Building Linux and OpenBSD Firewalls

Building Linux and OpenBSD Firewalls
Author: Wes Sonnenreich
Publisher:
Total Pages: 396
Release: 2000-02-16
Genre: Computers
ISBN:

A step-by-step guide to bulding a commercial-grade firewall with open source software Building Linux and OpenBSD Firewalls It's now more important than ever before to protect your data and computers from people trying to hack into your network. Without the proper security, the wrong person can gain access to your system and read critical documents, change data, delete items, and much worse. With this book, you'll quickly learn how to protect your network from such attacks as you build a Linux or OpenBSD firewall. From determining how much security you'll need to configuring the firewall and monitoring your system, authors Tom Yates and Wes Sonnenreich clearly guide you through all the necessary steps to improve your security. They show you how to: * Build Linux and OpenBSD firewalls that meet your security needs * Choose the appropriate hardware for each operating system and put the machine together * Configure a firewall that allows network services such as email, newsgroups, and Internet and intranet access * Monitor and update your system to close any holes in security * Detect intruders and restore your network security The companion Web site at www.wiley.com/compbooks/sonnenreich features: * Updates for the most recent releases of OpenBSD and Red Hat * Useful scripts and tools * Sample firewall configurations * Additional online resources

Building firewalls with OpenBSD and PF

Building firewalls with OpenBSD and PF
Author: Jacek Artymiak
Publisher: Jacek Artymiak
Total Pages: 340
Release: 2003
Genre: Computers
ISBN: 9788391665114

Written by Jacek Artymiak, a frequent contributor to ONLamp.com, Building Firewalls with OpenBSD and PF is the first and only print publication devoted solely to the subject of the pf packet filter used in OpenBSD, FreeBSD, and NetBSD operating systems. Topics covered include: firewall design, ruleset syntax, packet normalization (scrubbing), packet redirection (masquerading), packet filtering, bandwidth management (ALTQ), load balancing, and more. The author maintains a web site and a mailing list for the readers of his book.

Mastering FreeBSD and OpenBSD Security

Mastering FreeBSD and OpenBSD Security
Author: Yanek Korff
Publisher: "O'Reilly Media, Inc."
Total Pages: 468
Release: 2005
Genre: Computers
ISBN: 9780596006266

FreeBSD and OpenBSD are increasingly gaining traction in educational institutions, non-profits, and corporations worldwide because they provide significant security advantages over Linux. Although a lot can be said for the robustness, clean organization, and stability of the BSD operating systems, security is one of the main reasons system administrators use these two platforms.There are plenty of books to help you get a FreeBSD or OpenBSD system off the ground, and all of them touch on security to some extent, usually dedicating a chapter to the subject. But, as security is commonly named as the key concern for today's system administrators, a single chapter on the subject can't provide the depth of information you need to keep your systems secure.FreeBSD and OpenBSD are rife with security "building blocks" that you can put to use, and Mastering FreeBSD and OpenBSD Security shows you how. Both operating systems have kernel options and filesystem features that go well beyond traditional Unix permissions and controls. This power and flexibility is valuable, but the colossal range of possibilities need to be tackled one step at a time. This book walks you through the installation of a hardened operating system, the installation and configuration of critical services, and ongoing maintenance of your FreeBSD and OpenBSD systems.Using an application-specific approach that builds on your existing knowledge, the book provides sound technical information on FreeBSD and Open-BSD security with plenty of real-world examples to help you configure and deploy a secure system. By imparting a solid technical foundation as well as practical know-how, it enables administrators to push their server's security to the next level. Even administrators in other environments--like Linux and Solaris--can find useful paradigms to emulate.Written by security professionals with two decades of operating system experience, Mastering FreeBSD and OpenBSD Security features broad and deep explanations of how how to secure your most critical systems. Where other books on BSD systems help you achieve functionality, this book will help you more thoroughly secure your deployments.

Absolute OpenBSD, 2nd Edition

Absolute OpenBSD, 2nd Edition
Author: Michael W. Lucas
Publisher: No Starch Press
Total Pages: 540
Release: 2013-04-15
Genre: Computers
ISBN: 1593275234

OpenBSD, the elegant, highly secure Unix-like operating system, is widely used as the basis for critical DNS servers, routers, firewalls, and more. This long-awaited second edition of Absolute OpenBSD maintains author Michael Lucas's trademark straightforward and practical approach that readers have enjoyed for years. You'll learn the intricacies of the platform, the technical details behind certain design decisions, and best practices, with bits of humor sprinkled throughout. This edition has been completely updated for OpenBSD 5.3, including new coverage of OpenBSD's boot system, security features like W^X and ProPolice, and advanced networking techniques. You'll learn how to: –Manage network traffic with VLANs, trunks, IPv6, and the PF packet filter –Make software management quick and effective using the ports and packages system –Give users only the access they need with groups, sudo, and chroots –Configure OpenBSD's secure implementations of SNMP, DHCP, NTP, hardware sensors, and more –Customize the installation and upgrade processes for your network and hardware, or build a custom OpenBSD release Whether you're a new user looking for a complete introduction to OpenBSD or an experienced sysadmin looking for a refresher, Absolute OpenBSD, 2nd Edition will give you everything you need to master the intricacies of the world's most secure operating system.

Building Internet Firewalls

Building Internet Firewalls
Author: Elizabeth D. Zwicky
Publisher: "O'Reilly Media, Inc."
Total Pages: 897
Release: 2000-06-26
Genre: Computers
ISBN: 0596551886

In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated Building Internet Firewalls to address these newer risks. What kinds of security threats does the Internet pose? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines. Firewalls, critical components of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down. Like the bestselling and highly respected first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes: Firewall technologies: packet filtering, proxying, network address translation, virtual private networks Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls Issues involved in a variety of new Internet services and protocols through a firewall Email and News Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo) File transfer and sharing services such as NFS, Samba Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000 Real-time conferencing services such as ICQ and talk Naming and directory services (e.g., DNS, NetBT, the Windows Browser) Authentication and auditing services (e.g., PAM, Kerberos, RADIUS); Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics) Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP) Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server) The book's complete list of resources includes the location of many publicly available firewall construction tools.

Secure Architectures with OpenBSD

Secure Architectures with OpenBSD
Author: Brandon Palmer
Publisher: Addison-Wesley Professional
Total Pages: 0
Release: 2004
Genre: Computer architecture
ISBN: 9780321193667

"This book works in tandem with the OpenBSD's manual pages. As a result, it will help many users grow and get the most from the system."--Theo de Raadt, OpenBSD project leader. "The OpenBSD system intimidates many administrators who would benefit from using it. This book lets people start much higher up on the curve. Secure Architectures with OpenBSD not only presents the hows, but also shows some of the whys that only insiders know."--Mike Frantzen, NFR Security "Secure Architectures with OpenBSD explains all of the tasks an administrator has to know about to successfully maintain an OpenBSD server. It helps the reader save time by condensing the vast amount of information available in man pages into a compact form, reducing unneeded information, and explaining other things in much more detail and prose than a man page can afford."--Daniel Hartmeier, the OpenBSD Project "This book will become the de facto text for OpenBSD administration. Unix and BSD books abound, but none cover OpenBSD with the clarity and expertise of Palmer and Nazario. They explain the optimal way to configure and administer your OpenBSD machines, with a keen eye to security at all stages."--Brian Hatch, coauthor of Hacking Exposed Linux and Building Linux Virtual Private Networks Descended from BSD, OpenBSD is a popular choice for those who demand stability and security from their operating system. No code goes into OpenBSD without first undergoing a rigorous security check, making it a terrific choice for Web servers, VPNs, and firewalls. Secure Architectures with OpenBSD is the insider's guide to building secure systems using OpenBSD. Written by Brandon Palmer and Jose Nazario, this book is a how-to for system and network administrators who need to move to a more secure operating system and a reference for seasoned OpenBSD users who want to fully exploit every feature of the system. After getting readers started with OpenBSD, the authors explain system configuration and administration, then explore more exotic hardware and advanced topics. Every chapter of the book addresses the issue of security because security is integrated into almost every facet of OpenBSD. Examples appear throughout the book, and the authors provide source code and system details unavailable anywhere else. This goes well beyond the basics and gives readers information they will need long after they have installed the system. Key topic coverage includes: Installation and upgrade details Basic system usage in OpenBSD versus other Unix systems Third-party software via packages and the ports tree SMTP services in OpenBSD Web services with Apache Using OpenBSD as a firewall OpenBSD as a Kerberos V client and server Use of Ipsec Configuration and use of IPv6 Network intrusion detection Secure Architectures with OpenBSD takes you inside OpenBSD, giving you the insights and expertise no system manual can provide. The companion Web site tracks advances and changes made to the operating system, and it contains updates to the book and working code samples.

Network Security Hacks

Network Security Hacks
Author: Andrew Lockhart
Publisher: "O'Reilly Media, Inc."
Total Pages: 478
Release: 2007
Genre: Computers
ISBN: 0596527632

This edition offers both new and thoroughly updated hacks for Linux, Windows, OpenBSD, and Mac OS X servers that not only enable readers to secure TCP/IP-based services, but helps them implement a good deal of clever host-based security techniques as well.

Book of PF, 3rd Edition

Book of PF, 3rd Edition
Author: Peter N. M. Hansteen
Publisher: No Starch Press
Total Pages: 250
Release: 2014-10-03
Genre: Computers
ISBN: 1593275897

OpenBSD’s stateful packet filter, PF, is the heart of the OpenBSD firewall. With more and more services placing high demands on bandwidth and an increasingly hostile Internet environment, no sysadmin can afford to be without PF expertise. The third edition of The Book of PF covers the most up-to-date developments in PF, including new content on IPv6, dual stack configurations, the “queues and priorities” traffic-shaping system, NAT and redirection, wireless networking, spam fighting, failover provisioning, logging, and more. You’ll also learn how to: * Create rule sets for all kinds of network traffic, whether crossing a simple LAN, hiding behind NAT, traversing DMZs, or spanning bridges or wider networks * Set up wireless networks with access points, and lock them down using authpf and special access restrictions * Maximize flexibility and service availability via CARP, relayd, and redirection * Build adaptive firewalls to proactively defend against attackers and spammers * Harness OpenBSD’s latest traffic-shaping system to keep your network responsive, and convert your existing ALTQ configurations to the new system * Stay in control of your traffic with monitoring and visualization tools (including NetFlow) The Book of PF is the essential guide to building a secure network with PF. With a little effort and this book, you’ll be well prepared to unlock PF’s full potential.

Understanding the Linux Kernel

Understanding the Linux Kernel
Author: Daniel Pierre Bovet
Publisher: "O'Reilly Media, Inc."
Total Pages: 786
Release: 2002
Genre: Computers
ISBN: 9780596002138

To thoroughly understand what makes Linux tick and why it's so efficient, you need to delve deep into the heart of the operating system--into the Linux kernel itself. The kernel is Linux--in the case of the Linux operating system, it's the only bit of software to which the term "Linux" applies. The kernel handles all the requests or completed I/O operations and determines which programs will share its processing time, and in what order. Responsible for the sophisticated memory management of the whole system, the Linux kernel is the force behind the legendary Linux efficiency. The new edition of Understanding the Linux Kernel takes you on a guided tour through the most significant data structures, many algorithms, and programming tricks used in the kernel. Probing beyond the superficial features, the authors offer valuable insights to people who want to know how things really work inside their machine. Relevant segments of code are dissected and discussed line by line. The book covers more than just the functioning of the code, it explains the theoretical underpinnings for why Linux does things the way it does. The new edition of the book has been updated to cover version 2.4 of the kernel, which is quite different from version 2.2: the virtual memory system is entirely new, support for multiprocessor systems is improved, and whole new classes of hardware devices have been added. The authors explore each new feature in detail. Other topics in the book include: Memory management including file buffering, process swapping, and Direct memory Access (DMA) The Virtual Filesystem and the Second Extended Filesystem Process creation and scheduling Signals, interrupts, and the essential interfaces to device drivers Timing Synchronization in the kernel Interprocess Communication (IPC) Program execution Understanding the Linux Kernel, Second Edition will acquaint you with all the inner workings of Linux, but is more than just an academic exercise. You'll learn what conditions bring out Linux's best performance, and you'll see how it meets the challenge of providing good system response during process scheduling, file access, and memory management in a wide variety of environments. If knowledge is power, then this book will help you make the most of your Linux system.

Real World Linux Security

Real World Linux Security
Author: Bob Toxen
Publisher: Prentice Hall Professional
Total Pages: 852
Release: 2003
Genre: Computers
ISBN: 9780130464569

With all-new coverage of home, mobile, and wireless issues, migrating from IP chains to IP tables, and protecting your network from users as well as hackers, this book provides immediate and effective Intrusion Detection System techniques. Contains practical solutions for every system administrator working with any Linux system, large or small.