OSSEC Host-Based Intrusion Detection Guide

Andrew Hay, Daniel Cid, Rory Bray

Editorial: Syngress, 2008
ISBN 10: 159749240X / ISBN 13: 9781597492409
Nuevos / Paperback / Cantidad: 0
Librería: Ergodebooks (RICHMOND, TX, Estados Unidos de America)
Disponible en otras librerías
Ver todos  los ejemplares de este libro

Sobre el libro

Lamentablemente este ejemplar en específico ya no está disponible. A continuación, le mostramos una lista de copias similares.

Descripción:

N° de ref. de la librería DADAX159749240X

Sobre este título:

Sinopsis:

This book is the definitive guide on the OSSEC Host-based Intrusion Detection system and frankly, to really use OSSEC you are going to need a definitive guide. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented...until now! The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and mitigate attacks on your systems. -- Stephen Northcutt

OSSEC determines if a host has been compromised in this manner by taking the equivalent of a picture of the host machine in its original, unaltered state. This "picture" captures the most relevant information about that machine's configuration. OSSEC saves this "picture" and then constantly compares it to the current state of that machine to identify anything that may have changed from the original configuration. Now, many of these changes are necessary, harmless, and authorized, such as a system administrator installing a new software upgrade, patch, or application. But, then there are the not-so-harmless changes, like the installation of a rootkit, trojan horse, or virus. Differentiating between the harmless and the not-so-harmless changes determines whether the system administrator or security professional is managing a secure, efficient network or a compromised network which might be funneling credit card numbers out to phishing gangs or storing massive amounts of pornography creating significant liability for that organization.

Separating the wheat from the chaff is by no means an easy task. Hence the need for this book. The book is co-authored by Daniel Cid, who is the founder and lead developer of the freely available OSSEC host-based IDS. As such, readers can be certain they are reading the most accurate, timely, and insightful information on OSSEC.



* Nominee for Best Book Bejtlich read in 2008!
* http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html
· Get Started with OSSEC
Get an overview of the features of OSSEC including commonly used terminology, pre-install preparation, and deployment considerations.
· Follow Steb-by-Step Installation Instructions
Walk through the installation process for the "local , “agent , and "server" install types on some of the most popular operating systems available.
· Master Configuration
Learn the basic configuration options for your install type and learn how to monitor log files, receive remote messages, configure email notification, and configure alert levels.
· Work With Rules
Extract key information from logs using decoders and how you can leverage rules to alert you of strange occurrences on your network.
· Understand System Integrity Check and Rootkit Detection
Monitor binary executable files, system configuration files, and the Microsoft Windows registry.
· Configure Active Response
Configure the active response actions you want and bind the actions to specific rules and sequence of events.
· Use the OSSEC Web User Interface
Install, configure, and use the community-developed, open source web interface available for OSSEC.
· Play in the OSSEC VMware Environment Sandbox
· Dig Deep into Data Log Mining
Take the “high art of log analysis to the next level by breaking the dependence on the lists of strings or patterns to look for in the logs.

About the Author: Rory Bray is senior software engineer at Q1 Labs Inc. with years of experience developing Internet and security related services. In addition to being a long-time advocate of Open Source software, Rory has developed a strong interest in network security and secure development practices. Rory has a diverse background which includes embedded development, web application design, software architecture, security consulting and technical editing. This broad range of experience provides a unique perspective on security solutions.

Daniel Cid is the creator and main developer of the OSSEC HIDS (Open Source Security Host Intrusion Detection System). Daniel has been working in the security area for many years, with a special interest in intrusion detection, log analysis and secure development. He is currently working at Q1 Labs Inc. as a software engineer. In the past, he worked at Sourcefire, NIH and Opensolutions. Daniel holds several industry certifications including the CCNP, GCIH, CISSP.

Andrew leads a team of software developers at Q1 Labs Inc. integrating 3rd party event and vulnerability data into QRadar, their flagship network security management solution. Prior to joining Q1 Labs, Andrew was CEO and co-founder of Koteas Corporation, a leading provider of end to end security and privacy solutions for government and enterprise. His resume also includes such organizations as Nokia Enterprise Solutions, Nortel Networks, and Magma Communications, a division of Primus. Andrew is a strong advocate of security training, certification programs, and public awareness initiatives. He also holds several industry certifications including the CCNA, CCSA, CCSE, CCSE NGX, CCSE Plus, Security+, GCIA, GCIH, SSP-MPA, SSP-CNSA, NSA, RHCT, and RHCE.

"Sobre este título" puede pertenecer a otra edición de este libro.

Detalles bibliográficos

Título: OSSEC Host-Based Intrusion Detection Guide
Editorial: Syngress
Año de publicación: 2008
Encuadernación: Paperback
Condición del libro: New

Los mejores resultados en AbeBooks

1.

Rory Bray, Daniel Cid, Andrew Hay
Editorial: Syngress (2008)
ISBN 10: 159749240X ISBN 13: 9781597492409
Usado Paperback Cantidad: 1
Librería
HPB-Dallas
(Dallas, TX, Estados Unidos de America)
Valoración
[?]

Descripción Syngress, 2008. Paperback. Estado de conservación: Good. Item may show signs of shelf wear. Pages may include limited notes and highlighting. Includes supplemental or companion materials if applicable. Access codes may or may not work. Connecting readers since 1972. Customer service is our top priority. Nº de ref. de la librería mon0000866441

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar usado
EUR 19,64
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 3,34
A Estados Unidos de America
Destinos, gastos y plazos de envío

2.

Rory Bray, Daniel Cid, Andrew Hay
Editorial: Syngress (2008)
ISBN 10: 159749240X ISBN 13: 9781597492409
Usado Paperback Cantidad: 1
Librería
HPB-California
(Dallas, TX, Estados Unidos de America)
Valoración
[?]

Descripción Syngress, 2008. Paperback. Estado de conservación: Good. Item may show signs of shelf wear. Pages may include limited notes and highlighting. Includes supplemental or companion materials if applicable. Access codes may or may not work. Connecting readers since 1972. Customer service is our top priority. Nº de ref. de la librería mon0000120382

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar usado
EUR 19,64
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 3,34
A Estados Unidos de America
Destinos, gastos y plazos de envío

3.

Andrew Hay, Daniel Cid, Rory Bray
Editorial: Syngress (2008)
ISBN 10: 159749240X ISBN 13: 9781597492409
Usado Paperback Cantidad: 1
Librería
HPB-Ohio
(Dallas, TX, Estados Unidos de America)
Valoración
[?]

Descripción Syngress, 2008. Paperback. Estado de conservación: Good. Item may show signs of shelf wear. Pages may include limited notes and highlighting. Includes supplemental or companion materials if applicable. Access codes may or may not work. Connecting readers since 1972. Customer service is our top priority. Nº de ref. de la librería mon0000879260

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar usado
EUR 21,51
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 3,34
A Estados Unidos de America
Destinos, gastos y plazos de envío

4.

Bray
Editorial: Syngress (2008)
ISBN 10: 159749240X ISBN 13: 9781597492409
Nuevos Cantidad: 5
Librería
Books2Anywhere
(Fairford, GLOS, Reino Unido)
Valoración
[?]

Descripción Syngress, 2008. PAP. Estado de conservación: New. New Book. Shipped from UK in 4 to 14 days. Established seller since 2000. Nº de ref. de la librería FD-9781597492409

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 31,45
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 10,16
De Reino Unido a Estados Unidos de America
Destinos, gastos y plazos de envío

5.

Rory Bray, Daniel Cid, Andrew Hay
Editorial: Syngress Media,U.S., United States (2008)
ISBN 10: 159749240X ISBN 13: 9781597492409
Nuevos Paperback Cantidad: 1
Librería
The Book Depository
(London, Reino Unido)
Valoración
[?]

Descripción Syngress Media,U.S., United States, 2008. Paperback. Estado de conservación: New. Language: English . Brand New Book. This book is the definitive guide on the OSSEC Host-based Intrusion Detection system and frankly, to really use OSSEC you are going to need a definitive guide. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented.until now! The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and mitigate attacks on your systems. -- Stephen Northcutt OSSEC determines if a host has been compromised in this manner by taking the equivalent of a picture of the host machine in its original, unaltered state. This picture captures the most relevant information about that machine s configuration. OSSEC saves this picture and then constantly compares it to the current state of that machine to identify anything that may have changed from the original configuration. Now, many of these changes are necessary, harmless, and authorized, such as a system administrator installing a new software upgrade, patch, or application. But, then there are the not-so-harmless changes, like the installation of a rootkit, trojan horse, or virus. Differentiating between the harmless and the not-so-harmless changes determines whether the system administrator or security professional is managing a secure, efficient network or a compromised network which might be funneling credit card numbers out to phishing gangs or storing massive amounts of pornography creating significant liability for that organization. Separating the wheat from the chaff is by no means an easy task. Hence the need for this book. The book is co-authored by Daniel Cid, who is the founder and lead developer of the freely available OSSEC host-based IDS. As such, readers can be certain they are reading the most accurate, timely, and insightful information on OSSEC. Nº de ref. de la librería AA59781597492409

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 34,69
Convertir moneda

Añadir al carrito

Gastos de envío: GRATIS
De Reino Unido a Estados Unidos de America
Destinos, gastos y plazos de envío

6.

Andrew Hay
ISBN 10: 159749240X ISBN 13: 9781597492409
Nuevos Cantidad: 2
Librería
Super textbook online
(Houston, TX, Estados Unidos de America)
Valoración
[?]

Descripción Estado de conservación: New. US Edition Book In Mint condition. Shipping with Trackable Method. Nº de ref. de la librería 159749240X-TOS

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 35,04
Convertir moneda

Añadir al carrito

Gastos de envío: GRATIS
A Estados Unidos de America
Destinos, gastos y plazos de envío

7.

Rory Bray, Daniel Cid, Andrew Hay
Editorial: Syngress Media,U.S., United States (2008)
ISBN 10: 159749240X ISBN 13: 9781597492409
Nuevos Paperback Cantidad: 1
Librería
The Book Depository US
(London, Reino Unido)
Valoración
[?]

Descripción Syngress Media,U.S., United States, 2008. Paperback. Estado de conservación: New. Language: English . Brand New Book. This book is the definitive guide on the OSSEC Host-based Intrusion Detection system and frankly, to really use OSSEC you are going to need a definitive guide. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented.until now! The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and mitigate attacks on your systems. -- Stephen Northcutt OSSEC determines if a host has been compromised in this manner by taking the equivalent of a picture of the host machine in its original, unaltered state. This picture captures the most relevant information about that machine s configuration. OSSEC saves this picture and then constantly compares it to the current state of that machine to identify anything that may have changed from the original configuration. Now, many of these changes are necessary, harmless, and authorized, such as a system administrator installing a new software upgrade, patch, or application. But, then there are the not-so-harmless changes, like the installation of a rootkit, trojan horse, or virus. Differentiating between the harmless and the not-so-harmless changes determines whether the system administrator or security professional is managing a secure, efficient network or a compromised network which might be funneling credit card numbers out to phishing gangs or storing massive amounts of pornography creating significant liability for that organization. Separating the wheat from the chaff is by no means an easy task. Hence the need for this book. The book is co-authored by Daniel Cid, who is the founder and lead developer of the freely available OSSEC host-based IDS. As such, readers can be certain they are reading the most accurate, timely, and insightful information on OSSEC. Nº de ref. de la librería AA59781597492409

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 35,04
Convertir moneda

Añadir al carrito

Gastos de envío: GRATIS
De Reino Unido a Estados Unidos de America
Destinos, gastos y plazos de envío

8.

Rory Bray, Daniel Cid, Andrew Hay
Editorial: Elsevier Science 2008-04-09, Rockland, Mass. :|[Oxford (2008)
ISBN 10: 159749240X ISBN 13: 9781597492409
Nuevos paperback Cantidad: 1
Librería
Blackwell's
(Oxford, OX, Reino Unido)
Valoración
[?]

Descripción Elsevier Science 2008-04-09, Rockland, Mass. :|[Oxford, 2008. paperback. Estado de conservación: New. Nº de ref. de la librería 9781597492409

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 36,27
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 6,78
De Reino Unido a Estados Unidos de America
Destinos, gastos y plazos de envío

9.

Bray
Editorial: Syngress 2008-04-09 (2008)
ISBN 10: 159749240X ISBN 13: 9781597492409
Nuevos Cantidad: 5
Librería
Chiron Media
(Wallingford, Reino Unido)
Valoración
[?]

Descripción Syngress 2008-04-09, 2008. Estado de conservación: New. Brand new book, sourced directly from publisher. Dispatch time is 24-48 hours from our warehouse. Book will be sent in robust, secure packaging to ensure it reaches you securely. Nº de ref. de la librería NU-ELS-00014940

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 36,75
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 3,38
De Reino Unido a Estados Unidos de America
Destinos, gastos y plazos de envío

10.

Andrew Hay
Editorial: Syngress 2008-03-17 (2008)
ISBN 10: 159749240X ISBN 13: 9781597492409
Nuevos Paperback Primera edición Cantidad: 1
Librería
Lost Books
(AUSTIN, TX, Estados Unidos de America)
Valoración
[?]

Descripción Syngress 2008-03-17, 2008. Paperback. Estado de conservación: New. 1St Edition. 159749240X. Nº de ref. de la librería 550735

Más información sobre esta librería | Hacer una pregunta a la librería

Comprar nuevo
EUR 39,55
Convertir moneda

Añadir al carrito

Gastos de envío: EUR 3,34
A Estados Unidos de America
Destinos, gastos y plazos de envío

Existen otras 10 copia(s) de este libro

Ver todos los resultados de su búsqueda