Preface Part I. Security Foundation 1. The Big Picture What Is System Security? Identifying Risks Responding to Risk; Security Process and Principles System Security Principles; Wrapping Up Resources 2. BSD Security Building Blocks Filesystem Protections Tweaking a Running Kernel: sysctl The Basic Sandbox: chroot Jail: Beyond chroot Inherent Protections OS Tuning Wrapping Up Resources 3. Secure Installation and Hardening General Concerns Installing FreeBSD FreeBSD Hardening: Your First Steps Installing OpenBSD OpenBSD Hardening: Your First Steps Post-Upgrade Hardening Wrapping Up Resources; 4. Secure Administration Techniques Access Control Security in Everyday Tasks Upgrading Security Vulnerability Response; Network Service Security Monitoring System Health Wrapping Up; Resources Part II. Deployment Situations 5. Creating a Secure DNS Server The Criticality of DNS DNS Software Installing BIND; Installing djbdns Operating BIND Operating djbdns Wrapping Up; Resources 6. Building Secure Mail Servers Mail Server Attacks; Mail Architecture Mail and DNS SMTP Mail Server Configurations; Sendmail Postfix qmail Mail Access Wrapping Up Resources; 7. Building a Secure Web Server Web Server Attacks Web Architecture Apache thttpd Advanced Web Servers with Jails; Wrapping Up Resources 8. Firewalls Firewall Architectures; Host Lockdown The Options: IPFW Versus PF Basic IPFW Configuration Basic PF Configuration Handling Failure; Wrapping Up Resources 9. Intrusion Detection No Magic Bullets; IDS Architectures NIDS on BSD Snort ACID HIDS on BSD; Wrapping Up Resources Part III. Auditing and Incident Response; 10. Managing the Audit Trails System Logging Logging via syslogd; Securing a Loghost logfile Management Automated Log Monitoring; Automated Auditing Scripts Wrapping Up Resources 11. Incident Response and Forensics Incident Response Forensics on BSD; Digging Deeper with the Sleuth Kit Wrapping Up Resources; Index
Yanek Korff graduated with a Bachelor's degree in Computer Science from the College of William and Mary and is currently a Certified Information Systems Security Professional (CISSP). Mr. Korff joined Bell Atlantic as a Systems Engineer where he played a major role in the strategy, design, and deployment of a key Northern Virginia test facility. He later joined Cigital, Inc., a software quality management company, where he played a central role in the design of their systems infrastructure. He is now an essential member of the Information Security division at America Online. During his career, Mr. Korff has been able to identify and mitigate information security risks particularly relating to host-based BSD security. By leveraging his experience, he has been able to apply security fundamentals to influence business and industry practices. Paco Hope is a Technical Manager with Cigital. His areas of expertise software security, security testing, and casino gaming. He specializes in analyzing the security of software, software systems, and software development processes. Paco frequently speaks at conferences such as the Better Software Conference, STAR East, and STAR West. He conducts training on risk-based security testing, writing security requirements, and software security fundamentals. He can be reached at email@example.com. Bruce Potter is a Senior Associate at Booz Allen Hamilton. Prior to working at Booz Allen Hamilton, Bruce served as a software security consultant for Cigital in Dulles, VA. Bruce is the founder of the Shmoo Group of security professionals. His areas of expertise include wireless security, large-scale network architectures, smartcards, and promotion of secure software engineering practices. Bruce coauthored the books 802.11 Security and Mac OS X Security. He was trained in computer science at the University of Alaska, Fairbanks.