Ias: a file monitoring tool
  Copyright (C) 2001 German Viscuso
  E-mail: netquake@netquake.com.ar
 
  This program is free software; you can redistribute it and/or modify
  it , under the terms of the GNU General Public License as published
  by the Free Software Foundation; either version 2 of the License,
  or (at your option) any later version.
 
  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
  See the GNU General Public License for more details.
 
  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

*** Briefing

 This is client/server application (based on AF_INET sockets) developed under
Linux Mandrake 7.2 and 8.0 (kernel 2.4.3-20) using plain c language.
 The purpose of this software is to let the user monitor a directory
tree on a remote machine by creating snapshots of current file status in order 
to later detect file modification, addition and/or removal.
 To achieve this the remote monitored machine runs a server
which authenticates client requests and recurse the requested directory
computing a hash of its files. This information is sent back to the client whose 
responsability is to verify file integrity by comparing it against a 
previous snapshot.


*** Comments

ias is useful to monitor software installation and/or track general file 
movement in your directory hierarchy. Currently ias cannot restore (undo) 
a previous snapshot.

ias can monitor files remotely or just within your local machine.

iasd, the server, authenticates your request and sends back a hashed
status of your files.

iasclient verifies reception integrity from the server and then proceeds to
make a new snapshot or compare with a previous one.

Currently the server transmits binary structures directly.

Currently transmission between client/server is *not* encrypted.

Snapshots are stored along with an md5 file for your peace of mind!

Currently the analysis function is just there for demonstration purposes only
and cannot be considered serious programming (too slow and stupid).

I avoided dynamic memory allocation for the sake of simplicity, but this 
situation may change soon.


*** Usage

NOTE: iasd requires root privileges initially to authenticate the user, 
it then forks children that recurse directories having 'setuid' 
to authenticated user.

To test ias run the server in foreground and in verbose mode:

./iasd -n -f -v

Then take a snapshot of a directory:

./iasclient -u yourUsername -P yourPassword -v -d /yourDir -f yourSnapshotFile

The snapshot file will be created along with an md5 sum file.
Default port 5000 and localhost are assumed since no -h or -p options 
are present. Current uid is assumed if you don't enter a username.
Password is prompted if you skip the -P option.

Later check current directory status against your previous snapshot:

./iasclient -v -f yourSnapshotFile

Username and host info is extracted from your snapshot file
(you'll have to provide a password though).

Notice that you have to be a registered user within the machine running
the server (or authentication will fail).
You can skip almost all options, defaults are assumed. 


*** TODO

- Fix packet authentication function (authpkt() currently not working)
- Do a serious analysis function (compare snapshots)
- Find design security flaws (spec. within the server)
- Make ias portable to other unixes flavours
- Improve signal handling in both client and server.
- Transmission encryption
- Handle file exclusions
- Redesign auxiliary functions (see util.c)
- Tag extraction is poorly done, should choose new tags.
- Optimization of recursive directory tree traversal function (now using static structures)
- A option for recursive dir traversal (otherwise stay in one dir)
- Add some automation and alarm (or e-mail warning) routines. - A better Makefile
- A more robust communication protocol perhaps?
- Review correctness of the structure passed for each file.
- Fix several inconsistencies and clean up all the mess!.
- Develop a JAVA client for ias

Ias: a file monitoring tool
by German Viscuso netquake@netquake.com.ar