Secure Architectures with OpenBSD

Valutazione media 4,13
( su 15 valutazioni fornite da Goodreads )
 
9780321193667: Secure Architectures with OpenBSD

"This book works in tandem with the OpenBSD's manual pages. As a result, it will help many users grow and get the most from the system."—Theo de Raadt, OpenBSD project leader.

"The OpenBSD system intimidates many administrators who would benefit from using it. This book lets people start much higher up on the curve. Secure Architectures with OpenBSD not only presents the hows, but also shows some of the whys that only insiders know."Mike Frantzen, NFR Security

"Secure Architectures with OpenBSD explains all of the tasks an administrator has to know about to successfully maintain an OpenBSD server. It helps the reader save time by condensing the vast amount of information available in man pages into a compact form, reducing unneeded information, and explaining other things in much more detail and prose than a man page can afford."Daniel Hartmeier, the OpenBSD Project

"This book will become the de facto text for OpenBSD administration. Unix and BSD books abound, but none cover OpenBSD with the clarity and expertise of Palmer and Nazario. They explain the optimal way to configure and administer your OpenBSD machines, with a keen eye to security at all stages."Brian Hatch, coauthor of Hacking Exposed Linux and Building Linux Virtual Private Networks

Descended from BSD, OpenBSD is a popular choice for those who demand stability and security from their operating system. No code goes into OpenBSD without first undergoing a rigorous security check, making it a terrific choice for Web servers, VPNs, and firewalls.

Secure Architectures with OpenBSD is the insider's guide to building secure systems using OpenBSD. Written by Brandon Palmer and Jose Nazario, this book is a how-to for system and network administrators who need to move to a more secure operating system and a reference for seasoned OpenBSD users who want to fully exploit every feature of the system.

After getting readers started with OpenBSD, the authors explain system configuration and administration, then explore more exotic hardware and advanced topics. Every chapter of the book addresses the issue of security because security is integrated into almost every facet of OpenBSD. Examples appear throughout the book, and the authors provide source code and system details unavailable anywhere else. This goes well beyond the basics and gives readers information they will need long after they have installed the system.

Key topic coverage includes:
  • Installation and upgrade details
  • Basic system usage in OpenBSD versus other Unix systems
  • Third-party software via packages and the ports tree
  • SMTP services in OpenBSD
  • Web services with Apache
  • Using OpenBSD as a firewall
  • OpenBSD as a Kerberos V client and server
  • Use of Ipsec
  • Configuration and use of IPv6
  • Network intrusion detection

Secure Architectures with OpenBSD takes you inside OpenBSD, giving you the insights and expertise no system manual can provide. The companion Web site tracks advances and changes made to the operating system, and it contains updates to the book and working code samples.



Le informazioni nella sezione "Riassunto" possono far riferimento a edizioni diverse di questo titolo.

About the Author:

Brandon Palmer is a member of Crimelabs Security Research Group, a think tank and consulting firm, and has performed security audits and penetration testing for networks and systems.

Jose Nazario is a senior software engineer at Arbor Networks, an Internet security company. As a member of the OpenBSD project, he has written ports, made bug notes, and contributed to the code. Jose also runs the community forum at www.deadly.org and serves as a consultant and researcher at Crimelabs Security Research Group.



Excerpt. © Reprinted by permission. All rights reserved.:

Chapter 1: Introduction

The OpenBSD operating system (OS) is a secure, stable, and powerful operating system that is attracting many new and old UNIX users to it. The OS is well designed for both workstation and server use. OpenBSD supports many mainstream applications and also offers great hardware support. Because OpenBSD doesn't face many of the business pressures to increase sales and employ trendy gimmicks that Linux and other BSD systems have to deal with, it is able to be designed on technical merit. This means that while the system works very well, it isn't targeted at the user who wants to be able to "point and click" and not read the documentation. This book is written to help new users understand the features of the OpenBSD system and to give more seasoned users the education to fully exploit all that OpenBSD has to offer.

OpenBSD came into existence on October 18, 1995, at 08:37 when Theo de Raadt committed the first branch into the CVS server from the NetBSD tree. The first release, OpenBSD2.0, became available in autumn 1996. Release dates have been every six months since then, with the most recent version, 3.4, being released on November 1, 2003.

There are no firm numbers on a user base for OpenBSD. Even though CD sales could give an estimate, CDs are used to install only some systems. A huge number of installations are done over the Internet. The user base is, however, "pretty incredible," says Theo.

1.1 What Will This Book Cover?

This book will cover the hardware that most users will be faced with, and some notes about other hardware they may not encounter. The i386 architecture is used for most of the examples as that is where most users first encounter it. Note, however, that OpenBSD works almost the same on all architectures.

The book is broken down into the following sections:

  • Introduction This chapter.
  • Overview of OpenBSD A quick overview of what OpenBSD is and some of its main features.
  • Installation A walkthrough of an installation detailing what various options mean, why one should make certain decisions, and what's really happening in the background. This up-to-date discussion applies specifically to the OpenBSD 3.4 installation, but also to most other versions.
  • Basic Use Basic system usage and some of the major usage differences between OpenBSD and other UNIX systems.
  • Basic Default Services Usage and management of services that run by default on a freshly installed system.
  • Online Help Resources Descriptions of the "man," GNU Info, and "perldoc" facilities for online help.
  • X Window System Information regarding the XWindow system on an OpenBSD host.
  • User Administration Addition and deletion of users and management of the space that these users will work in.
  • Networking Setting up basic networking, advanced networking topics, and bridging.
  • inetd Function and configuration of services that are run from inetd.
  • Other Installed Services Additional information about services that are installed on a default system, but not enabled on start-up.
  • Precompiled Third-Party Software: Packages Use of the precompiled packages that are available for OpenBSD.
  • The Ports Tree: Third-Party Software from Source Use of the ports tree and compiling applications from source.
  • Disks and Filesystems The creation and care of filesystems and disk devices.
  • Backup Utilities Tools and techniques for system backup.
  • Housekeeping Regular system housekeeping chores.
  • Mail Server Operations SMTP services in OpenBSD.
  • The Domain Name Services The domain name system setup and use.
  • Web Servers with Apache Web services with the Apache and mod ssl servers.
  • OpenSSH The OpenBSD secure shell daemon and client.
  • The OpenBSD Development Environment Languages and software development tools.
  • Packet Filtering and NAT Using OpenBSD as a firewall and setting up systems to do NAT (Network Address Translation).
  • NFS: The Network Filesystem Setting up and using an OpenBSD NFS server and client.
  • NIS and YP Services Configuration of an NIS server and clients.
  • Kerberos Configuration and operation of OpenBSD as a Kerberos V client and server.
  • Authentication Methods The numerous login methods for OpenBSD, including S/Key.
  • IPsec: Security at the IP Layer Configuring an OpenBSD client and gateway for secure IP networking.
  • IP Version 6 (IPv6) Overview of how OpenBSD is able to use IPv6 and basic usage in normal activities.
  • Systrace A system call policy mechanism, which can safely limit the actions of any application on an OpenBSD system.
  • Network Intrusion Detection While not a standard part of OpenBSD, use of tools in the ports tree to allow OpenBSD to be used as a network security monitor.
  • Upgrading Upgrading an OpenBSD system.
  • Kernel Compilation The GENERIC kernel, the few reasons to compile a new kernel, and tweaks to the kernel without compilation.
  • Bug Reports with OpenBSD Checking for and reporting system bugs.
  • CVS Basics Use of CVS on OpenBSD to access the kernel source and for system deployment.
  • Applying Source Code Patches Ways to apply system and application patches.
  • Tuning the Kernel with sysctl Tunable kernel parameters.
  • A dmesg Walkthrough Information available from dmesg and how it applies to system use.
  • Core File Evaluation Evaluation of core files from system and application crashes.
  • Other OpenBSD Tools and Resources Documentation reference for OpenBSD and other sources of information.
  • IPsec m4 m4 processing scripts for the IPv6 chapter.

During the preparation of this book, a friend who was reviewing the table of contents asked me, "Where is the chapter on security?" Just as in OpenBSD, security is everywhere. We sprinkle it in almost every chapter, because this is how security is best done. A chapter or two at the end of a book simply cannot demonstrate how OpenBSD has integrated security into almost every facet of the system.

1.2 Whom Is This Book For?

This book targets both the user who is new to OpenBSD and the user who has been using the system for a while. It is not intended to be a beginner's guide; it presumes that the user knows UNIX and is moving to OpenBSD or looking to expand his or her knowledge base. In addition, given that networking is a core function of any OpenBSD system, having a basic understanding of networking is important. This book will not cover the specifics of editors like vi or emacs; the user is expected to be able to edit his or her own files. Finally, this book concentrates on the use of server-end tools; it will not cover the clients being used to access these services, except in terms of how that might change decisions during server configuration.

The first section of the book can probably be skimmed by experienced and savvy UNIX administrators, but many will want to read these chapters in depth. These chapters include the basics of the layout of the OpenBSD system and its installation.



Le informazioni nella sezione "Su questo libro" possono far riferimento a edizioni diverse di questo titolo.

I migliori risultati di ricerca su AbeBooks

1.

Brandon Palmer; Jose Nazario
Editore: Addison-Wesley Professional (2004)
ISBN 10: 0321193660 ISBN 13: 9780321193667
Nuovi Paperback Quantità: 1
Da
Irish Booksellers
(Rumford, ME, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2004. Paperback. Condizione libro: New. book. Codice libro della libreria 0321193660

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 24,68
Convertire valuta

Aggiungere al carrello

Spese di spedizione: GRATIS
In U.S.A.
Destinazione, tempi e costi

2.

Palmer, BrandonNazario, Jose
Editore: Prentice Hall
ISBN 10: 0321193660 ISBN 13: 9780321193667
Nuovi Quantità: > 20
Da
INDOO
(Avenel, NJ, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Prentice Hall. Condizione libro: New. Brand New. Codice libro della libreria 0321193660

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 22,43
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,04
In U.S.A.
Destinazione, tempi e costi

3.

Brandon Palmer, Jose Nazario
Editore: Addison-Wesley Professional (2004)
ISBN 10: 0321193660 ISBN 13: 9780321193667
Nuovi Paperback Quantità: 1
Da
Ergodebooks
(RICHMOND, TX, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2004. Paperback. Condizione libro: New. 1. Codice libro della libreria DADAX0321193660

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 25,94
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,46
In U.S.A.
Destinazione, tempi e costi

4.

Brandon Palmer; Jose Nazario
ISBN 10: 0321193660 ISBN 13: 9780321193667
Nuovi Paperback Quantità: 1
Da
AMAZINGBOOKDEALS
(IRVING, TX, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Paperback. Condizione libro: BRAND NEW. BRAND NEW. Fast Shipping. Prompt Customer Service. Satisfaction guaranteed. Codice libro della libreria 0321193660BNA

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 30,49
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,46
In U.S.A.
Destinazione, tempi e costi

5.

Jose Nazario and Brandon Palmer
ISBN 10: 0321193660 ISBN 13: 9780321193667
Nuovi Quantità: 1
Da
Castle Rock
(Pittsford, NY, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Condizione libro: Brand New. Book Condition: Brand New. Codice libro della libreria 97803211936671.0

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 32,58
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 3,46
In U.S.A.
Destinazione, tempi e costi

6.

Palmer, Brandon, Nazario, Jose
Editore: Addison-Wesley Professional (2004)
ISBN 10: 0321193660 ISBN 13: 9780321193667
Nuovi Paperback Quantità: 2
Da
Murray Media
(North Miami Beach, FL, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2004. Paperback. Condizione libro: New. Codice libro della libreria P110321193660

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 38,97
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 2,59
In U.S.A.
Destinazione, tempi e costi

7.

Brandon Palmer; Jose Nazario
Editore: Addison-Wesley Professional (2004)
ISBN 10: 0321193660 ISBN 13: 9780321193667
Nuovi Brossura Quantità: > 20
Da
Palexbooks
(Sanford, NC, U.S.A.)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley Professional, 2004. Condizione libro: New. Brand new! Please provide a physical shipping address. Codice libro della libreria 9780321193667

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 43,47
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 2,60
In U.S.A.
Destinazione, tempi e costi

8.

Brandon Palmer/ Jose Nazario
Editore: Addison-Wesley (2004)
ISBN 10: 0321193660 ISBN 13: 9780321193667
Nuovi Paperback Quantità: 1
Da
Revaluation Books
(Exeter, Regno Unito)
Valutazione libreria
[?]

Descrizione libro Addison-Wesley, 2004. Paperback. Condizione libro: Brand New. new title edition. 544 pages. 8.75x6.75x1.00 inches. In Stock. Codice libro della libreria zk0321193660

Maggiori informazioni su questa libreria | Fare una domanda alla libreria

Compra nuovo
EUR 50,22
Convertire valuta

Aggiungere al carrello

Spese di spedizione: EUR 6,78
Da: Regno Unito a: U.S.A.
Destinazione, tempi e costi