- Advance Praise for Absolute OpenBSD, 2nd Edition
- Dedication
- About the Author
- About the Technical Reviewer
- Foreword
- Acknowledgments
- Introduction
- 1. Getting Additional Help
- 2. Installation Preparations
- 3. Installation Walk-Through
- 4. Post-Install Setup
- 5. The Boot Process
- 6. User Management
- 7. Root, and How to Avoid It
- The Root Password
- Using Groups
- Hiding Root with sudo
- Using sudo
- sudoedit
- The Biggest sudo Mistake: Exclusions
- sudo Logs
- 8. Disks and Filesystems
- Device Nodes
- DUIDs and /etc/fstab
- MBR Partitions and fdisk(8)
- Labeling Disks
- The Fast File System
- What’s Currently Mounted?
- Mounting and Unmounting Partitions
- How Full Is That Partition?
- Adding New Hard Disks
- 9. More Filesystems
- 10. Securing Your System
- 11. Overview of TCP/IP
- 12. Connecting to the Network
- 13. Software Management
- 14. Everything /etc
- /etc Across Unix Variants
- The /etc Files
- /etc/adduser.conf
- /etc/amd
- /etc/authpf
- /etc/bgpd.conf
- /etc/boot.conf
- /etc/changelist
- /etc/chio.conf
- /etc/csh.*
- /etc/daily and /etc/daily.local
- /etc/dhclient.conf
- /etc/dhcpd.conf
- /etc/disklabels/
- /etc/disktab
- /etc/dumpdates
- /etc/dvmrpd.conf
- /etc/exports
- /etc/fbtab
- /etc/firmware
- /etc/fonts/
- /etc/fstab
- /etc/ftpchroot
- /etc/ftpusers
- /etc/gettytab
- /etc/group
- /etc/hostapd.conf
- /etc/hostname.*
- /etc/hosts
- /etc/hosts.equiv
- /etc/hosts.lpd
- /etc/hotplug/
- /etc/ifstated.conf
- /etc/iked/, /etc/iked.conf, /etc/ipsec.conf, and /etc/isakmpd
- /etc/inetd.conf
- /etc/kbdtype
- /etc/kerberosV/
- /etc/ksh.kshrc
- /etc/ldap/ and /etc/ldapd.conf
- /etc/localtime
- /etc/locate.rc
- /etc/login.conf
- /etc/lynx.cfg
- /etc/magic
- /etc/mail/
- /etc/mail.rc
- /etc/mailer.conf
- /etc/man.conf
- /etc/master.passwd, /etc/passwd, /etc/spwd.db, and /etc/pwd.db
- /etc/mixerctl.conf
- /etc/mk.conf
- /etc/moduli
- /etc/monthly and /etc/monthly.local
- /etc/motd
- /etc/mrouted.conf
- /etc/mtree/
- /etc/mygate
- /etc/myname
- /etc/netstart
- /etc/networks
- /etc/newsyslog.conf
- /etc/nginx/
- /etc/nsd.conf
- /etc/ntpd.conf
- /etc/ospf6d.conf and /etc/ospfd.conf
- /etc/pf.conf and /etc/pf.os
- /etc/ppp/
- /etc/printcap
- /etc/protocols
- /etc/rbootd.conf
- /etc/rc.*
- /etc/relayd.conf
- /etc/remote
- /etc/resolv.conf and /etc/resolv.conf.tail
- /etc/ripd.conf
- /etc/rmt
- /etc/rpc
- /etc/sasyncd.conf
- /etc/sensorsd.conf
- /etc/services
- /etc/shells
- /etc/skel/
- /etc/sliphome/
- /etc/snmpd.conf
- /etc/ssh/
- /etc/ssl/
- /etc/sudoers
- /etc/sysctl.conf
- /etc/syslog.conf
- /etc/systrace/
- /etc/termcap
- /etc/ttys
- /etc/weekly and /etc/weekly.local
- /etc/wsconsctl.conf
- /etc/X11
- /etc/ypldap.conf
- 15. System Maintenance
- 16. Network Servers
- 17. Desktop OpenBSD
- 18. Kernel Configuration
- 19. Building Custom Kernels
- 20. Upgrading
- 21. Packet Filtering
- 22. Advanced PF
- 23. Customizing OpenBSD
- A. Afterword
- Index
- About the Author
- Copyright
Keeping Secure
The tools discussed in this chapter are not OpenBSD’s only security features. The OpenBSD team has put a lot of work into securing every part of the system. But this chapter covers some things that make OpenBSD special and gives you an idea of how those features work.
What’s the best path to security? Keep your system updated and configure your server daemons securely. It’s boring, but it works.
[26] I’ve seen too many botnet or script kiddie intrusions go undetected for months to be comfortable blaming legitimate users for the majority of security problems. I would agree that “insider intrusions” are the most commonly identified intrusions, but frequently, that’s because the guilty user can’t keep his mouth shut.
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.