Search
 Advanced SearchView Cart   Checkout   
 Location:  Home » Books » Privacy » OSSEC Host-Based Intrusion Detection GuideOctober 11, 2008  
Browse
Books
Computers
Electronics
Related Categories
• Privacy
Business & Culture
Computers & Internet
Subjects
Books
• Network Security
Networking
Computers & Internet
Subjects
Books
• General
Computers & Internet
Subjects
Books
• General
Operating Systems
Computers & Internet
Subjects
Books
• Paperback
Binding (binding)
Refinements
Books
• Printed Books
Format (feature_browse-bin)
Refinements
Books
OSSEC Host-Based Intrusion Detection Guide
OSSEC Host-Based Intrusion Detection Guide
Authors: Andrew Hay, Daniel Cid, Rory Bray
Publisher: Syngress
Category: Book

List Price: $59.95
Buy New: $47.99
You Save: $11.96 (20%)
Buy New/Used from $47.99

Avg. Customer Rating: 5.0 out of 5 stars(1 reviews)
Sales Rank: 425956

Languages: English (Original Language), English (Unknown), English (Published)
Media: Paperback
Number Of Items: 1
Pages: 416
Shipping Weight (lbs): 1.5
Dimensions (in): 9.1 x 7.5 x 0.9

ISBN: 159749240X
Dewey Decimal Number: 005
EAN: 9781597492409
ASIN: 159749240X

Publication Date: February 18, 2008
Availability: Usually ships in 1-2 business days
Similar Items:

  • Nmap in the Enterprise: Your Guide to Network Scanning
  • Penetration Tester's Open Source Toolkit, Volume 2
  • No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing
  • Virtual Honeypots: From Botnet Tracking to Intrusion Detection
  • Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research
Editorial Reviews:

Product Description
This book is the definitive guide on the OSSEC Host-based Intrusion Detection system and frankly, to really use OSSEC you are going to need a definitive guide. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented...until now! The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and mitigate attacks on your systems.
-- Stephen Northcutt
OSSEC determines if a host has been compromised in this manner by taking the equivalent of a picture of the host machine in its original, unaltered state. This ?picture? captures the most relevant information about that machine?s configuration. OSSEC saves this ?picture? and then constantly compares it to the current state of that machine to identify anything that may have changed from the original configuration. Now, many of these changes are necessary, harmless, and authorized, such as a system administrator installing a new software upgrade, patch, or application. But, then there are the not-so-harmless changes, like the installation of a rootkit, trojan horse, or virus. Differentiating between the harmless and the not-so-harmless changes determines whether the system administrator or security professional is managing a secure, efficient network or a compromised network which might be funneling credit card numbers out to phishing gangs or storing massive amounts of pornography creating significant liability for that organization.
Separating the wheat from the chaff is by no means an easy task. Hence the need for this book. The book is co-authored by Daniel Cid, who is the founder and lead developer of the freely available OSSEC host-based IDS. As such, readers can be certain they are reading the most accurate, timely, and insightful information on OSSEC.

.Get Started with OSSEC
Get an overview of the features of OSSEC including commonly used terminology, pre-install preparation, and deployment considerations.
.Follow Steb-by-Step Installation Instructions
Walk through the installation process for the "local", "agent", and "server" install types on some of the most popular operating systems available.
.Master Configuration
Learn the basic configuration options for your install type and learn how to monitor log files, receive remote messages, configure email notification, and configure alert levels.
.Work With Rules
Extract key information from logs using decoders and how you can leverage rules to alert you of strange occurrences on your network.
.Understand System Integrity Check and Rootkit Detection
Monitor binary executable files, system configuration files, and the Microsoft Windows registry.
.Configure Active Response
Configure the active response actions you want and bind the actions to specific rules and sequence of events.
.Use the OSSEC Web User Interface
Install, configure, and use the community-developed, open source web interface available for OSSEC.
.Play in the OSSEC VMware Environment Sandbox
Use the OSSEC HIDS VMware Guest image on the companion DVD to implement what you have learned in a sandbox-style environment.
.Dig Deep into Data Log Mining
Take the "high art" of log analysis to the next level by breaking the dependence on the lists of strings or patterns to look for in the logs.

Customer Reviews:

5 out of 5 stars Best book about Intrusion Detection!!   March 22, 2008
  0 out of 3 found this review helpful

It is a great book. It is very important for system, and security administrators who are responsable for protecting assets in their infrastructure.

Powered by: Dknc, inc. and Amazon.com


For your safety and security, orders are processed through amazon.com