Absolute OpenBSD Unix for the practical paranoid
OpenBSD, the elegant, highly secure Unix-like operating system, is widely used as the basis for critical DNS servers, routers, firewalls, and more. This long-awaited second edition of Absolute OpenBSD maintains author Michael Lucas's trademark straightforward and practical approach that readers...
| Autor principal: | |
|---|---|
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
[San Francisco, California] :
No Starch Press
2013.
|
| Edición: | 2nd ed |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009628857006719 |
Tabla de Contenidos:
- Intro
- Absolute OpenBSD
- Advance Praise for Absolute OpenBSD, 2nd Edition
- Dedication
- About the Author
- About the Technical Reviewer
- Foreword
- Acknowledgments
- Introduction
- What Is Security?
- What Is BSD?
- The BSD License
- AT&
- T vs. the World
- The Birth of OpenBSD
- The OpenBSD Community
- OpenBSD Users
- OpenBSD Contributors
- OpenBSD Committers
- OpenBSD Coordinator
- OpenBSD's Strengths
- Portability
- Power
- Documentation
- Free
- Correctness
- Security
- OpenBSD and Your Security
- OpenBSD's Uses
- Desktop
- Server
- Network Management
- About This Book
- Contents Overview
- 1. Getting Additional Help
- OpenBSD's Support Model
- The Code Is Fine. What's Wrong with You?
- Sources of Information
- Man Pages
- Manual Sections
- Viewing Man Pages
- Finding Man Pages
- Overlapping Man Page Names
- Man Page Contents
- Man Pages on the Web
- The OpenBSD Website
- Mirrors
- The OpenBSD FAQ
- Non-Project Websites
- OpenBSD Mailing Lists
- Unofficial Mailing Lists
- Read-Only Mailing Lists
- Using OpenBSD Problem-Solving Resources
- Using the OpenBSD Website
- Using Man Pages
- Using Internet Searches
- Using Mailing Lists
- Creating a Good Help Request
- How to Be Ignored
- Sending Your Email
- Responding to Email
- 2. Installation Preparations
- OpenBSD Hardware
- Supported Hardware
- Proprietary Hardware, Blobs, and Firmware
- Processors
- Memory (RAM)
- Hard Drives
- Virtualization
- Multiple Operating Systems
- Getting OpenBSD
- Official CDs
- Internet Downloads
- Mirror Site Layout
- Release Directories
- Boot Media
- Choosing Install Media
- Local Installation Servers
- File Sets
- Partitioning
- Standard OpenBSD Partitions
- Root Partition
- Swap Space
- /tmp Directory
- /var Partition
- /usr Partition
- /usr/X11R6 Partition.
- /usr/local Partition
- /usr/src Partition
- /usr/obj Partition
- /home Partition
- Creating Other Partitions
- Partition Filesystems
- Multiple Hard Drives
- Understanding Partitions
- MBR Partitions
- Disklabel Partitions
- Understanding Disklabels
- Sectors and Lies
- Sectors and Disklabels
- Other Information
- 3. Installation Walk-Through
- Hardware Setup
- BIOS Configuration
- Making Boot Media
- Making Boot Floppies
- Creating Floppies on Unix-like Systems
- Creating Floppies on Microsoft Systems
- Making Boot CDs
- Installing OpenBSD
- Running the Installation Program
- Multiple Network Cards
- Setting Up Services and the First User
- Setting the Time Zone
- Setting Up the Disk
- Choosing File Sets
- Finishing the Installation
- Custom Disk Layout
- Viewing Disklabels
- Deleting Partitions
- Erasing Existing Disklabels
- Creating Disklabel Partitions
- Writing the New Disklabel
- Adding More Disks
- Advanced Disklabel Commands
- Changing Basic Drive Parameters
- Modifying Existing Partitions
- Entering Expert Mode
- Getting More Help
- 4. Post-Install Setup
- First Steps
- Checking the System Errata
- Setting the Root Password
- Software Configuration
- Time and Date
- Setting the Time Zone
- Setting the Date and Time
- Setting the Time with ntpd(8)
- Setting the Date Manually
- Hostname
- Networking
- Configuring Ethernet Interfaces
- Static IP Addresses
- Dynamic Configuration
- Setting a Default Gateway
- Setting Name Service Servers
- Mail Aliases and Status Mail
- Keyboard Mapping
- Installing Ports and Source Code
- Booting to a Graphic Console
- Onward!
- 5. The Boot Process
- Power-On and the Boot Loader
- Booting in Single-User Mode
- Mounting Disks in Single-User Mode
- Starting the Network in Single-User Mode
- Booting an Alternate Kernel.
- Booting a Different Kernel File
- Booting from an Alternate Hard Disk
- Finding the Disk
- Finding the Partition
- Booting the Kernel
- Making Boot Loader Settings Permanent
- Serial Consoles
- Other Platform Serial Consoles
- Serial Console Physical Setup
- Serial Console Configuration
- Configuring the Serial Console Client
- Setting Up the Serial Console
- Testing the Serial Configuration
- Changing the Serial Console Speed
- Changing the Client Serial Port
- Serial Logins
- Multiuser Startup
- Startup System Scripts
- The /etc/rc Script
- The /etc/rc.conf Script
- The /etc/rc.conf.local Script
- The /etc/netstart Script
- The /etc/rc.securelevel Script
- The /etc/rc.local Script
- The /etc/rc.shutdown Script
- The /etc/rc.firsttime Script
- The /etc/fastboot Script
- The /etc/rc.d Directory
- Software Startup Scripts
- Third-Party rc.d Scripts
- Force-Starting Software
- 6. User Management
- The Root Account
- Adding Users
- Adding Users Interactively
- Configuring adduser
- Creating User Accounts
- Adding Users Noninteractively
- Groups in Batch Mode
- Passwords and Batch Mode
- Other Batch Mode Options
- User Account Restrictions
- Removing User Accounts
- Editing User Accounts
- Login Classes
- Login Class Definitions
- Changing login.conf
- Legal Values for login.conf Variables
- Setting Resource Limits
- Modifying the Shell Environment
- Password and Login Options
- Changing Authentication Methods
- Using Login Classes for RADIUS Authentication
- Unprivileged User Accounts
- The nobody Account
- _username
- Creating Unprivileged Users
- 7. Root, and How to Avoid It
- The Root Password
- Using Groups
- The /etc/group File
- Creating Groups
- Groups, Unprivileged Users, and Group Permissions
- Hiding Root with sudo
- Why Use sudo?
- sudo Disadvantages.
- An Overview of the sudo Software
- The visudo(8) Command
- The /etc/sudoers File
- Multiple Entries in a sudoers Field
- Running Commands As Non-root Users
- Long Lines
- /etc/sudoers Aliases
- User Aliases
- Run as Aliases
- Host Aliases
- Command Aliases
- Using Aliases in /etc/sudoers
- Nesting Aliases
- Alias Naming Conventions
- Changing sudo's Default Behavior
- Overriding Defaults per Host
- Overriding Defaults per User
- Overriding Defaults per Command
- Overriding Defaults per Run As
- sudo and the Environment
- Using sudo
- sudo Password Caching
- Running Commands Under sudo
- Running Commands as Other Users
- sudoedit
- The Biggest sudo Mistake: Exclusions
- sudo Logs
- 8. Disks and Filesystems
- Device Nodes
- Raw and Block Devices
- Block Devices
- Raw Devices
- Choosing Your Mode
- Device Attachment vs. Device Name
- DUIDs and /etc/fstab
- MBR Partitions and fdisk(8)
- Viewing MBR Partitions
- Adding and Removing Partitions
- Making a Partition Bootable
- Exiting fdisk
- Labeling Disks
- Viewing Labels
- Creating Disklabel Partitions
- Backing Up and Restoring Disklabels
- The Fast File System
- FFS Versions
- Blocks, Fragments, and Inodes
- Blocks
- Inodes
- Superblocks
- Creating FFS Filesystems
- FFS Mount Options
- Mount Options and /etc/fstab
- Read-Only Mounts
- Read-Write Mounts
- Synchronous Mounts
- Asynchronous Mounts
- Soft Update Mounts
- "Don't Track Access Time" Mounts
- No Device Nodes Permitted Mount
- Execution Forbidden Mounts
- setuid Forbidden
- Do Not Automatically Mount This Filesystem
- Filesystem Integrity
- Running fsck
- Blindly Trusting fsck
- What's Currently Mounted?
- Mounting and Unmounting Partitions
- Mounting Standard Filesystems
- Mounting at Nonstandard Locations
- Unmounting Partitions
- Mounting with Options.
- How Full Is That Partition?
- What's All That Stuff?
- Setting BLOCKSIZE
- Adding New Hard Disks
- Creating an MBR Partition
- Creating a Disklabel
- Moving Partitions
- Adding New Filesystems
- Stackable Mounts
- 9. More Filesystems
- Backing Up to the /altroot Partition
- Memory Filesystems
- Creating MFS Partitions
- Mounting an MFS at Boot
- Foreign Filesystems
- Inodes vs. Vnodes
- Common Foreign Filesystems
- MS-DOS
- NTFS
- ext2fs
- CD
- Foreign Filesystem Ownership
- Removable Media
- Mounting Filesystem Images
- Attaching Vnode Devices to Disk Images
- Detaching Vnode Devices from Images
- Basic NFS Setup
- The OpenBSD NFS Server
- Exporting Filesystems
- Read-Only Mounts
- NFS and Users
- Permitted Clients
- Multiple Exports for One Partition
- NFS Clients
- Software RAID
- RAID Types
- Preparing Disks for softraid
- Creating softraid Devices
- softraid Status
- Identifying Failed softraid Volumes
- Rebuilding Failed softraid Volumes
- Deleting softraid Devices
- Reusing softraid Disks
- Booting from a softraid Device
- Encrypted Disk Partitions
- Creating Encrypted Partitions
- Using Encrypted Partitions
- Automatic Decryption
- 10. Securing Your System
- Who Is the Enemy?
- Script Kiddies
- Botnets
- Disaffected Users
- Skilled Attackers
- OpenBSD Security Announcements
- OpenBSD Memory Protection
- W^X
- .rodata Segments
- Guard Pages
- Address Space Layout Randomization
- ProPolice
- And More!
- File Flags
- File Flag Types
- Setting, Viewing, and Removing File Flags
- Securelevels
- Setting the System Securelevel
- Securelevel Definitions
- Securelevel -1
- Securelevel 0
- Securelevel 1
- Securelevel 2
- What Securelevel Do You Need?
- Securelevel Weaknesses
- Keeping Secure
- 11. Overview of TCP/IP
- Network Layers
- The Physical Layer
- The Datalink Layer.
- The Network Layer.
