Host Integrity Monitoring Using Osiris and Samhain
- 1st Edition - July 3, 2005
- Latest edition
- Author: Brian Wotring
- Language: English
This book will walk the reader through the process of preparing and deploying open source host integrity monitoring software, specifically, Osiris and Samhain. From the… Read more
This book will walk the reader through the process of preparing and deploying open source host integrity monitoring software, specifically, Osiris and Samhain. From the configuration and installation to maintenance, testing, and fine-tuning, this book will cover everything needed to correctly deploy a centralized host integrity monitoring solution. The domain includes home networks on up to large-scale enterprise environments.
Throughout the book, realistic and practical configurations will be provided for common server and desktop platforms. By the end of the book, the reader will not only understand the strengths and limitations of host integrity tools, but also understand how to effectively make use of them in order to integrate them into a security policy.
Throughout the book, realistic and practical configurations will be provided for common server and desktop platforms. By the end of the book, the reader will not only understand the strengths and limitations of host integrity tools, but also understand how to effectively make use of them in order to integrate them into a security policy.
* Brian Wotring is the creator of Osiris. He speaks and writes frequently on Osiris for major magazines, Web sites, and trade shows. And, the book can be prominently marketed from the Osiris Web site
* This is the first book published on host integrity monitoring, despite the widespread deployment of
Osiris and Samhain
* Host Integrity Monitoring is the only way to accurately determine if a malicious attacker has successfully compromised the security measures of your network
* This is the first book published on host integrity monitoring, despite the widespread deployment of
Osiris and Samhain
* Host Integrity Monitoring is the only way to accurately determine if a malicious attacker has successfully compromised the security measures of your network
Syngress Acknowledgments
Author
Technical Editor
Technical Reviewer
Foreword Contributor
Author Acknowledgments
Foreword
Preface
Chapter 1: Host Integrity
Introduction to Host Integrity
Introducing Host Integrity Monitoring
Arguments against Integrity Monitoring
Arguments for Integrity Monitoring
Summary
Solutions Fast Track
Chapter 2: Understanding the Terrain
Introduction
Users and Groups
Files and File Systems
The Kernel
Libraries and Frameworks
Runtime
Networking
Nonvolatile Memory
Summary
Solutions Fast Track
Chapter 3: Understanding Threats
Introduction
Malicious Software
Internal Threats
Rootkits
A Tour of Successful Worms
Circumventing Host Integrity Monitoring
Summary
Solutions Fast Track
Chapter 4: Planning
Introduction
Understanding the Big Picture
Understanding Roles: The Bank Analogy
Planning Principles
Requirements
Planning a Management Console
Summary
Solutions Fast Track
Chapter 5: Host Integrity Monitoring with Open Source Tools
Introduction
Osiris
Samhain
Summary
Solutions Fast Track
Chapter 6: Osiris
Introduction
Configuring and Building Osiris
Additional Deployment Considerations
Establishing a Management Console
Command-Line Interface
Scan Agents
Administering Osiris
Summary
Solutions Fast Track
Chapter 7: Samhain
Introduction
Features and Constraints
Deploying Samhain Stand-Alone
Deploying Samhain with Centralized Management
Using Beltane: The Web-Based Console
Summary
Solutions Fast Track
Chapter 8: Log Monitoring and Response
Introduction
Log Monitoring
Incident Response
Summary
Solutions Fast Track
Chapter 9: Advanced Strategies
Introduction
Performing SUID/SGID Security Audits
Conducting Unscheduled Scans
Looking for Rogue Executables
Testing and Verification
Prebinding and Prelinking
Summary
Solutions Fast Track
Appendix A: Monitoring Linksys Devices
Appendix B: Extending Osiris and Samhain with Modules
Appendix C: Additional Resources
Index
- Edition: 1
- Latest edition
- Published: July 3, 2005
- Language: English
Read Host Integrity Monitoring Using Osiris and Samhain on ScienceDirect