Description

This book will walk the reader through the process of preparing and deploying open source host integrity monitoring software, specifically, Osiris and Samhain. From the configuration and installation to maintenance, testing, and fine-tuning, this book will cover everything needed to correctly deploy a centralized host integrity monitoring solution. The domain includes home networks on up to large-scale enterprise environments. Throughout the book, realistic and practical configurations will be provided for common server and desktop platforms. By the end of the book, the reader will not only understand the strengths and limitations of host integrity tools, but also understand how to effectively make use of them in order to integrate them into a security policy.

Key Features

* Brian Wotring is the creator of Osiris. He speaks and writes frequently on Osiris for major magazines, Web sites, and trade shows. And, the book can be prominently marketed from the Osiris Web site * This is the first book published on host integrity monitoring, despite the widespread deployment of Osiris and Samhain * Host Integrity Monitoring is the only way to accurately determine if a malicious attacker has successfully compromised the security measures of your network

Table of Contents

Syngress Acknowledgments

Author

Technical Editor

Technical Reviewer

Foreword Contributor

Author Acknowledgments

Foreword

Preface

Chapter 1: Host Integrity

Introduction to Host Integrity

Introducing Host Integrity Monitoring

Arguments against Integrity Monitoring

Arguments for Integrity Monitoring

Summary

Solutions Fast Track

Chapter 2: Understanding the Terrain

Introduction

Users and Groups

Files and File Systems

The Kernel

Libraries and Frameworks

Runtime

Networking

Nonvolatile Memory

Summary

Solutions Fast Track

Chapter 3: Understanding Threats

Introduction

Malicious Software

Internal Threats

Rootkits

A Tour of Successful Worms

Circumventing Host Integrity Monitoring

Summary

Solutions Fast Track

Chapter 4: Planning

Introduction

Understanding the Big Picture

Understanding Roles: The Bank Analogy

Planning Principles

Requirements

Planning a Management Console

Summary

Solutions Fast Track

Chapter 5: Host Integrity Monitoring with Open Source Tools

Introduction

Osiris

Samhain

Summary

Solutions Fast Track

Chapter 6: Osiris

Introduction

Configuring and Building Osiris

Additional Deployment Considerations

Establishing a Management Console

Command-Line Interface

Scan Agents

Administering Osiris

Summary

Solutions Fast Track

Chapter 7: Samhain

Introduction

Features and Constraints

Deploying Samhain Stand-Alone

Deploying Samhain with Centralized Management

Using Beltane: The Web-Based Console

Summary

Solutions Fast Track

Chapter 8: Log Mon

Details

No. of pages:
450
Language:
English
Copyright:
© 2005
Published:
Imprint:
Syngress
Electronic ISBN:
9780080488943
Print ISBN:
9781597490184

About the author