Skip to main content
Elsevier
View Cart

Host Integrity Monitoring Using Osiris and Samhain

  • 1st Edition - July 3, 2005
  • Latest edition
  • Author: Brian Wotring
  • Language: English

This book will walk the reader through the process of preparing and deploying open source host integrity monitoring software, specifically, Osiris and Samhain. From the… Read more

World Book Day celebration

Where learning shapes lives

Up to 25% off trusted resources that support research, study, and discovery.

Explore resources

Description

This book will walk the reader through the process of preparing and deploying open source host integrity monitoring software, specifically, Osiris and Samhain. From the configuration and installation to maintenance, testing, and fine-tuning, this book will cover everything needed to correctly deploy a centralized host integrity monitoring solution. The domain includes home networks on up to large-scale enterprise environments.


Throughout the book, realistic and practical configurations will be provided for common server and desktop platforms. By the end of the book, the reader will not only understand the strengths and limitations of host integrity tools, but also understand how to effectively make use of them in order to integrate them into a security policy.

Key features

* Brian Wotring is the creator of Osiris. He speaks and writes frequently on Osiris for major magazines, Web sites, and trade shows. And, the book can be prominently marketed from the Osiris Web site

* This is the first book published on host integrity monitoring, despite the widespread deployment of
Osiris and Samhain

* Host Integrity Monitoring is the only way to accurately determine if a malicious attacker has successfully compromised the security measures of your network

Table of contents

Syngress Acknowledgments

Author

Technical Editor

Technical Reviewer

Foreword Contributor

Author Acknowledgments

Foreword

Preface

Chapter 1: Host Integrity

Introduction to Host Integrity

Introducing Host Integrity Monitoring

Arguments against Integrity Monitoring

Arguments for Integrity Monitoring

Summary

Solutions Fast Track

Chapter 2: Understanding the Terrain

Introduction

Users and Groups

Files and File Systems

The Kernel

Libraries and Frameworks

Runtime

Networking

Nonvolatile Memory

Summary

Solutions Fast Track

Chapter 3: Understanding Threats

Introduction

Malicious Software

Internal Threats

Rootkits

A Tour of Successful Worms

Circumventing Host Integrity Monitoring

Summary

Solutions Fast Track

Chapter 4: Planning

Introduction

Understanding the Big Picture

Understanding Roles: The Bank Analogy

Planning Principles

Requirements

Planning a Management Console

Summary

Solutions Fast Track

Chapter 5: Host Integrity Monitoring with Open Source Tools

Introduction

Osiris

Samhain

Summary

Solutions Fast Track

Chapter 6: Osiris

Introduction

Configuring and Building Osiris

Additional Deployment Considerations

Establishing a Management Console

Command-Line Interface

Scan Agents

Administering Osiris

Summary

Solutions Fast Track

Chapter 7: Samhain

Introduction

Features and Constraints

Deploying Samhain Stand-Alone

Deploying Samhain with Centralized Management

Using Beltane: The Web-Based Console

Summary

Solutions Fast Track

Chapter 8: Log Monitoring and Response

Introduction

Log Monitoring

Incident Response

Summary

Solutions Fast Track

Chapter 9: Advanced Strategies

Introduction

Performing SUID/SGID Security Audits

Conducting Unscheduled Scans

Looking for Rogue Executables

Testing and Verification

Prebinding and Prelinking

Summary

Solutions Fast Track

Appendix A: Monitoring Linksys Devices

Appendix B: Extending Osiris and Samhain with Modules

Appendix C: Additional Resources

Index

Product details

  • Edition: 1
  • Latest edition
  • Published: July 3, 2005
  • Language: English

View book on ScienceDirect

Read Host Integrity Monitoring Using Osiris and Samhain on ScienceDirect