{"id":17181927,"url":"https://github.com/cgzones/ctguard","last_synced_at":"2026-05-17T15:03:40.202Z","repository":{"id":54859957,"uuid":"142454264","full_name":"cgzones/ctguard","owner":"cgzones","description":"small hids","archived":false,"fork":false,"pushed_at":"2021-01-24T19:03:18.000Z","size":702,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-30T03:23:58.702Z","etag":null,"topics":["debian","filesystem-changes-monitor","hids","intrusion-detection","loganalyzer","security"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cgzones.png","metadata":{"files":{"readme":"Readme.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-07-26T14:42:04.000Z","updated_at":"2022-01-04T14:17:18.000Z","dependencies_parsed_at":"2022-08-14T05:00:35.875Z","dependency_job_id":null,"html_url":"https://github.com/cgzones/ctguard","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cgzones%2Fctguard","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cgzones%2Fctguard/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cgzones%2Fctguard/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cgzones%2Fctguard/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cgzones","download_url":"https://codeload.github.com/cgzones/ctguard/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245377956,"owners_count":20605375,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["debian","filesystem-changes-monitor","hids","intrusion-detection","loganalyzer","security"],"created_at":"2024-10-15T00:35:36.294Z","updated_at":"2025-10-29T05:01:52.011Z","avatar_url":"https://github.com/cgzones.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"![Build Status](https://github.com/cgzones/ctguard/workflows/Default%20Build%20Tests/badge.svg)\n[![Total Alerts](https://img.shields.io/lgtm/alerts/g/cgzones/ctguard.svg?logo=lgtm\u0026logoWidth=18)](https://lgtm.com/projects/g/cgzones/ctguard/alerts/)\n[![GitHub license](https://img.shields.io/badge/license-MIT-green.svg)](https://raw.githubusercontent.com/cgzones/ctguard/master/LICENSE)\n\n# ctguard\n\n- [Overview](#overview)\n- [Dependencies](#dependencies)\n- [Installation](#installation)\n- [License](#license)\n- [Third-Party Libraries](#third-party-libraries)\n\n## Overview\n\nctguard is a small host-based intrusion detection system ([hids](https://en.wikipedia.org/wiki/Host_based_intrusion_detection_system)) inspired by [ossec](https://www.ossec.net/).\n\nIts current features are:\n\n- rule based log analysis\n- detection of filesystem object changes/additions/deletions\n- intervening with custom actions\n\n## Dependencies\n\nTo build ctguard, a c++17 compliant compiler and standard library is needed, e.g:\n\n- GCC 7 and up\n- Clang 5.0 and up\n\nAlso sqlite3 develepment headers are needed, on Debian supplied by the package `libsqlite3-dev`.\n\nTo build the manpages, [asciidoctor](https://asciidoctor.org/) is required.\n\n## Installation\n\n### Debian\n\nThe simplest way to install ctguard on Debian (and derivates) is to build a package, by using the command `debuild -us -uc` from the package `devscripts`.\nThis generates a Debian package in the parent directory.\nSimply install it with `dpkg -i ../ctguard_*.deb`.\n\nctguard can then be later deinstalled by `apt purge ctguard`.\n\n### Generic\n\nThe first step is to build ctguard.\nRun `make USERMODE=1 -j binaries` in the ctguard directory as normal user.\nThen install run as root or via sudo `make full-install`.\nFinally enable and start ctguard: `systemctl enable ctguard-*` and `systemctl start ctguard-*`.\n\nTo deinstall ctguard first stop its services: `systemctl stop ctguard-*`.\nNow delete the remaining files: `rm -Rf /var/lib/ctguard /etc/ctguard /usr/sbin/ctguard-* /lib/systemd/system/ctguard-*`.\n\n## License\n\nctguard is licensed under the [MIT License](opensource.org/license/MIT):\n\nMIT License\n\nCopyright \u0026copy; 2018 Christian Göttsche\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n\n## Third-Party Libraries\n\nctguard uses three third-party libraries:\n\n- [dtl](https://github.com/cubicdaiya/dtl): diff template library licensed under the \"BSD License\"\n- [cereal](https://uscilab.github.io/cereal/): serialization library licensed under the \"BSD License\"\n- [sha2 by Aaron D. Gifford](https://www.aarongifford.com/computers/sha.html): a sha2 implementation licensed under the \"BSD License\"\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcgzones%2Fctguard","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcgzones%2Fctguard","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcgzones%2Fctguard/lists"}