Instant OSSEC Host-based Intrusion Detection System

A hands-on guide exploring OSSEC HIDS for operational and security awareness
Preview in Mapt

Instant OSSEC Host-based Intrusion Detection System

Brad Lhotsky

A hands-on guide exploring OSSEC HIDS for operational and security awareness

Quick links: > What will you learn?> Table of content

Mapt Subscription
FREE
$29.99/m after trial
eBook
$14.00
RRP $19.99
Save 29%
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$14.00
$29.99 p/m after trial
RRP $19.99
Subscription
eBook
Start 14 Day Trial

Frequently bought together


Instant OSSEC Host-based Intrusion Detection System Book Cover
Instant OSSEC Host-based Intrusion Detection System
$ 19.99
$ 14.00
Learning Network Forensics Book Cover
Learning Network Forensics
$ 39.99
$ 28.00
Buy 2 for $31.50
Save $28.48
Add to Cart

Book Details

ISBN 139781782167648
Paperback62 pages

Book Description

Security software is often expensive, restricting, burdensome, and noisy. OSSEC-HIDS was designed to avoid getting in your way and to allow you to take control of and extract real value from industry security requirements. OSSEC-HIDS is a comprehensive, robust solution to many common security problems faced in organizations of all sizes.

"Instant OSSEC-HIDS" is a practical guide to take you from beginner to power user through recipes designed based on real- world experiences. Recipes are designed to provide instant impact while containing enough detail to allow the reader to further explore the possibilities. Using real world examples, this book will take you from installing a simple, local OSSEC-HIDS service to commanding a network of servers running OSSEC-HIDS with customized checks, alerts, and automatic responses.

You will learn how to maximise the accuracy, effectiveness, and performance of OSSEC-HIDS’ analyser, file integrity monitor, and malware detection module. You will flip the table on security software and put OSSEC-HIDS to work validating its own alerts before escalating them. You will also learn how to write your own rules, decoders, and active responses. You will rest easy knowing your servers can protect themselves from most attacks while being intelligent enough to notify you when they need help!

You will learn how to use OSSEC-HIDS to save time, meet security requirements, provide insight into your network, and protect your assets.

Table of Contents

Chapter 1: Instant OSSEC Host-based Intrusion Detection
Installing OSSEC (Simple)
Configuring an OSSEC server (Simple)
Getting agents to communicate (Simple)
Writing your own rules (Simple)
Detecting SSH brute-force attacks (Intermediate)
Configuring the alerts (Simple)
File integrity monitoring (Simple)
Monitoring command output (Intermediate)
Detecting rootkits and anomalies (Simple)
Introducing active response (Intermediate)
Verifying alerts with active response (Advanced)

What You Will Learn

  • Installing OSSEC-HIDS in local, server, and agent mode
  • Customizing alerting to increase the signal to noise ratio
  • Writing your own rules to extend, enhance, and tailor alerts to your environment
  • Writing your own decoders to add context to alerts and active responses
  • Learning tips for managing large OSSEC-HIDS installs
  • Monitoring command output for security and operational awareness
  • Auditing systems for compromise with a sensitivity to performance of those systems
  • Configuring Active Response to protect servers from SSH brute force attacks

Authors

Table of Contents

Chapter 1: Instant OSSEC Host-based Intrusion Detection
Installing OSSEC (Simple)
Configuring an OSSEC server (Simple)
Getting agents to communicate (Simple)
Writing your own rules (Simple)
Detecting SSH brute-force attacks (Intermediate)
Configuring the alerts (Simple)
File integrity monitoring (Simple)
Monitoring command output (Intermediate)
Detecting rootkits and anomalies (Simple)
Introducing active response (Intermediate)
Verifying alerts with active response (Advanced)

Book Details

ISBN 139781782167648
Paperback62 pages
Read More

Read More Reviews

Recommended for You

Learning Network Forensics Book Cover
Learning Network Forensics
$ 39.99
$ 28.00
Applied Network Security Book Cover
Applied Network Security
$ 35.99
$ 25.20
SolarWinds Server & Application Monitor: Deployment and Administration Book Cover
SolarWinds Server & Application Monitor: Deployment and Administration
$ 21.99
$ 15.40
Network Graph Analysis and Visualization with Gephi Book Cover
Network Graph Analysis and Visualization with Gephi
$ 19.99
$ 14.00
Kali Linux CTF Blueprints Book Cover
Kali Linux CTF Blueprints
$ 21.99
$ 15.40
Instant Munin Plugin Starter Book Cover
Instant Munin Plugin Starter
$ 14.99
$ 10.50