Host Integrity Monitoring Using Osiris and Samhain

Front Cover
Elsevier, Jul 25, 2005 - Computers - 450 pages
This book will walk the reader through the process of preparing and deploying open source host integrity monitoring software, specifically, Osiris and Samhain. From the configuration and installation to maintenance, testing, and fine-tuning, this book will cover everything needed to correctly deploy a centralized host integrity monitoring solution. The domain includes home networks on up to large-scale enterprise environments.


Throughout the book, realistic and practical configurations will be provided for common server and desktop platforms. By the end of the book, the reader will not only understand the strengths and limitations of host integrity tools, but also understand how to effectively make use of them in order to integrate them into a security policy.

* Brian Wotring is the creator of Osiris. He speaks and writes frequently on Osiris for major magazines, Web sites, and trade shows. And, the book can be prominently marketed from the Osiris Web site

* This is the first book published on host integrity monitoring, despite the widespread deployment of
Osiris and Samhain

* Host Integrity Monitoring is the only way to accurately determine if a malicious attacker has successfully compromised the security measures of your network
 

What people are saying - Write a review

We haven't found any reviews in the usual places.

Contents

Host Integrity
1
Understanding the Terrain
27
Understanding Threats
79
Planning
101
Host Integrity Monitoring with Open Source Tools
123
Osiris
141
Samhain
241
Log Monitoring and Response
307
Advanced Strategies
327
Monitoring Linksys Devices
367
Extending Osiris and Samhain with Modules
375
Additional Resources
395
Index
401
Related Titles
422
Copyright

Other editions - View all

Common terms and phrases

Popular passages

Page i - Just visit us at www.syngress.com/solutions and follow the simple registration process. You will need to have this book with you when you register. Thank you for giving us the opportunity to serve your needs. And be sure to let us know if there is anything else we can do to make your job easier.
Page 24 - Frequently Asked Questions The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the concepts presented in this chapter and to assist you with real-life implementation of these concepts. To have your questions about this chapter answered by the author, browse to www. syngress.com/solutions and click on the "Ask the Author
Page vii - Bruce Potter is a Senior Associate at Booz Allen Hamilton. Prior to working at Booz Allen Hamilton, Bruce served as a software security consultant for Cigital in Dulles, VA. Bruce is the founder of the Shmoo Group of security professionals. His areas of expertise include wireless security, large-scale network architectures, smartcards, and promotion of secure software engineering practices. Bruce coauthored the books 802 1 1 Security and Mac OS X Security. He was trained in computer science at the...

Bibliographic information