This file is indexed.

/usr/share/doc/samhain/manual.html/client-integrity.html is in samhain 4.1.4-2build1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
<html><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><title>3. Client executable integrity</title><link rel="stylesheet" type="text/css" href="docbook.css"><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"><link rel="home" href="index.html" title="The Samhain Host Integrity Monitoring System"><link rel="up" href="security-design.html" title="Chapter 12. Security Design"><link rel="prev" href="keypad.html" title="2. Integrity of the samhain executable"><link rel="next" href="server-security.html" title="4. The server"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><!--#if expr="! ($HTTP_USER_AGENT = /MSIE/)"--><!--#include virtual="/resources/ssi/header.html"--><!--#endif--><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">3. Client executable integrity</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="keypad.html">Prev</a> </td><th width="60%" align="center">Chapter 12. Security Design</th><td width="20%" align="right"> <a accesskey="n" href="server-security.html">Next</a></td></tr></table><hr></div><div class="sect1"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="client-integrity"></a>3. Client executable integrity</h2></div></div></div><p>If you use 
      <span class="application">samhain</span> in a
      client/server setup, the client needs to authenticate to the
      server using a password that is located within the client
      executable, at one of several possible places (where the
      valid place for your particular build is chosen at random at
      compile time). If the password is set, the alternative places
      are filled with random values.</p><p>Upon authentication to the server, client and server
      negotiate ephemeral keys for signing and encrypting further
      communication.</p><p>This implies that an intruder needs to analyse the
      running process to obtain knowledge of the signing/encryption
      keys in order to successfully fake a valid communication with
      the server, or she needs to analyse/disassemble the
      executable in order to find the password.</p></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="keypad.html">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="security-design.html">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="server-security.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">2. Integrity of the samhain executable </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> 4. The server</td></tr></table></div><!--#if expr="! ($HTTP_USER_AGENT = /MSIE/)"--><!--#include virtual="/resources/ssi/footer.html"--><!--#endif--></body></html>