OSSEC Host-Based Intrusion Detection Guide Book PDF, ePub eBook

Join our eBook service for unlimited books & audiobooks. Get a free 7 day subscription! ↓↓↓↓↓


Book Descriptions:

This book is the definitive guide on the OSSEC Host-based Intrusion Detection system and frankly, to really use OSSEC you are going to need a definitive guide. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented...until now! The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and mitigate attacks on your systems. -- Stephen Northcutt OSSEC determines if a host has been compromised in this manner by taking the equivalent of a picture of the host machine in its original, unaltered state. This "picture" captures the most relevant information about that machine's configuration. OSSEC saves this "picture" and then constantly compares it to the current state of that machine to identify anything that may have changed from the original configuration. Now, many of these changes are necessary, harmless, and authorized, such as a system administrator installing a new software upgrade, patch, or application. But, then there are the not-so-harmless changes, like the installation of a rootkit, trojan horse, or virus. Differentiating between the harmless and the not-so-harmless changes determines whether the system administrator or security professional is managing a secure, efficient network or a compromised network which might be funneling credit card numbers out to phishing gangs or storing massive amounts of pornography creating significant liability for that organization. Separating the wheat from the chaff is by no means an easy task. Hence the need for this book. The book is co-authored by Daniel Cid, who is the founder and lead developer of the freely available OSSEC host-based IDS. As such, readers can be certain they are reading the most accurate, timely, and insightful information on OSSEC.

All disc-based content for this title is now available on the Web.

* Nominee for Best Book Bejtlich read in 2008!
* http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html


• Get Started with OSSEC
Get an overview of the features of OSSEC including commonly used terminology, pre-install preparation, and deployment considerations.
• Follow Steb-by-Step Installation Instructions
Walk through the installation process for the "local”, “agent”, and "server" install types on some of the most popular operating systems available.
• Master Configuration
Learn the basic configuration options for your install type and learn how to monitor log files, receive remote messages, configure email notification, and configure alert levels.
• Work With Rules
Extract key information from logs using decoders and how you can leverage rules to alert you of strange occurrences on your network.
• Understand System Integrity Check and Rootkit Detection
Monitor binary executable files, system configuration files, and the Microsoft Windows registry.
• Configure Active Response
Configure the active response actions you want and bind the actions to specific rules and sequence of events.
• Use the OSSEC Web User Interface
Install, configure, and use the community-developed, open source web interface available for OSSEC.
• Play in the OSSEC VMware Environment Sandbox
• Dig Deep into Data Log Mining
Take the “high art” of log analysis to the next level by breaking the dependence on the lists of strings or patterns to look for in the logs.

OSSEC Host-Based Intrusion Detection Guide by Andrew Hay, Daniel Cid, Rory Bray

From reader reviews:

Lawrence Rector:

As people who live in the modest era should be change about what going on or details even knowledge to make them keep up with the era that is always change and move ahead. Some of you maybe can update themselves by reading books. It is a good choice for you but the problems coming to an individual is you don't know what kind you should start with. This OSSEC Host-Based Intrusion Detection Guide is our recommendation to help you keep up with the world. Why, as this book serves what you want and need in this era.

Arthur Haase:

Can you one of the book lovers? If yes, do you ever feeling doubt while you are in the book store? Attempt to pick one book that you find out the inside because don't determine book by its protect may doesn't work this is difficult job because you are scared that the inside maybe not while fantastic as in the outside appear likes. Maybe you answer is usually OSSEC Host-Based Intrusion Detection Guide why because the excellent cover that make you consider concerning the content will not disappoint you actually. The inside or content is fantastic as the outside or even cover. Your reading sixth sense will directly show you to pick up this book.

Johnny Sutton:

This OSSEC Host-Based Intrusion Detection Guide is brand new way for you who has curiosity to look for some information mainly because it relief your hunger details. Getting deeper you upon it getting knowledge more you know or you who still having bit of digest in reading this OSSEC Host-Based Intrusion Detection Guide can be the light food for you because the information inside that book is easy to get by simply anyone. These books create itself in the form which can be reachable by anyone, yes I mean in the e-book form. People who think that in guide form make them feel sleepy even dizzy this book is the answer. So there isn't any in reading a guide especially this one. You can find what you are looking for. It should be here for you actually. So , don't miss the idea! Just read this e-book sort for your better life along with knowledge.

Josie Garcia:

Don't be worry if you are afraid that this book can filled the space in your house, you may have it in e-book way, more simple and reachable. This OSSEC Host-Based Intrusion Detection Guide can give you a lot of good friends because by you looking at this one book you have factor that they don't and make an individual more like an interesting person. This particular book can be one of one step for you to get success. This guide offer you information that perhaps your friend doesn't know, by knowing more than other make you to be great men and women. So , why hesitate? We need to have OSSEC Host-Based Intrusion Detection Guide.