[1] | 1 |
|
---|
| 2 | SAMHAIN distributed host monitoring system
|
---|
| 3 | ------------------------------------------
|
---|
| 4 |
|
---|
[209] | 5 | Copyright (C) 1999-2009 Rainer Wichmann
|
---|
[1] | 6 |
|
---|
| 7 | This program is free software; you can redistribute it and/or modify
|
---|
| 8 | it under the terms of the GNU General Public License as published by
|
---|
| 9 | the Free Software Foundation; either version 2 of the License, or
|
---|
| 10 | (at your option) any later version.
|
---|
| 11 |
|
---|
| 12 | This program is distributed in the hope that it will be useful,
|
---|
| 13 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 14 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 15 | GNU General Public License for more details.
|
---|
| 16 |
|
---|
| 17 | You should have received a copy of the GNU General Public License
|
---|
| 18 | along with this program; if not, write to the Free Software
|
---|
[209] | 19 | Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
---|
[1] | 20 |
|
---|
[531] | 21 | On Debian-based systems, see /usr/share/common-licenses
|
---|
[1] | 22 |
|
---|
| 23 | Incorporated code
|
---|
| 24 | -----------------
|
---|
| 25 |
|
---|
| 26 | (i) Support for the TIGER cryptographic checksum algorithm
|
---|
| 27 | is provided by the reference implementation, which includes
|
---|
| 28 | the following statement:
|
---|
| 29 |
|
---|
| 30 | * Tiger: A Fast New Hash Function
|
---|
| 31 | *
|
---|
| 32 | * Ross Anderson and Eli Biham
|
---|
| 33 | *
|
---|
| 34 | * Tiger has no usage restrictions nor patents. It can be used freely,
|
---|
| 35 | * with the reference implementation,
|
---|
| 36 | * with other implementations or with
|
---|
| 37 | * a modification to the reference implementation (as long as it still
|
---|
| 38 | * implements Tiger). We only ask you to let us know about your
|
---|
| 39 | * implementation and to cite the origin of Tiger and of the reference
|
---|
| 40 | * implementation.
|
---|
| 41 | *
|
---|
| 42 | * The authors' home pages can be found both in
|
---|
| 43 | * http://www.cs.technion.ac.il/~biham/ and in
|
---|
| 44 | * http://www.cl.cam.ac.uk/users/rja14/.
|
---|
| 45 | * The authors' email addresses are biham@cs.technion.ac.il
|
---|
| 46 | * and rja14@cl.cam.ac.uk.
|
---|
| 47 |
|
---|
| 48 |
|
---|
| 49 |
|
---|
| 50 | (ii) Support for testing write access by untrusted users
|
---|
| 51 | to any element in the path of a file is provided by the
|
---|
| 52 | public domain trustfile library, which includes the following
|
---|
| 53 | statement:
|
---|
| 54 |
|
---|
| 55 | * Author information:
|
---|
| 56 | * Matt Bishop
|
---|
| 57 | * Department of Computer Science
|
---|
| 58 | * University of California at Davis
|
---|
| 59 | * Davis, CA 95616-8562
|
---|
| 60 | * phone (916) 752-8060
|
---|
| 61 | * email bishop@cs.ucdavis.edu
|
---|
| 62 | *
|
---|
| 63 | * This code is placed in the public domain. I do ask that
|
---|
| 64 | * you keep my name associated with it, that you not represent
|
---|
| 65 | * it as written by you, and that you preserve these comments.
|
---|
| 66 | * This software is provided "as is" and without any guarantees
|
---|
| 67 | * of any sort.
|
---|
| 68 |
|
---|
| 69 | (iii) Support for big integer arithmetic is provided by the bignum
|
---|
| 70 | package (v. 1.2) by Henrik.Johansson@Nexus.Comm.SE,
|
---|
| 71 | which includes the following statement:
|
---|
| 72 |
|
---|
| 73 | * Everyone is allowed to distribute this package to anyone
|
---|
| 74 | * else, as long as all changes are recorded and mentioned.
|
---|
| 75 | * If you are including this in a commercial product, be sure
|
---|
| 76 | * to distribute _all_ of the package with the product.
|
---|
| 77 | *
|
---|
| 78 | * (...writing more stuff here later, but I guess everyone
|
---|
| 79 | * knows the approximate contents of it - no warranty, no
|
---|
| 80 | * charge, and so on. I guess it is like the GNU concept.
|
---|
| 81 | * Read that for further details...)
|
---|
| 82 |
|
---|
| 83 | (iv) Support for compression is provided by the (mini) LZO library,
|
---|
| 84 | which includes the following statement:
|
---|
| 85 |
|
---|
| 86 | * Copyright (C) 1999 Markus Franz Xaver Johannes Oberhumer
|
---|
| 87 | * Copyright (C) 1998 Markus Franz Xaver Johannes Oberhumer
|
---|
| 88 | * Copyright (C) 1997 Markus Franz Xaver Johannes Oberhumer
|
---|
| 89 | * Copyright (C) 1996 Markus Franz Xaver Johannes Oberhumer
|
---|
| 90 | *
|
---|
| 91 | * The LZO library is free software; you can redistribute it and/or
|
---|
| 92 | * modify it under the terms of the GNU General Public License as
|
---|
| 93 | * published by the Free Software Foundation; either version 2 of
|
---|
| 94 | * the License, or (at your option) any later version.
|
---|
| 95 | *
|
---|
| 96 | * The LZO library is distributed in the hope that it will be useful,
|
---|
| 97 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 98 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 99 | * GNU General Public License for more details.
|
---|
| 100 | *
|
---|
| 101 | * You should have received a copy of the GNU General Public License
|
---|
| 102 | * along with the LZO library; see the file COPYING.
|
---|
| 103 | * If not, write to the Free Software Foundation, Inc.,
|
---|
[209] | 104 | * 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
---|
[1] | 105 | *
|
---|
| 106 | * Markus F.X.J. Oberhumer
|
---|
| 107 | * <markus.oberhumer@jk.uni-linz.ac.at>
|
---|
| 108 | * http://wildsau.idv.uni-linz.ac.at/mfx/lzo.html
|
---|
| 109 |
|
---|
| 110 | (v) Support for determining the type of a file system is provided by
|
---|
| 111 | code from the GNU find(1) utility which includes the following statement:
|
---|
| 112 |
|
---|
| 113 | /* fstype.c -- determine type of filesystems that files are on
|
---|
| 114 | Copyright (C) 1990, 91, 92, 93, 94 Free Software Foundation, Inc.
|
---|
| 115 |
|
---|
| 116 | This program is free software; you can redistribute it and/or modify
|
---|
| 117 | it under the terms of the GNU General Public License as published by
|
---|
| 118 | the Free Software Foundation; either version 2, or (at your option)
|
---|
| 119 | any later version.
|
---|
| 120 |
|
---|
| 121 | This program is distributed in the hope that it will be useful,
|
---|
| 122 | but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 123 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 124 | GNU General Public License for more details.
|
---|
| 125 |
|
---|
| 126 | You should have received a copy of the GNU General Public License
|
---|
| 127 | along with this program; if not, write to the Free Software
|
---|
[209] | 128 | Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA */
|
---|
[1] | 129 |
|
---|
| 130 | /* Written by David MacKenzie <djm@gnu.ai.mit.edu>. */
|
---|
| 131 |
|
---|
| 132 |
|
---|
| 133 | (vi) Support for the MD5 hash algorithm is provided by code
|
---|
[30] | 134 | from busybox which is distributed under the GPL.
|
---|
[1] | 135 |
|
---|
[30] | 136 | /* md5.c - Functions to compute MD5 message digest of files or memory blocks
|
---|
| 137 | * according to the definition of MD5 in RFC 1321 from April 1992.
|
---|
| 138 | * Copyright (C) 1995, 1996 Free Software Foundation, Inc.
|
---|
| 139 | *
|
---|
| 140 | * NOTE: The canonical source of this file is maintained with the GNU C
|
---|
| 141 | * Library. Bugs can be reported to bug-glibc@prep.ai.mit.edu.
|
---|
| 142 | *
|
---|
| 143 | * This program is free software; you can redistribute it and/or modify it
|
---|
| 144 | * under the terms of the GNU General Public License as published by the
|
---|
| 145 | * Free Software Foundation; either version 2, or (at your option) any
|
---|
| 146 | * later version.
|
---|
| 147 | *
|
---|
| 148 | * This program is distributed in the hope that it will be useful,
|
---|
| 149 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 150 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
| 151 | * GNU General Public License for more details.
|
---|
| 152 | *
|
---|
| 153 | * You should have received a copy of the GNU General Public License
|
---|
| 154 | * along with this program; if not, write to the Free Software Foundation,
|
---|
[209] | 155 | * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
---|
[30] | 156 | */
|
---|
[1] | 157 |
|
---|
[30] | 158 | /* Written by Ulrich Drepper <drepper@gnu.ai.mit.edu>, 1995. */
|
---|
| 159 |
|
---|
| 160 |
|
---|
[1] | 161 | (vi) Support for the SHA-1 hash algorithm is provided by code
|
---|
| 162 | from mhash which includes the following statement:
|
---|
| 163 |
|
---|
| 164 | /* sha.c - Implementation of the Secure Hash Algorithm
|
---|
| 165 | *
|
---|
| 166 | * Copyright (C) 1995, A.M. Kuchling
|
---|
| 167 | *
|
---|
| 168 | * Distribute and use freely; there are no restrictions on further
|
---|
| 169 | * dissemination and usage except those imposed by the laws of your
|
---|
| 170 | * country of residence.
|
---|
| 171 | *
|
---|
[209] | 172 | * Adapted to pike and some cleanup by Niels Möller.
|
---|
[1] | 173 | */
|
---|
| 174 |
|
---|
| 175 | /* $Id: sha1.c,v 1.2 2001/01/24 08:20:29 nmav Exp $ */
|
---|
| 176 |
|
---|
| 177 | /* SHA: NIST's Secure Hash Algorithm */
|
---|
| 178 |
|
---|
| 179 | /* Based on SHA code originally posted to sci.crypt by Peter Gutmann
|
---|
| 180 | in message <30ajo5$oe8@ccu2.auckland.ac.nz>.
|
---|
| 181 | Modified to test for endianness on creation of SHA objects by AMK.
|
---|
| 182 | Also, the original specification of SHA was found to have a weakness
|
---|
| 183 | by NSA/NIST. This code implements the fixed version of SHA.
|
---|
| 184 | */
|
---|
| 185 |
|
---|
| 186 | (vii) Support for AVL Trees is provided by code
|
---|
| 187 | from AVLTree which includes the following statement:
|
---|
| 188 |
|
---|
| 189 | /* zAVLTree.h: Header file for zAVLTrees.
|
---|
| 190 | * Copyright (C) 1998,2001 Michael H. Buselli
|
---|
| 191 | * This is version 0.1.3 (alpha).
|
---|
| 192 | * Generated from $Id: xAVLTree.h.sh,v 1.5 2001/06/07 06:58:28 cosine Exp $
|
---|
| 193 | *
|
---|
| 194 | * This library is free software; you can redistribute it and/or
|
---|
| 195 | * modify it under the terms of the GNU Library General Public
|
---|
| 196 | * License as published by the Free Software Foundation; either
|
---|
| 197 | * version 2 of the License, or (at your option) any later version.
|
---|
| 198 | *
|
---|
| 199 | * This library is distributed in the hope that it will be useful,
|
---|
| 200 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 201 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
---|
| 202 | * Library General Public License for more details.
|
---|
| 203 | *
|
---|
| 204 | * You should have received a copy of the GNU Library General Public
|
---|
| 205 | * License along with this library; if not, write to the Free
|
---|
[209] | 206 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
|
---|
[1] | 207 | *
|
---|
| 208 | * The author of this library can be reached at the following address:
|
---|
| 209 | * Michael H. Buselli
|
---|
| 210 | * 30051 N. Waukegan Rd. Apt. 103
|
---|
| 211 | * Lake Bluff, IL 60044-5412
|
---|
| 212 | *
|
---|
| 213 | * Or you can send email to <cosine@cosine.org>.
|
---|
| 214 | * The official web page for this product is:
|
---|
| 215 | * http://www.cosine.org/project/AVLTree/
|
---|
| 216 | */
|
---|
| 217 |
|
---|
| 218 | (viii) The modules sh_userfiles.c and sh_mounts.c have been
|
---|
| 219 | contributed by Eircom Net Computer Incident Response Team and
|
---|
| 220 | are authored by Jerry Connolly and Cian Synnott, respectively.
|
---|
| 221 |
|
---|
| 222 | They are released under the terms of the GNU General Public
|
---|
| 223 | License as published by the Free Software Foundation; either
|
---|
| 224 | version 2 of the License, or (at your option) any later version:
|
---|
| 225 |
|
---|
| 226 | "Feel free to GPL those files -
|
---|
| 227 | they were fully released by our company to the project.
|
---|
| 228 |
|
---|
| 229 | Cian
|
---|
| 230 |
|
---|
| 231 | --
|
---|
| 232 | Cian Synnott
|
---|
| 233 | Eircom Net Computer Incident Response Team"
|
---|
| 234 |
|
---|
| 235 | (ix) Enhanced functionality for the SUID check has been
|
---|
| 236 | contributed with a patch copyright by Rob Rati <rob.rati@motorola.com>.
|
---|
| 237 | The patch is licensed under the GPL with the following statement:
|
---|
| 238 |
|
---|
| 239 | "Here is the patch with the aforementioned feature enhancements, and I
|
---|
| 240 | license all changes within this patch under the GNU Public License (GPL)
|
---|
| 241 | GNU General Public License as published by the Free Software Foundation;
|
---|
| 242 | either version 2 of the License, or (at your option) any later version."
|
---|
| 243 |
|
---|
[18] | 244 | (x) Unit testing uses the 'cutest' framework by Asim Jalis, (files
|
---|
| 245 | CuTest.h, CuTest.c, make-tests.sh) which is licensed under the zlib license:
|
---|
[1] | 246 |
|
---|
[18] | 247 | * Copyright (c) 2003 Asim Jalis
|
---|
| 248 | *
|
---|
| 249 | * This software is provided 'as-is', without any express or implied
|
---|
| 250 | * warranty. In no event will the authors be held liable for any damages
|
---|
| 251 | * arising from the use of this software.
|
---|
| 252 | *
|
---|
| 253 | * Permission is granted to anyone to use this software for any purpose,
|
---|
| 254 | * including commercial applications, and to alter it and redistribute it
|
---|
| 255 | * freely, subject to the following restrictions:
|
---|
| 256 | *
|
---|
| 257 | * 1. The origin of this software must not be misrepresented; you must not
|
---|
| 258 | * claim that you wrote the original software. If you use this software in
|
---|
| 259 | * a product, an acknowledgment in the product documentation would be
|
---|
| 260 | * appreciated but is not required.
|
---|
| 261 | *
|
---|
| 262 | * 2. Altered source versions must be plainly marked as such, and must not
|
---|
| 263 | * be misrepresented as being the original software.
|
---|
| 264 | *
|
---|
| 265 | * 3. This notice may not be removed or altered from any source
|
---|
| 266 | * distribution.
|
---|
| 267 |
|
---|
[171] | 268 | (xi) The dnmalloc library used by samhain is Copyright (C) 2005, Yves Younan,
|
---|
| 269 | Wouter Joosen and Frank Piessens, and licensed under the LGPL:
|
---|
[18] | 270 |
|
---|
[171] | 271 | * This library is free software; you can redistribute it and/or
|
---|
| 272 | * modify it under the terms of the GNU Lesser General Public
|
---|
| 273 | * License as published by the Free Software Foundation; either
|
---|
| 274 | * version 2.1 of the License, or (at your option) any later version.
|
---|
| 275 | *
|
---|
| 276 | * This library is distributed in the hope that it will be useful,
|
---|
| 277 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
| 278 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
---|
| 279 | * Lesser General Public License for more details.
|
---|
| 280 | *
|
---|
| 281 | * You should have received a copy of the GNU Lesser General Public
|
---|
| 282 | * License along with this library; if not, write to the Free Software
|
---|
| 283 | * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
---|
| 284 |
|
---|
| 285 |
|
---|
[1] | 286 | Other
|
---|
| 287 | -----
|
---|
| 288 |
|
---|
| 289 | Depending on the compilation options used, samhain may use the
|
---|
| 290 | SRP authentication algorithm (in an independent implementation,
|
---|
| 291 | without any use of code from the SRP software).
|
---|
| 292 | The original SRP software contains the following license statement:
|
---|
| 293 |
|
---|
| 294 | The SRP License
|
---|
| 295 | ---------------
|
---|
| 296 |
|
---|
| 297 | SRP and all related technologies are free for both commercial and
|
---|
| 298 | non-commercial use. They are distributed under a standard
|
---|
| 299 | X11-style Open Source license which is shown below.
|
---|
| 300 |
|
---|
| 301 | The SRP distribution contains parts from various freeware
|
---|
| 302 | packages; these parts fall under both the SRP Open Source license
|
---|
| 303 | and any existing licenses. Care has been taken to ensure that
|
---|
| 304 | these licenses are compatible with Open Source distribution,
|
---|
| 305 | but it is the responsibility of the licensee to comply with these
|
---|
| 306 | licenses. The file "Copyrights" contains a list of the copyrights
|
---|
| 307 | incorporated by portions of the software.
|
---|
| 308 |
|
---|
| 309 | This software is covered under the following copyright:
|
---|
| 310 |
|
---|
| 311 | /*
|
---|
| 312 | * Copyright (c) 1997-1999 The Stanford SRP Authentication Project
|
---|
| 313 | * All Rights Reserved.
|
---|
| 314 | *
|
---|
| 315 | * Permission is hereby granted, free of charge, to any person obtaining
|
---|
| 316 | * a copy of this software and associated documentation files (the
|
---|
| 317 | * "Software"), to deal in the Software without restriction, including
|
---|
| 318 | * without limitation the rights to use, copy, modify, merge, publish,
|
---|
| 319 | * distribute, sublicense, and/or sell copies of the Software, and to
|
---|
| 320 | * permit persons to whom the Software is furnished to do so, subject to
|
---|
| 321 | * the following conditions:
|
---|
| 322 | *
|
---|
| 323 | * The above copyright notice and this permission notice shall be
|
---|
| 324 | * included in all copies or substantial portions of the Software.
|
---|
| 325 | *
|
---|
| 326 | * THE SOFTWARE IS PROVIDED "AS-IS" AND WITHOUT WARRANTY OF ANY KIND,
|
---|
| 327 | * EXPRESS, IMPLIED OR OTHERWISE, INCLUDING WITHOUT LIMITATION, ANY
|
---|
| 328 | * WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
|
---|
| 329 | *
|
---|
| 330 | * IN NO EVENT SHALL STANFORD BE LIABLE FOR ANY SPECIAL, INCIDENTAL,
|
---|
| 331 | * INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER
|
---|
| 332 | * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF
|
---|
| 333 | * THE POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT
|
---|
| 334 | * OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
---|
| 335 | *
|
---|
| 336 | * In addition, the following conditions apply:
|
---|
| 337 | *
|
---|
| 338 | * 1. Any software that incorporates the SRP authentication technology
|
---|
| 339 | * must display the following acknowlegment:
|
---|
| 340 | * "This product uses the 'Secure Remote Password' cryptographic
|
---|
| 341 | * authentication system developed by Tom Wu (tjw@CS.Stanford.EDU)."
|
---|
| 342 | *
|
---|
| 343 | * 2. Any software that incorporates all or part of the SRP distribution
|
---|
| 344 | * itself must also display the following acknowledgment:
|
---|
| 345 | * "This product includes software developed by Tom Wu and Eugene
|
---|
| 346 | * Jhong for the SRP Distribution (http://srp.stanford.edu/srp/)."
|
---|
| 347 | *
|
---|
| 348 | * 3. Redistributions in source or binary form must retain an intact copy
|
---|
| 349 | * of this copyright notice and list of conditions.
|
---|
| 350 | */
|
---|