Absolute OpenBSD : Unix for the practical paranoid /


by Michael W. Lucas.
Bok Engelsk 2013 Michael Lucas,· Electronic books.
Omfang
1 online resource (536 p.)
Utgave
2nd ed.
Opplysninger
Includes index.. - Intro -- Absolute OpenBSD -- Advance Praise for Absolute OpenBSD, 2nd Edition -- Dedication -- About the Author -- About the Technical Reviewer -- Foreword -- Acknowledgments -- Introduction -- What Is Security? -- What Is BSD? -- The BSD License -- AT&amp -- T vs. the World -- The Birth of OpenBSD -- The OpenBSD Community -- OpenBSD Users -- OpenBSD Contributors -- OpenBSD Committers -- OpenBSD Coordinator -- OpenBSD's Strengths -- Portability -- Power -- Documentation -- Free -- Correctness -- Security -- OpenBSD and Your Security -- OpenBSD's Uses -- Desktop -- Server -- Network Management -- About This Book -- Contents Overview -- 1. Getting Additional Help -- OpenBSD's Support Model -- The Code Is Fine. What's Wrong with You? -- Sources of Information -- Man Pages -- Manual Sections -- Viewing Man Pages -- Finding Man Pages -- Overlapping Man Page Names -- Man Page Contents -- Man Pages on the Web -- The OpenBSD Website -- Mirrors -- The OpenBSD FAQ -- Non-Project Websites -- OpenBSD Mailing Lists -- Unofficial Mailing Lists -- Read-Only Mailing Lists -- Using OpenBSD Problem-Solving Resources -- Using the OpenBSD Website -- Using Man Pages -- Using Internet Searches -- Using Mailing Lists -- Creating a Good Help Request -- How to Be Ignored -- Sending Your Email -- Responding to Email -- 2. Installation Preparations -- OpenBSD Hardware -- Supported Hardware -- Proprietary Hardware, Blobs, and Firmware -- Processors -- Memory (RAM) -- Hard Drives -- Virtualization -- Multiple Operating Systems -- Getting OpenBSD -- Official CDs -- Internet Downloads -- Mirror Site Layout -- Release Directories -- Boot Media -- Choosing Install Media -- Local Installation Servers -- File Sets -- Partitioning -- Standard OpenBSD Partitions -- Root Partition -- Swap Space -- /tmp Directory -- /var Partition -- /usr Partition -- /usr/X11R6 Partition.. - /usr/local Partition -- /usr/src Partition -- /usr/obj Partition -- /home Partition -- Creating Other Partitions -- Partition Filesystems -- Multiple Hard Drives -- Understanding Partitions -- MBR Partitions -- Disklabel Partitions -- Understanding Disklabels -- Sectors and Lies -- Sectors and Disklabels -- Other Information -- 3. Installation Walk-Through -- Hardware Setup -- BIOS Configuration -- Making Boot Media -- Making Boot Floppies -- Creating Floppies on Unix-like Systems -- Creating Floppies on Microsoft Systems -- Making Boot CDs -- Installing OpenBSD -- Running the Installation Program -- Multiple Network Cards -- Setting Up Services and the First User -- Setting the Time Zone -- Setting Up the Disk -- Choosing File Sets -- Finishing the Installation -- Custom Disk Layout -- Viewing Disklabels -- Deleting Partitions -- Erasing Existing Disklabels -- Creating Disklabel Partitions -- Writing the New Disklabel -- Adding More Disks -- Advanced Disklabel Commands -- Changing Basic Drive Parameters -- Modifying Existing Partitions -- Entering Expert Mode -- Getting More Help -- 4. Post-Install Setup -- First Steps -- Checking the System Errata -- Setting the Root Password -- Software Configuration -- Time and Date -- Setting the Time Zone -- Setting the Date and Time -- Setting the Time with ntpd(8) -- Setting the Date Manually -- Hostname -- Networking -- Configuring Ethernet Interfaces -- Static IP Addresses -- Dynamic Configuration -- Setting a Default Gateway -- Setting Name Service Servers -- Mail Aliases and Status Mail -- Keyboard Mapping -- Installing Ports and Source Code -- Booting to a Graphic Console -- Onward! -- 5. The Boot Process -- Power-On and the Boot Loader -- Booting in Single-User Mode -- Mounting Disks in Single-User Mode -- Starting the Network in Single-User Mode -- Booting an Alternate Kernel.. - An Overview of the sudo Software -- The visudo(8) Command -- The /etc/sudoers File -- Multiple Entries in a sudoers Field -- Running Commands As Non-root Users -- Long Lines -- /etc/sudoers Aliases -- User Aliases -- Run as Aliases -- Host Aliases -- Command Aliases -- Using Aliases in /etc/sudoers -- Nesting Aliases -- Alias Naming Conventions -- Changing sudo's Default Behavior -- Overriding Defaults per Host -- Overriding Defaults per User -- Overriding Defaults per Command -- Overriding Defaults per Run As -- sudo and the Environment -- Using sudo -- sudo Password Caching -- Running Commands Under sudo -- Running Commands as Other Users -- sudoedit -- The Biggest sudo Mistake: Exclusions -- sudo Logs -- 8. Disks and Filesystems -- Device Nodes -- Raw and Block Devices -- Block Devices -- Raw Devices -- Choosing Your Mode -- Device Attachment vs. Device Name -- DUIDs and /etc/fstab -- MBR Partitions and fdisk(8) -- Viewing MBR Partitions -- Adding and Removing Partitions -- Making a Partition Bootable -- Exiting fdisk -- Labeling Disks -- Viewing Labels -- Creating Disklabel Partitions -- Backing Up and Restoring Disklabels -- The Fast File System -- FFS Versions -- Blocks, Fragments, and Inodes -- Blocks -- Inodes -- Superblocks -- Creating FFS Filesystems -- FFS Mount Options -- Mount Options and /etc/fstab -- Read-Only Mounts -- Read-Write Mounts -- Synchronous Mounts -- Asynchronous Mounts -- Soft Update Mounts -- "Don't Track Access Time" Mounts -- No Device Nodes Permitted Mount -- Execution Forbidden Mounts -- setuid Forbidden -- Do Not Automatically Mount This Filesystem -- Filesystem Integrity -- Running fsck -- Blindly Trusting fsck -- What's Currently Mounted? -- Mounting and Unmounting Partitions -- Mounting Standard Filesystems -- Mounting at Nonstandard Locations -- Unmounting Partitions -- Mounting with Options.. - Booting a Different Kernel File -- Booting from an Alternate Hard Disk -- Finding the Disk -- Finding the Partition -- Booting the Kernel -- Making Boot Loader Settings Permanent -- Serial Consoles -- Other Platform Serial Consoles -- Serial Console Physical Setup -- Serial Console Configuration -- Configuring the Serial Console Client -- Setting Up the Serial Console -- Testing the Serial Configuration -- Changing the Serial Console Speed -- Changing the Client Serial Port -- Serial Logins -- Multiuser Startup -- Startup System Scripts -- The /etc/rc Script -- The /etc/rc.conf Script -- The /etc/rc.conf.local Script -- The /etc/netstart Script -- The /etc/rc.securelevel Script -- The /etc/rc.local Script -- The /etc/rc.shutdown Script -- The /etc/rc.firsttime Script -- The /etc/fastboot Script -- The /etc/rc.d Directory -- Software Startup Scripts -- Third-Party rc.d Scripts -- Force-Starting Software -- 6. User Management -- The Root Account -- Adding Users -- Adding Users Interactively -- Configuring adduser -- Creating User Accounts -- Adding Users Noninteractively -- Groups in Batch Mode -- Passwords and Batch Mode -- Other Batch Mode Options -- User Account Restrictions -- Removing User Accounts -- Editing User Accounts -- Login Classes -- Login Class Definitions -- Changing login.conf -- Legal Values for login.conf Variables -- Setting Resource Limits -- Modifying the Shell Environment -- Password and Login Options -- Changing Authentication Methods -- Using Login Classes for RADIUS Authentication -- Unprivileged User Accounts -- The nobody Account -- _username -- Creating Unprivileged Users -- 7. Root, and How to Avoid It -- The Root Password -- Using Groups -- The /etc/group File -- Creating Groups -- Groups, Unprivileged Users, and Group Permissions -- Hiding Root with sudo -- Why Use sudo? -- sudo Disadvantages.. - How Full Is That Partition? -- What's All That Stuff? -- Setting BLOCKSIZE -- Adding New Hard Disks -- Creating an MBR Partition -- Creating a Disklabel -- Moving Partitions -- Adding New Filesystems -- Stackable Mounts -- 9. More Filesystems -- Backing Up to the /altroot Partition -- Memory Filesystems -- Creating MFS Partitions -- Mounting an MFS at Boot -- Foreign Filesystems -- Inodes vs. Vnodes -- Common Foreign Filesystems -- MS-DOS -- NTFS -- ext2fs -- CD -- Foreign Filesystem Ownership -- Removable Media -- Mounting Filesystem Images -- Attaching Vnode Devices to Disk Images -- Detaching Vnode Devices from Images -- Basic NFS Setup -- The OpenBSD NFS Server -- Exporting Filesystems -- Read-Only Mounts -- NFS and Users -- Permitted Clients -- Multiple Exports for One Partition -- NFS Clients -- Software RAID -- RAID Types -- Preparing Disks for softraid -- Creating softraid Devices -- softraid Status -- Identifying Failed softraid Volumes -- Rebuilding Failed softraid Volumes -- Deleting softraid Devices -- Reusing softraid Disks -- Booting from a softraid Device -- Encrypted Disk Partitions -- Creating Encrypted Partitions -- Using Encrypted Partitions -- Automatic Decryption -- 10. Securing Your System -- Who Is the Enemy? -- Script Kiddies -- Botnets -- Disaffected Users -- Skilled Attackers -- OpenBSD Security Announcements -- OpenBSD Memory Protection -- W X -- .rodata Segments -- Guard Pages -- Address Space Layout Randomization -- ProPolice -- And More! -- File Flags -- File Flag Types -- Setting, Viewing, and Removing File Flags -- Securelevels -- Setting the System Securelevel -- Securelevel Definitions -- Securelevel -1 -- Securelevel 0 -- Securelevel 1 -- Securelevel 2 -- What Securelevel Do You Need? -- Securelevel Weaknesses -- Keeping Secure -- 11. Overview of TCP/IP -- Network Layers -- The Physical Layer -- The Datalink Layer.. - The Network Layer.. - OpenBSD, the elegant, highly secure Unix-like operating system, is widely used as the basis for critical DNS servers, routers, firewalls, and more. This long-awaited second edition of Absolute OpenBSD maintains author Michael Lucas's trademark straightforward and practical approach that readers have enjoyed for years. You'll learn the intricacies of the platform, the technical details behind certain design decisions, and best practices, with bits of humor sprinkled throughout. This edition has been completely updated for OpenBSD 5.3, including new coverage of OpenBSD's boot system, security fe
Emner
Sjanger
Dewey
ISBN
1-4571-7249-6. - 1-59327-523-4
Hylleplass
QA76.774.B47 L83 2013

Bibliotek som har denne