Host Integrity Monitoring Using Osiris and Samhain

Your IDS Just Detected an Attack: Was it Successful? This book is about one of the most crucial aspects of system and security management: host integrity protection. Fundamentally, host integrity protection is all about understanding the changes that occur on your system--friendly or hostile, deliberate or accidental--and understanding the impact of those changes. In other words, it's change control in a potentially hostile environment. Best of all, this book is written by Brian Wotring, who has designed and deployed host integrity monitoring systems, used them, and relied on their results. It's hard to overstate the value of such experience. Books like the one you're holding are the survival kits for the future of computing. They're full of the important clues that you're going to need if you want to be one of the survivors instead of the statistics.

--From the Foreword by Marcus J. Ranum

Detect Successful Attacks Determine exactly which attacks successfully compromised your host environment.
Download and Run Invaluable Scripts Use real-world scripts and configurations, which have been successfully deployed in enterprise host integrity monitoring solutions.
Perform Damage Assessment Understand the extent to which a host was compromised, and learn exactly how the attacker penetrated your defenses.
Reduce False Positives Learn how to dramatically reduce false positives, which can obfuscate your valuable, legitimate results.
Monitor Your Entire Environment Develop a solution to monitor files, users and groups, the kernel, open network ports, privileged executables, and other runtime elements.
Learn the Importance of Proper Planning Gain insight into successful planning, deployment, and administration of a working host integrity monitoring solution.
Master Defensive Techniques Learn how to mitigate attacks on the host integrity monitoring system itself.
Monitor Log Files and Create Notifications Use Swatch to monitor Osiris and Samhain log files, and create custom notification messages.
Establish Audit Trails Create trusted audit trails of activity that can prove invaluable in forensic investigations.

Your Solutions Membership Gives You Access to: A comprehensive FAQ page that consolidates all of the key points of this book into an easy-to-search Web page

"From the Author" Forum where the authors post timely updates and links to related sites

Custom, working scripts from the book.

Downloadable chapters from these best-selling books:

Snort 2.1 Intrusion Detection, Second Edition
Ethereal Packet Sniffing
Nessus Network Auditing
Microsoft Log Parser Toolkit

TOC

Chapter 1 Host Integrity

Chapter 2 Understanding the Terrain

Chapter 3 Understanding Threats

Chapter 4 Planning

Chapter 5 Host Integrity Monitoring with Open Source Tools

Chapter 6 Osiris

Chapter 7 Samhain

Chapter 8 Log Monitoring and Response

Chapter 9 Advanced Strategies

Appendix A Monitoring Linksys Devices

Appendix B Extending Osiris and Samhain with Modules

Appendix C Further Reading

For:$37.60
Product Rating:

5 Reviews
Info:
Set Price Alert Save to Wish List
Tags:
Marcus Ranum, Brian Wotring, Bruce Potter, Paperback, Amazon

BestDeal

$37.60 at Amazon

ComparePrices

SmartSort

title,desc	merchant	price	seeit
Host Integrity Monitoring Using... Pages: 450, Edition: 1, Paperback, Syngress	Amazon 11,406 reviews	$37.60 Coupon 1 coupon available Code:No Code Required Detail: FREE Shipping on orders over $25 at Amazon. Expires:Dec-31-2010 Restriction:Some restrictions apply. See site for details.	See it

*Shipping costs are based on an estimate of the lowest shipping rate available within the contiguous US, excluding Alaska and Hawaii. Only merchants with this product in stock are listed (Merchants with this product back ordered have been removed from this list).

Do you see a pricing error? Please let us know by filling out a simple form: Click here

MoreStores

Write a review

ProductReviews88/100 (5 Reviews)

Recent Reviews

4/5: From: Amazon; Posted: Sep-30-2005; Good introduction to Samhain and Osiris; This is a solid introduction to Samhain and Osiris. It stars slow with an introduction to the topic and some chapters on process and specification that feel more management level in style. Then there are the chapters that cover the...; read full review | report as inappropriate

5/5: From: Amazon; Posted: Sep-07-2005; HIGHLY RECOMMENDED; The information necessary for you to understand the what, why, and how of host integrity monitoring, can be found in this book. Authors Brian Wotring, Bruce Potter, Rainer Wichmann and Marcus Ranum, have done an outstanding job of...; read full review | report as inappropriate

4/5: From: Amazon; Posted: Sep-06-2005; When did this happen, and where else is this going on in you domain?; Host integrity monitoring is the process by which system and network administrators validate and enforce the security of their systems. This can be a complex suite of approaches, tools, and methodologies, and it can be as simple as...; read full review | report as inappropriate

4/5: From: Amazon; Posted: Aug-08-2005; Excellent one-of-a-kind book on an overlooked security discipline; Host Integrity Monitoring Using Osiris and Samhain (HIM) is an excellent book on a frequently overlooked security discipline. Most people who hear about host integrity monitoring nod their heads and agree that performing it is a good...; read full review | report as inappropriate

Selected Reviews

4/5: From: Amazon; Posted: Sep-30-2005; Good introduction to Samhain and Osiris; This is a solid introduction to Samhain and Osiris. It stars slow with an introduction to the topic and some chapters on process and specification that feel more management level in style. Then there are the chapters that cover the...; read full review | report as inappropriate