This book is the definitive guide on the OSSEC Host-based Intrusion Detection and frankly, to really use OSSEC you will need a definitive guide. Documentation has been available since the beginning of OSSEC project but, because of time constraints, no formal book has been created to describe the various features and functions of the OSSEC product. The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and reduce attacks on your system. - Stephen Northcutt OSSEC determines if the host has been compromised in this way by taking the equivalent of the host machine image in its original state, unchanged. and then continually compares the current environment the machine to identify what may have changed from the original configuration. This book is co-authored by Daniel Cid, who is the founder and main developer OSSEC host-based IDS freely available. Follow the instructions Steb-by-Step Installation Walk through the installation process for the "local", "server" "agents", and install types on some of the most popular operating systems available. . Configuration master Learn the basic configuration options for your installation type and level of alert to learn how to monitor log files, receive remote messages, configure email notification, and configure. . Understand System Integrity Check and Rootkit Detection Monitor executable binary files, file system configuration, and the Microsoft Windows registry. . Use the OSSEC Web User Interface Install, configure and use, sources, developed a web interface available for OSSEC open society. . Playing in the Sandbox OSSEC VMware Environment Use the OSSEC HIDS VMware Guest image on the companion DVD to implement what you have learned in a sandbox-style environment. .