LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Announcements page

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

"Mastering FreeBSD and OpenBSD Security" Released by O'Reilly

[Posted April 15, 2005 by cook]

From:  "Kathryn Barrett" <kathrynb-AT-oreilly.com>
To:  lwn-AT-lwn.net
Subject:  "Mastering FeeBSD and OpenBSD Security" Released by O'Reilly
Date:  Thu, 14 Apr 2005 14:14:12 -0700

For Immediate Release
For more information, a review copy, cover art, or an interview with
the authors, contact:
Kathryn Barrett (707) 827-7094 or kathrynb@oreilly.com
	
Building, Securing, and Maintaining BSD Systems
O'Reilly Releases "Mastering FreeBSD and OpenBSD Security"

Sebastopol, CA--FreeBSD and OpenBSD are often considered the "other" free
operating systems--other than Linux, that is. However, these two BSD-based
operating systems have increasingly gained traction in educational
institutions, nonprofits, and corporations worldwide. The reason? They
provide significant security advantages over Linux.  In fact, security is
the primary reason that most system administrators use these two
platforms.  Oddly enough, books that focus specifically on the security
aspects of these two operating systems are rare.

"It's about time that FreeBSD and OpenBSD--operating systems that tout
security as one of their greatest assets--have a book on security," says
Yanek Korff, coauthor with Paco Hope and Bruce Potter of "Mastering
FreeBSD and OpenBSD Security" (O'Reilly, $49.95). Korff adds, "Deploying
these systems without a firm understanding that security must be thought
of in advance is folly."

There are plenty of books to help users get a FreeBSD or OpenBSD system
off the ground, and all of them touch on security to some extent, usually
dedicating a chapter to the subject. But, as security is commonly named as
the key concern for today's system administrators, a single chapter on the
subject can't provide the depth of information needed to keep systems
secure. Coauthor Potter agrees, citing, "a complete lack of coverage of
security in the BSD arena."

FreeBSD and OpenBSD are rife with security building blocks that can be put
to use by knowledgeable administrators. Both operating systems have kernel
options and filesystem features that go well beyond traditional Unix
permissions and controls. This power and flexibility is valuable, but the
colossal range of possibilities needs to be tackled one step at a time.
"Host-based security is more than just host-lockdown," Potter explains.
"Ongoing administration is the key to the overall security of a host."

Many people view security in terms of black and white: either a system is
secure or it is not. Korff, Hope, and Potter take another approach,
describing security as a journey--a product of ongoing risk management.
"Rather than trying to make your system secure, you continually evaluate
your exposure to risks and keep the system as secure as it needs to be,"
they tell readers.

"Mastering FreeBSD and OpenBSD Security" introduces readers to the wide
range of security tools that BSD systems offer so they'll be able to
choose which tools apply to their particular situations. "Security is all
about matching your defense to the threats you face, not making your
system 'go to eleven,'" says Hope. "We show the risks, explain why an
administrator cares, and offer a variety of mitigations that the
administrator can choose from."

By imparting a solid technical foundation as well as practical know-how,
"Mastering FreeBSD and OpenBSD Security" enables administrators to push
their servers' security to the next level. Even administrators in other
environments--like Linux and Solaris--can find useful paradigms to
emulate.  The book covers the installation of hardened operating system,
the installation and configuration of critical services, and the ongoing
maintenance of the systems.

Written by security professionals with two decades of operating system
experience, "Mastering FreeBSD and OpenBSD Security" features broad and
deep explanations of how to secure the most critical systems. Where other
books on BSD systems help readers achieve functionality, this book will
help them more thoroughly secure their deployments.

Additional Resources:

Chapter 1, "The Big Picture," is available online at:
http://www.oreilly.com/catalog/mfreeopenbsd/chapter/index...

For more information about the book, including table of contents, index,
author bios, and samples, see:
http://www.oreilly.com/catalog/mfreeopenbsd/

For a cover graphic in JPEG format, go to:
ftp://ftp.ora.com/pub/graphics/book_covers/hi-res/0596006...

Mastering FreeBSD and OpenBSD Security
Yanek Korff, Paco Hope, and Bruce Potter
ISBN: 0-596-00626-8, 445 pages, $49.95 US, $69.95 CA
order@oreilly.com
1-800-998-9938
1-707-827-7000
http://www.oreilly.com

About O'Reilly
O'Reilly Media, Inc. is the premier information source for leading-edge
computer technologies. The company's books, conferences, and web sites
bring to light the knowledge of technology innovators. O'Reilly books,
known for the animals on their covers, occupy a treasured place on the
shelves of the developers building the next generation of software.
O'Reilly conferences and summits bring alpha geeks and forward-thinking
business leaders together to shape the revolutionary ideas that spark new
industries. From the Internet to XML, open source, .NET, Java, and web
services, O'Reilly puts technologies on the map. For more information:
http://www.oreilly.com

# # #

O'Reilly is a registered trademark of O'Reilly Media, Inc. All other
trademarks are property of their respective owners.
(Log in to post comments)

Copyright © 2005, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds