Syngress OSSEC HIDS Host-Based Intrusion Detection Guide

Get an overview of the features of OSSEC including commonly used terminology, pre-install preparation, and deployment considerations.
Follow Steb-by-Step Installation Instructions
Walk through the installation process for the "local, agent, and "server" install types on some of the most popular operating systems available.
Master Configuration
Learn the basic configuration options for your install type and learn how to monitor log files, receive remote messages, configure email notification, and configure alert levels.
Work With Rules
Extract key information from logs using decoders and how you can leverage rules to alert you of strange occurrences on your network.
Understand System Integrity Check and Rootkit Detection
Monitor binary executable files, system configuration files, and the Microsoft Windows registry.
Configure Active Response
Configure the active response actions you want and bind the actions to specific rules and sequence of events.
Use the OSSEC Web User Interface
Install, configure, and use the community-developed, open source web interface available for OSSEC.
Play in the OSSEC VMware Environment Sandbox
Use the OSSEC HIDS VMware Guest image on the companion DVD to implement what you have learned in a sandbox-style environment.
Dig Deep into Data Log Mining
Take the high art of log analysis to the next level by breaking the dependence on the lists of strings or patterns to look for in the logs.

No comments: