Well I’ve eluded to it over the past couple of months and everything is now final. I will be co-authoring the Syngress book “OSSEC Host-based Intrusion Detection” with Daniel Cid and Rory Bray. Look for it in stores in February 2008 and buy as many copies as you can 🙂

About the book:

Since it’s launch in October of 2003, OSSEC has gained momentum to the tune of 10,000 downloads per month from every part of the globe. Commercial host-based intrusion detection solutions range from $60 to as high as thousands of dollars. As there is no free host-based intrusion detection solution that can match the functionality, scalability, and ease of use of OSSEC it stands in a class by itself.

This book is the definitive guide on the OSSEC Host-based Intrusion Detection system. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented…until now! This book will show you how to install and configure OSSEC on the operating system of your choosing and provide detailed examples to help you prevent and mitigate attacks on your systems.

Included with the book is a DVD containing the latest OSSEC software for Windows and Linux/Unix, a pre-configured VMWare image with OSSEC already installed, and a step-by-step video detailing how to get OSSEC up-and-running on your own system.

While checking my Feedburner stats I noticed that I’m consistently hovering around the 50 subscriber mark! This may not sound high to you but it’s a great boost to my ego to see that people are subscribing to my blog to read what I have to say. I wanted to take this time to say ‘thanks’ to everyone who subscribes to my blog and an extra ‘thank you’ to those who regularly comment 🙂

Looks like Marty and Co. have acquired ClamAV. I’m a huge fan of ClamAV on Windows, Linux, and OSX. From the press release:

“ClamAV is one of the most successful technologies in the open source security arena. This acquisition not only broadens Sourcefire’s open source footprint, but allows us to support, develop and incorporate the ClamAV technology throughout our commercial offerings,” said Martin Roesch, Founder and CTO of Sourcefire and Creator of Snort. “The success of the ClamAV project is a direct reflection of the talent and dedication of the founding team and the project community. Sourcefire is committed to investing in and advancing the ClamAV technology, just as we have with Snort and Snort.org.”

This is my favorite AV scanner these days. Congratulations to the ClamAV team!