Looking for people who have tried OSSEC

[Andrew Hay]

Hey All,

I'm currently in talks with a publisher to co-author a book on OSSEC (http://www.ossec.net) with Daniel Cid, the founder and lead developer of the project.

What the publisher has asked me for is some quotes/endorsements on why a book on this product is needed and/or why I am the right person to write a book on this topic.

I'd appreciate help from the community on this and if you'd be willing to be quoted on why a book is needed on this program and/or provide an endorsement of yours truly then please post it here or if you'd rather let me know directly then please email me at andrewsmhay@gmail.com.

If you'd like more of a background on me then please check out http://www.andrewhay.ca/about/.

I really need this by the end of the week (Friday, August 17th) if possible.  Thanks everyone...I know you won't let me down!

[boney]

OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, real-time alerting and active response.

It runs on most operating systems, including Linux, OpenBSD, FreeBSD, MacOS, Solaris and Windows.

For people like us, we can understand the entire content of the project just by reading ' Open Source Host-based Intrusion Detection System', we later digg the issue and research on it.

Well there are many people(geeks) who like to review on books and discuss or make an opinion about it.

Honestly, there is no need for a book on this topic, but to reach people from all walks of life, a book will help.
Along with publicity of the project, the book will also spread information.

Readibility is what cyber success is all about.

[Manu Zacharia (-M-)]

As mentioned by Boney, to reach the mass people, a well written book is always the best option.

Answering the questions projected by the publisher:

Why a book is needed on this subject?
Currently no book is available in the market on the subject and as we all are aware, the average techie guys prefer books than documentation. 

Why you are the right person for this book?
Quite simple - just go through your profile - you have contributed a lot to the information security field. An active member of many security movements with multiple certifications and rich experience obviously makes you the right candidate for this subject.

Wishing you all the best for the project. Also looking forward for more contributions from you on OSSEC to EH-Net.

[Andrew Hay]

Honestly, there is no need for a book on this topic, but to reach people from all walks of life, a book will help.
Along with publicity of the project, the book will also spread information

I can't tell if this is an endorsement for a book or not

[boney]

I can't tell if this is an endorsement for a book or not

I dint understand that.

[Negrita]

I can't tell if this is an endorsement for a book or not

I dint understand that.

Neither did Andrew, but it's you who wrote that, so.... 

[RichM]

Andrew,

I don't know if it will help, but feel free to use anything in my article http://www.ethicalhacker.net/content/view/154/24/ I think the point you should emphasize is that SourceFire has cornered the market, and for the sake of open source OSSEC should do everything it can to get known.

If you took a survey, I bet a lot of people have never heard of OSSEC, but they have probably heard of snort. OSSEC is the future, most people just aren't aware of it.

Also as a suggestion, it would be great if you could include a dvd with a vid of installations and advanced techniques, some people learn best by watching then emulating...fwiw

[Andrew Hay]

Also as a suggestion, it would be great if you could include a dvd with a vid of installations and advanced techniques, some people learn best by watching then emulating...fwiw

We've already included that in our proposal for the book

[RichM]

Any movement on your proposal?  Glad to hear about the dvd...

[jimbob]

This thread has inspired me to take a look at OSSEC and it looks promising. Getting a book out soon might make it to the market as the first on this subject. I've not had a chance to test OSSEC much yet over and above doing the installation, but I especially like the client/server approach. Too many desktop products require big money to have a centralised, managed reporting solution.

Jimbob