Skip to content

Mastering FreeBSD and OpenBSD Security

Spend $50 to get a free DVD!

ISBN-10: 0596006268

ISBN-13: 9780596006266

Edition: 2005

Authors: Bruce Potter, Yanek Korff, Paco Hope

List price: $49.99
Shipping box This item qualifies for FREE shipping.
Blue ribbon 30 day, 100% satisfaction guarantee!
what's this?
Rush Rewards U
Members Receive:
Carrot Coin icon
XP icon
You have reached 400 XP and carrot coins. That is the daily max!

FreeBSD and OpenBSD are increasingly gaining traction in educational institutions, non-profits, and corporations worldwide because they provide significant security advantages over Linux. Although a lot can be said for the robustness, clean organization, and stability of the BSD operating systems, security is one of the main reasons system administrators use these two platforms. There are plenty of books to help you get a FreeBSD or OpenBSD system off the ground, and all of them touch on security to some extent, usually dedicating a chapter to the subject. But, as security is commonly named as the key concern for today's system administrators, a single chapter on the subject can't provide…    
Customers also bought

Book details

List price: $49.99
Copyright year: 2005
Publisher: O'Reilly Media, Incorporated
Publication date: 4/7/2005
Binding: Paperback
Pages: 466
Size: 7.00" wide x 9.00" long x 1.25" tall
Weight: 1.540
Language: English

Paco Hope is a Technical Manager at Cigital, Inc. and co-author of Mastering FreeBSD and OpenBSD Security (April 2005, O'Reilly, ISBN 0596006268). Mr. Hope has also published articles on Misuse and Abuse Cases and PKI. He has been invited to conferences to speak on topics such as software security re-quirements, web application security, and embedded system security. At Cigi-tal, he has served as a subject matter expert to MasterCard International for security policies and has assisted a Fortune 500 hospitality company in writ-ing software security policy. He also trains software developers and testers in the fundamentals of software security. In the gaming and mobile communica-tions…    

Preface
Security Foundation
The Big Picture
What Is System Security?
Identifying Risks
Responding to Risk
Security Process and Principles
System Security Principles
Wrapping Up
Resources
BSD Security Building Blocks
Filesystem Protections
Tweaking a Running Kernel: sysctl
The Basic Sandbox: chroot
Jail: Beyond chroot
Inherent Protections
OS Tuning
Wrapping Up
Resources
Secure Installation and Hardening
General Concerns
Installing FreeBSD
FreeBSD Hardening: Your First Steps
Installing OpenBSD
OpenBSD Hardening: Your First Steps
Post-Upgrade Hardening
Wrapping Up
Resources
Secure Administration Techniques
Access Control
Security in Everyday Tasks
Upgrading
Security Vulnerability Response
Network Service Security
Monitoring System Health
Wrapping Up
Resources
Deployment Situations
Creating a Secure DNS Server
The Criticality of DNS
DNS Software
Installing BIND
Installing djbdns
Operating BIND
Operating djbdns
Wrapping Up
Resources
Building Secure Mail Servers
Mail Server Attacks
Mail Architecture
Mail and DNS
SMTP
Mail Server Configurations
Sendmail
Postfix
qmail
Mail Access
Wrapping Up
Resources
Building a Secure Web Server
Web Server Attacks
Web Architecture
Apache
thttpd
Advanced Web Servers with Jails
Wrapping Up
Resources
Firewalls
Firewall Architectures
Host Lockdown
The Options: IPFW Versus PF
Basic IPFW Configuration
Basic PF Configuration
Handling Failure
Wrapping Up
Resources
Intrusion Detection
No Magic Bullets
IDS Architectures
NIDS on BSD
Snort
ACID
HIDS on BSD
Wrapping Up
Resources
Auditing and Incident Response
Managing the Audit Trails
System Logging
Logging via syslogd
Securing a Loghost
logfile Management
Automated Log Monitoring
Automated Auditing Scripts
Wrapping Up
Resources
Incident Response and Forensics
Incident Response
Forensics on BSD
Digging Deeper with the Sleuth Kit
Wrapping Up
Resources
Index