196 | * version 2 of the License, or (at your option) any later version.
|
---|
| 197 | *
|
---|
| 198 | * This library is distributed in the hope that it will be useful,
|
---|
| 199 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 200 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
---|
| 201 | * Library General Public License for more details.
|
---|
| 202 | *
|
---|
| 203 | * You should have received a copy of the GNU Library General Public
|
---|
| 204 | * License along with this library; if not, write to the Free
|
---|
| 205 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
---|
| 206 | *
|
---|
| 207 | * The author of this library can be reached at the following address:
|
---|
| 208 | * Michael H. Buselli
|
---|
| 209 | * 30051 N. Waukegan Rd. Apt. 103
|
---|
| 210 | * Lake Bluff, IL 60044-5412
|
---|
| 211 | *
|
---|
| 212 | * Or you can send email to <cosine@cosine.org>.
|
---|
| 213 | * The official web page for this product is:
|
---|
| 214 | * http://www.cosine.org/project/AVLTree/
|
---|
| 215 | */
|
---|
| 216 |
|
---|
| 217 | (viii) The modules sh_userfiles.c and sh_mounts.c have been
|
---|
| 218 | contributed by Eircom Net Computer Incident Response Team and
|
---|
| 219 | are authored by Jerry Connolly and Cian Synnott, respectively.
|
---|
| 220 |
|
---|
| 221 | They are released under the terms of the GNU General Public
|
---|
| 222 | License as published by the Free Software Foundation; either
|
---|
| 223 | version 2 of the License, or (at your option) any later version:
|
---|
| 224 |
|
---|
| 225 | "Feel free to GPL those files -
|
---|
| 226 | they were fully released by our company to the project.
|
---|
| 227 |
|
---|
| 228 | Cian
|
---|
| 229 |
|
---|
| 230 | --
|
---|
| 231 | Cian Synnott
|
---|
| 232 | Eircom Net Computer Incident Response Team"
|
---|
| 233 |
|
---|
| 234 | (ix) Enhanced functionality for the SUID check has been
|
---|
| 235 | contributed with a patch copyright by Rob Rati <rob.rati@motorola.com>.
|
---|
| 236 | The patch is licensed under the GPL with the following statement:
|
---|
| 237 |
|
---|
| 238 | "Here is the patch with the aforementioned feature enhancements, and I
|
---|
| 239 | license all changes within this patch under the GNU Public License (GPL)
|
---|
| 240 | GNU General Public License as published by the Free Software Foundation;
|
---|
| 241 | either version 2 of the License, or (at your option) any later version."
|
---|
| 242 |
|
---|
[18] | 243 | (x) Unit testing uses the 'cutest' framework by Asim Jalis, (files
|
---|
| 244 | CuTest.h, CuTest.c, make-tests.sh) which is licensed under the zlib license:
|
---|
[1] | 245 |
|
---|
[18] | 246 | * Copyright (c) 2003 Asim Jalis
|
---|
| 247 | *
|
---|
| 248 | * This software is provided 'as-is', without any express or implied
|
---|
| 249 | * warranty. In no event will the authors be held liable for any damages
|
---|
| 250 | * arising from the use of this software.
|
---|
| 251 | *
|
---|
| 252 | * Permission is granted to anyone to use this software for any purpose,
|
---|
| 253 | * including commercial applications, and to alter it and redistribute it
|
---|
| 254 | * freely, subject to the following restrictions:
|
---|
| 255 | *
|
---|
| 256 | * 1. The origin of this software must not be misrepresented; you must not
|
---|
| 257 | * claim that you wrote the original software. If you use this software in
|
---|
| 258 | * a product, an acknowledgment in the product documentation would be
|
---|
| 259 | * appreciated but is not required.
|
---|
| 260 | *
|
---|
| 261 | * 2. Altered source versions must be plainly marked as such, and must not
|
---|
| 262 | * be misrepresented as being the original software.
|
---|
| 263 | *
|
---|
| 264 | * 3. This notice may not be removed or altered from any source
|
---|
| 265 | * distribution.
|
---|
| 266 |
|
---|
[171] | 267 | (xi) The dnmalloc library used by samhain is Copyright (C) 2005, Yves Younan,
|
---|
| 268 | Wouter Joosen and Frank Piessens, and licensed under the LGPL:
|
---|
[18] | 269 |
|
---|
[171] | 270 | * This library is free software; you can redistribute it and/or
|
---|
| 271 | * modify it under the terms of the GNU Lesser General Public
|
---|
| 272 | * License as published by the Free Software Foundation; either
|
---|
| 273 | * version 2.1 of the License, or (at your option) any later version.
|
---|
| 274 | *
|
---|
| 275 | * This library is distributed in the hope that it will be useful,
|
---|
| 276 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 277 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
---|
| 278 | * Lesser General Public License for more details.
|
---|
| 279 | *
|
---|
| 280 | * You should have received a copy of the GNU Lesser General Public
|
---|
| 281 | * License along with this library; if not, write to the Free Software
|
---|
| 282 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
---|
| 283 |
|
---|
| 284 |
|
---|
[1] | 285 | Other
|
---|
| 286 | -----
|
---|
| 287 |
|
---|
| 288 | Depending on the compilation options used, samhain may use the
|
---|
| 289 | SRP authentication algorithm (in an independent implementation,
|
---|
| 290 | without any use of code from the SRP software).
|
---|
| 291 | The original SRP software contains the following license statement:
|
---|
| 292 |
|
---|
| 293 | The SRP License
|
---|
| 294 | ---------------
|
---|
| 295 |
|
---|
| 296 | SRP and all related technologies are free for both commercial and
|
---|
| 297 | non-commercial use. They are distributed under a standard
|
---|
| 298 | X11-style Open Source license which is shown below.
|
---|
| 299 |
|
---|
| 300 | The SRP distribution contains parts from various freeware
|
---|
| 301 | packages; these parts fall under both the SRP Open Source license
|
---|
| 302 | and any existing licenses. Care has been taken to ensure that
|
---|
| 303 | these licenses are compatible with Open Source distribution,
|
---|
| 304 | but it is the responsibility of the licensee to comply with these
|
---|
| 305 | licenses. The file "Copyrights" contains a list of the copyrights
|
---|
| 306 | incorporated by portions of the software.
|
---|
| 307 |
|
---|
| 308 | This software is covered under the following copyright:
|
---|
| 309 |
|
---|
| 310 | /*
|
---|
| 311 | * Copyright (c) 1997-1999 The Stanford SRP Authentication Project
|
---|
| 312 | * All Rights Reserved.
|
---|
| 313 | *
|
---|
| 314 | * Permission is hereby granted, free of charge, to any person obtaining
|
---|
| 315 | * a copy of this software and associated documentation files (the
|
---|
| 316 | * "Software"), to deal in the Software without restriction, including
|
---|
| 317 | * without limitation the rights to use, copy, modify, merge, publish,
|
---|
| 318 | * distribute, sublicense, and/or sell copies of the Software, and to
|
---|
| 319 | * permit persons to whom the Software is furnished to do so, subject to
|
---|
| 320 | * the following conditions:
|
---|
| 321 | *
|
---|
| 322 | * The above copyright notice and this permission notice shall be
|
---|
| 323 | * included in all copies or substantial portions of the Software.
|
---|
| 324 | *
|
---|
| 325 | * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
|
---|
| 326 | * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
|
---|
| 327 | * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
---|
| 328 | *
|
---|
| 329 | * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
|
---|
| 330 | * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
|
---|
| 331 | * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
|
---|
| 332 | * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
|
---|
| 333 | * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
---|
| 334 | *
|
---|
| 335 | * In addition, the following conditions apply:
|
---|
| 336 | *
|
---|
| 337 | * 1. Any software that incorporates the SRP authentication technology
|
---|
| 338 | * must display the following acknowlegment:
|
---|
| 339 | * "This product uses the 'Secure Remote Password' cryptographic
|
---|
| 340 | * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)."
|
---|
| 341 | *
|
---|
| 342 | * 2. Any software that incorporates all or part of the SRP distribution
|
---|
| 343 | * itself must also display the following acknowledgment:
|
---|
| 344 | * "This product includes software developed by Tom Wu and Eugene
|
---|
| 345 | * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)."
|
---|
| 346 | *
|
---|
| 347 | * 3. Redistributions in source or binary form must retain an intact copy
|
---|
| 348 | * of this copyright notice and list of conditions.
|
---|
| 349 | */
|
---|