Host Integrity Monitoring Using Osiris and Samhain

Host Integrity Monitoring Using Osiris and Samhain

1st Edition - July 3, 2005

Write a review

  • Author: Brian Wotring
  • eBook ISBN: 9780080488943

Purchase options

Purchase options
DRM-free (PDF, Mobi, EPub)
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order

Description

This book will walk the reader through the process of preparing and deploying open source host integrity monitoring software, specifically, Osiris and Samhain. From the configuration and installation to maintenance, testing, and fine-tuning, this book will cover everything needed to correctly deploy a centralized host integrity monitoring solution. The domain includes home networks on up to large-scale enterprise environments.Throughout the book, realistic and practical configurations will be provided for common server and desktop platforms. By the end of the book, the reader will not only understand the strengths and limitations of host integrity tools, but also understand how to effectively make use of them in order to integrate them into a security policy.

Key Features

* Brian Wotring is the creator of Osiris. He speaks and writes frequently on Osiris for major magazines, Web sites, and trade shows. And, the book can be prominently marketed from the Osiris Web site

* This is the first book published on host integrity monitoring, despite the widespread deployment of
Osiris and Samhain

* Host Integrity Monitoring is the only way to accurately determine if a malicious attacker has successfully compromised the security measures of your network

Table of Contents

  • Syngress Acknowledgments

    Author

    Technical Editor

    Technical Reviewer

    Foreword Contributor

    Author Acknowledgments

    Foreword

    Preface

    Chapter 1: Host Integrity

    Introduction to Host Integrity

    Introducing Host Integrity Monitoring

    Arguments against Integrity Monitoring

    Arguments for Integrity Monitoring

    Summary

    Solutions Fast Track

    Chapter 2: Understanding the Terrain

    Introduction

    Users and Groups

    Files and File Systems

    The Kernel

    Libraries and Frameworks

    Runtime

    Networking

    Nonvolatile Memory

    Summary

    Solutions Fast Track

    Chapter 3: Understanding Threats

    Introduction

    Malicious Software

    Internal Threats

    Rootkits

    A Tour of Successful Worms

    Circumventing Host Integrity Monitoring

    Summary

    Solutions Fast Track

    Chapter 4: Planning

    Introduction

    Understanding the Big Picture

    Understanding Roles: The Bank Analogy

    Planning Principles

    Requirements

    Planning a Management Console

    Summary

    Solutions Fast Track

    Chapter 5: Host Integrity Monitoring with Open Source Tools

    Introduction

    Osiris

    Samhain

    Summary

    Solutions Fast Track

    Chapter 6: Osiris

    Introduction

    Configuring and Building Osiris

    Additional Deployment Considerations

    Establishing a Management Console

    Command-Line Interface

    Scan Agents

    Administering Osiris

    Summary

    Solutions Fast Track

    Chapter 7: Samhain

    Introduction

    Features and Constraints

    Deploying Samhain Stand-Alone

    Deploying Samhain with Centralized Management

    Using Beltane: The Web-Based Console

    Summary

    Solutions Fast Track

    Chapter 8: Log Monitoring and Response

    Introduction

    Log Monitoring

    Incident Response

    Summary

    Solutions Fast Track

    Chapter 9: Advanced Strategies

    Introduction

    Performing SUID/SGID Security Audits

    Conducting Unscheduled Scans

    Looking for Rogue Executables

    Testing and Verification

    Prebinding and Prelinking

    Summary

    Solutions Fast Track

    Appendix A: Monitoring Linksys Devices

    Appendix B: Extending Osiris and Samhain with Modules

    Appendix C: Additional Resources

    Index

Product details

  • No. of pages: 450
  • Language: English
  • Copyright: © Syngress 2005
  • Published: July 3, 2005
  • Imprint: Syngress
  • eBook ISBN: 9780080488943

About the Author

Brian Wotring

Ratings and Reviews

Write a review

There are currently no reviews for "Host Integrity Monitoring Using Osiris and Samhain"