Host Integrity Monitoring Using Osiris and Samhain
This book will walk the reader through the process of preparing and deploying open source host integrity monitoring software, specifically, Osiris and Samhain. From the configuration and installation to maintenance, testing, and fine-tuning, this book will cover everything needed to correctly deploy a centralized host integrity monitoring solution. The domain includes home networks on up to large-scale enterprise environments.
Throughout the book, realistic and practical configurations will be provided for common server and desktop platforms. By the end of the book, the reader will not only understand the strengths and limitations of host integrity tools, but also understand how to effectively make use of them in order to integrate them into a security policy.
* Brian Wotring is the creator of Osiris. He speaks and writes frequently on Osiris for major magazines, Web sites, and trade shows. And, the book can be prominently marketed from the Osiris Web site
* This is the first book published on host integrity monitoring, despite the widespread deployment of
Osiris and Samhain
* Host Integrity Monitoring is the only way to accurately determine if a malicious attacker has successfully compromised the security measures of your network
What people are saying - Write a review
We haven't found any reviews in the usual places.
Other editions - View all
alert applications attacker baseline database Beltane Berkeley DB bin/ls Brian Wotring build environment chapter checksum command-line compromised configuration file configuration option created ctool daemon database file default deploy deployment enable establish example executable file permissions file system filter FreeBSD GnuPG grep host environment host integrity monitoring host’s hostname incident response inode install integrity monitoring system interface kernel modules Linux log file log messages login Mac OS X management console monitor the integrity monitored host network ports OpenSSL operating system Osiris and Samhain osirismd password Postgresql prebinding prelink privileges regular expressions resource fork root certificate rootkits runtime Samhain agent scan agent scan configuration scan data SGID source code specify stored SUID SUID and SGID SUID/SGID Swatch syslog trusted UNIX update user and group verify Windows worm Yule server
Page i - Just visit us at www.syngress.com/solutions and follow the simple registration process. You will need to have this book with you when you register. Thank you for giving us the opportunity to serve your needs. And be sure to let us know if there is anything else we can do to make your job easier.
Page 24 - Frequently Asked Questions The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the concepts presented in this chapter and to assist you with real-life implementation of these concepts. To have your questions about this chapter answered by the author, browse to www. syngress.com/solutions and click on the "Ask the Author
Page vii - Bruce Potter is a Senior Associate at Booz Allen Hamilton. Prior to working at Booz Allen Hamilton, Bruce served as a software security consultant for Cigital in Dulles, VA. Bruce is the founder of the Shmoo Group of security professionals. His areas of expertise include wireless security, large-scale network architectures, smartcards, and promotion of secure software engineering practices. Bruce coauthored the books 802 1 1 Security and Mac OS X Security. He was trained in computer science at the...