Secure Architectures with OpenBSD
Product Author Bios
Brandon Palmer is a member of Crimelabs Security Research Group, a think tank and consulting firm, and has performed security audits and penetration testing for networks and systems.
Jose Nazario is a senior software engineer at Arbor Networks, an Internet security company. As a member of the OpenBSD project, he has written ports, made bug notes, and contributed to the code. Jose also runs the community forum at www.deadly.org and serves as a consultant and researcher at Crimelabs Security Research Group.
"This book works in tandem with the OpenBSD's manual pages. As a result, it will help many users grow and get the most from the system."—Theo de Raadt, OpenBSD project leader.
"The OpenBSD system intimidates many administrators who would benefit from using it. This book lets people start much higher up on the curve. Secure Architectures with OpenBSD not only presents the hows, but also shows some of the whys that only insiders know."—Mike Frantzen, NFR Security
"Secure Architectures with OpenBSD explains all of the tasks an administrator has to know about to successfully maintain an OpenBSD server. It helps the reader save time by condensing the vast amount of information available in man pages into a compact form, reducing unneeded information, and explaining other things in much more detail and prose than a man page can afford."—Daniel Hartmeier, the OpenBSD Project
"This book will become the de facto text for OpenBSD administration. Unix and BSD books abound, but none cover OpenBSD with the clarity and expertise of Palmer and Nazario. They explain the optimal way to configure and administer your OpenBSD machines, with a keen eye to security at all stages."—Brian Hatch, coauthor of Hacking Exposed Linux and Building Linux Virtual Private Networks
Descended from BSD, OpenBSD is a popular choice for those who demand stability and security from their operating system. No code goes into OpenBSD without first undergoing a rigorous security check, making it a terrific choice for Web servers, VPNs, and firewalls.
Secure Architectures with OpenBSD is the insider's guide to building secure systems using OpenBSD. Written by Brandon Palmer and Jose Nazario, this book is a how-to for system and network administrators who need to move to a more secure operating system and a reference for seasoned OpenBSD users who want to fully exploit every feature of the system.
After getting readers started with OpenBSD, the authors explain system configuration and administration, then explore more exotic hardware and advanced topics. Every chapter of the book addresses the issue of security because security is integrated into almost every facet of OpenBSD. Examples appear throughout the book, and the authors provide source code and system details unavailable anywhere else. This goes well beyond the basics and gives readers information they will need long after they have installed the system.Key topic coverage includes:
- Installation and upgrade details
- Basic system usage in OpenBSD versus other Unix systems
- Third-party software via packages and the ports tree
- SMTP services in OpenBSD
- Web services with Apache
- Using OpenBSD as a firewall
- OpenBSD as a Kerberos V client and server
- Use of Ipsec
- Configuration and use of IPv6
- Network intrusion detection
Secure Architectures with OpenBSD takes you inside OpenBSD, giving you the insights and expertise no system manual can provide. The companion Web site tracks advances and changes made to the operating system, and it contains updates to the book and working code samples.
19 of 19 people found the following review helpful
If you run OpenBSD, this book will stay within arms reach,
This review is from: Secure Architectures with OpenBSD (Paperback)Most of the information is available from other sources and if your run OpenBSD and want to keep 50 howtos and a couple general books on Unix handy you can do without this book. However, I am lazy and I like having the information I need at my fingertips with syntax that works the first time on the operating system I am using.
The authors and Addison Wesley are to be congratulated for the fantastic layout, the "code" examples stand out, they are pithy and illustrate the point. The one exception to that is the IPsec VPN chapter. Also, it is really easy reading for such a bone breakingly technical book.
I particularly enjoyed the PF chapter, it is a first rate treatment of firewalling, covers the bases nicely. The backup chapter is also well done, but I would argue more strongly on behalf of level 0 (full) backups. It is a an important enough concept to get more than a sentence. The introduction to systrace was wonderful. I am not sure covering snort in 7 pages is a... Read more
13 of 13 people found the following review helpful
Excellent book, somewhat misleading title,
This review is from: Secure Architectures with OpenBSD (Paperback)Before buying this book you need to understand a few facts about it:
- at first glance the title may lead you to believe it's about securing OpenBSD - it's not. It is about using an inherently secure operating system, OpenBSD, to its best advantage.
- you will need to be an experienced UNIX or Linux (or ideally OpenBSD) system admin to get the most out of the content.
- it is intended to be used in conjunction with OpenBSD man pages; as noted by another reviewer this book aggregates a lot of OpenBSD documentation, making it a convenient reference.
Because OpenBSD is more than a little different from other *NIX variants, and because it is cantankerous with respect to installation and configuration, the material in this book will save a lot of time and reduce the learning curve for anyone migrating to the OpenBSD environment. Reasons for this migration include the enhanced security by default and the inherent stability of this operating system.
Chapters 3, 4 and 5 are good... Read more
10 of 10 people found the following review helpful
Intro to OpenBSD? Yes. About security architecture? No.,
Amazon Verified Purchase(What's this?)
This review is from: Secure Architectures with OpenBSD (Paperback)I should have read the other reviews:
"at first glance the title may lead you to believe it's about securing OpenBSD - it's not. It is about using an inherently secure operating system, OpenBSD, to its best advantage."
Fair enough. As an introduction to OpenBSD for those with experience with other Unix systems, this is a great book. But I can read the man pages and other documentation. I wanted a book that discussed a way to build secure networks with OpenBSD as one component.
The chapter on VPN setup is the best that I have seen on that subject. But otherwise, it's a walk-through of basic installation and configuration.
I also purchased "Building Firewalls with OpenBSD and PF", and it is more what I was looking for: less about OpenBSD itself, and more about how to apply the system to protect your network.
› See all 7 customer reviews...
Online Sample Chapters
Table of Contents
I. GETTING STARTED.
II. SYSTEM CONFIGURATION AND ADMINISTRATION.
III. ADVANCED FEATURES.
Downloadable Sample Chapter
Download the Sample
Chapter related to this title.
Download the Index
file related to this title.
This book includes free shipping!
Get access to thousands of books and training videos about technology, professional development and digital media from more than 40 leading publishers, including Addison-Wesley, Prentice Hall, Cisco Press, IBM Press, O'Reilly Media, Wrox, Apress, and many more. If you continue your subscription after your 30-day trial, you can receive 30% off a monthly subscription to the Safari Library for up to 12 months. That's a total savings of $199.