Mastering FreeBSD and OpenBSD Security
Paperback Engels 2005 9780596006266Samenvatting
FreeBSD and OpenBSD are increasingly gaining traction in educational institutions, non-profits, and corporations worldwide because they provide significant security advantages over Linux. Although a lot can be said for the robustness, clean organization, and stability of the BSD operating systems, security is one of the main reasons system administrators use these two platforms.There are plenty of books to help you get a FreeBSD or OpenBSD system off the ground, and all of them touch on security to some extent, usually dedicating a chapter to the subject. But, as security is commonly named as the key concern for today's system administrators, a single chapter on the subject can't provide the depth of information you need to keep your systems secure.FreeBSD and OpenBSD are rife with security "building blocks" that you can put to use, and Mastering FreeBSD and OpenBSD Security shows you how. Both operating systems have kernel options and filesystem features that go well beyond traditional Unix permissions and controls. This power and flexibility is valuable, but the colossal range of possibilities need to be tackled one step at a time. This book walks you through the installation of a hardened operating system, the installation and configuration of critical services, and ongoing maintenance of your FreeBSD and OpenBSD systems.Using an application-specific approach that builds on your existing knowledge, the book provides sound technical information on FreeBSD and Open-BSD security with plenty of real-world examples to help you configure and deploy a secure system. By imparting a solid technical foundation as well as practical know-how, it enables administrators to push their server's security to the next level. Even administrators in other environments--like Linux and Solaris--can find useful paradigms to emulate.Written by security professionals with two decades of operating system experience, Mastering FreeBSD and OpenBSD Security features broad and deep explanations of how how to secure your most critical systems. Where other books on BSD systems help you achieve functionality, this book will help you more thoroughly secure your deployments.
Specificaties
Lezersrecensies
Inhoudsopgave
Audience;
Assumptions This Book Makes;
Contents of This Book;
Conventions Used in This Book;
Using Code Examples;
Comments and Questions;
Safari Enabled;
Acknowledgments;
Security Foundation;
Chapter 1: The Big Picture;
1.1 What Is System Security?;
1.2 Identifying Risks;
1.3 Responding to Risk;
1.4 Security Process and Principles;
1.5 System Security Principles;
1.6 Wrapping Up;
1.7 Resources;
Chapter 2: BSD Security Building Blocks;
2.1 Filesystem Protections;
2.2 Tweaking a Running Kernel: sysctl;
2.3 The Basic Sandbox: chroot;
2.4 Jail: Beyond chroot;
2.5 Inherent Protections;
2.6 OS Tuning;
2.7 Wrapping Up;
2.8 Resources;
Chapter 3: Secure Installation and Hardening;
3.1 General Concerns;
3.2 Installing FreeBSD;
3.3 FreeBSD Hardening: Your First Steps;
3.4 Installing OpenBSD;
3.5 OpenBSD Hardening: Your First Steps;
3.6 Post-Upgrade Hardening;
3.7 Wrapping Up;
3.8 Resources;
Chapter 4: Secure Administration Techniques;
4.1 Access Control;
4.2 Security in Everyday Tasks;
4.3 Upgrading;
4.4 Security Vulnerability Response;
4.5 Network Service Security;
4.6 Monitoring System Health;
4.7 Wrapping Up;
4.8 Resources;
Deployment Situations;
Chapter 5: Creating a Secure DNS Server;
5.1 The Criticality of DNS;
5.2 DNS Software;
5.3 Installing BIND;
5.4 Installing djbdns;
5.5 Operating BIND;
5.6 Operating djbdns;
5.7 Wrapping Up;
5.8 Resources;
Chapter 6: Building Secure Mail Servers;
6.1 Mail Server Attacks;
6.2 Mail Architecture;
6.3 Mail and DNS;
6.4 SMTP;
6.5 Mail Server Configurations;
6.6 Sendmail;
6.7 Postfix;
6.8 qmail;
6.9 Mail Access;
6.10 Wrapping Up;
6.11 Resources;
Chapter 7: Building a Secure Web Server;
7.1 Web Server Attacks;
7.2 Web Architecture;
7.3 Apache;
7.4 thttpd;
7.5 Advanced Web Servers with Jails;
7.6 Wrapping Up;
7.7 Resources;
Chapter 8: Firewalls;
8.1 Firewall Architectures;
8.2 Host Lockdown;
8.3 The Options: IPFW Versus PF;
8.4 Basic IPFW Configuration;
8.5 Basic PF Configuration;
8.6 Handling Failure;
8.7 Wrapping Up;
8.8 Resources;
Chapter 9: Intrusion Detection;
9.1 No Magic Bullets;
9.2 IDS Architectures;
9.3 NIDS on BSD;
9.4 Snort;
9.5 ACID;
9.6 HIDS on BSD;
9.7 Wrapping Up;
9.8 Resources;
Auditing and Incident Response;
Chapter 10: Managing the Audit Trails;
10.1 System Logging;
10.2 Logging via syslogd;
10.3 Securing a Loghost;
10.4 logfile Management;
10.5 Automated Log Monitoring;
10.6 Automated Auditing Scripts;
10.7 Wrapping Up;
10.8 Resources;
Chapter 11: Incident Response and Forensics;
11.1 Incident Response;
11.2 Forensics on BSD;
11.3 Digging Deeper with the Sleuth Kit;
11.4 Wrapping Up;
11.5 Resources;
Colophon;
Rubrieken
- advisering
- algemeen management
- coaching en trainen
- communicatie en media
- economie
- financieel management
- inkoop en logistiek
- internet en social media
- it-management / ict
- juridisch
- leiderschap
- marketing
- mens en maatschappij
- non-profit
- ondernemen
- organisatiekunde
- personal finance
- personeelsmanagement
- persoonlijke effectiviteit
- projectmanagement
- psychologie
- reclame en verkoop
- strategisch management
- verandermanagement
- werk en loopbaan