Show HN: Kekkai – a simple, fast file integrity monitoring tool in Go
5 hours ago
- #monitoring
- #file-integrity
- #security
- Kekkai is a Go tool for file integrity monitoring, detecting unauthorized file modifications by recording and verifying file hashes.
- The name 'Kekkai' means 'barrier' in Japanese, symbolizing protection against file tampering.
- Designed for production server environments, Kekkai addresses challenges with traditional tools like tar and rsync by focusing on content-only hashing.
- Key features include immutable exclude rules, symlink security, secure hash storage with S3, and tamper-resistant distribution.
- Kekkai is fast, secure, monitoring-ready, deterministic, and EC2-ready with IAM role authentication.
- Commands include generating manifests, verifying files, and integrating with S3 for secure, centralized management.
- Exclude patterns are used to skip server-generated files like logs and cache, while monitoring application dependencies.
- Comprehensive symlink security prevents attackers from hiding malicious changes through symlink manipulation.
- Performance optimizations include cache usage, rate limiting, and worker thread adjustments.
- Security recommendations include running with minimal privileges and using systemd for resource control.