How To Install stealth on Debian 12

Learn how to install stealth on Debian 12 with this tutorial. stealth is stealthy File Integrity Checker

Introduction

In this tutorial we learn how to install stealth on Debian 12.

What is stealth

stealth is:

The STEALTH program performs File Integrity Checks on (remote) clients. It differs from other File Integrity Checkers by not requiring baseline integrity data to be kept on either write-only media or in the client’s file system. In fact, clients will hardly contain any indication suggesting that they are being monitored, thus improving the stealthiness of the integrity scans.

STEALTH uses standard available software to perform file integrity checks (like find(1) and sha1sum(1)). Using individualized policy files, it is highly adaptable to the specific characteristics of its clients.

In production environments STEALTH should be run from an isolated computer (called the STEALTH monitor'). In optimal configurations the STEALTH monitor should be a computer not accepting incoming connections. The account used to connect to its clients does not have to be root’; usually read-access to the client’s file system is enough to perform a full integrity check. Instead of using `root’ a more restrictive administrative or ordinary account might offer all necessary requirements for the desired integrity check.

STEALTH itself must communicate with the computers it should monitor. It is essential that this communication is secure. STEALTH configurations therefore normally specify SSH as the command-shell to use for connecting to clients. STEALTH may be configured so as to use but one SSH connection per client, even if integrity scans are to be performed repeatedly. Apart from this, the STEALTH monitor is commonly allowed to send e-mail to remote client systems’ maintainers.

STEALTH-runs itself may start randomly within specified intervals. The resulting unpredicability of STEALTH-runs further increases STEALTH’s stealthiness.

STEALTH’s acronym is expanded to `Ssh-based Trust Enforcement Acquired through a Locally Trusted Host’: the client’s trust is enforced, the locally trusted host is the STEALTH monitor.

There are three methods to install stealth on Debian 12. We can use apt-get, apt and aptitude. In the following sections we will describe each method. You can choose one of them.

Install stealth Using apt-get

Update apt database with apt-get using the following command.

sudo apt-get update

After updating apt database, We can install stealth using apt-get by running the following command:

sudo apt-get -y install stealth

Install stealth Using apt

Update apt database with apt using the following command.

sudo apt update

After updating apt database, We can install stealth using apt by running the following command:

sudo apt -y install stealth

Install stealth Using aptitude

If you want to follow this method, you might need to install aptitude first since aptitude is usually not installed by default on Debian. Update apt database with aptitude using the following command.

sudo aptitude update

After updating apt database, We can install stealth using aptitude by running the following command:

sudo aptitude -y install stealth

How To Uninstall stealth on Debian 12

To uninstall only the stealth package we can use the following command:

sudo apt-get remove stealth

Uninstall stealth And Its Dependencies

To uninstall stealth and its dependencies that are no longer needed by Debian 12, we can use the command below:

sudo apt-get -y autoremove stealth

Remove stealth Configurations and Data

To remove stealth configuration and data from Debian 12 we can use the following command:

sudo apt-get -y purge stealth

Remove stealth configuration, data, and all of its dependencies

We can use the following command to remove stealth configurations, data and all of its dependencies, we can use the following command:

sudo apt-get -y autoremove --purge stealth

Dependencies

stealth have the following dependencies:

References

Summary

In this tutorial we learn how to install stealth package on Debian 12 using different package management tools: apt, apt-get and aptitude.