買這商品的人也買了...
-
C++ Primer, 3/e 中文版$980$833 -
XML 程式設計藝術 (XML How to Program)$950$855 -
資料結構-使用 C 語言 (Fundamentals of Data Structures in C)$450$297 -
Visual C#.NET 程式設計經典$650$429 -
ASP.NET 程式設計徹底研究$590$466 -
鳥哥的 Linux 私房菜-伺服器架設篇$750$638 -
鳥哥的 Linux 私房菜─基礎學習篇增訂版$560$476 -
$1,068Fundamentals of Database Systems, 4/e (IE) -
JSP 2.0 技術手冊$750$638 -
Internet TCP/IP 協定觀念與實作, 2/e$580$493 -
RFID 技術與應用$480$408 -
Java Network Programming, 3/e (Paperback)$1,570$1,492 -
ASP.NET 徹底研究進階技巧─高階技巧與控制項實作$650$507 -
Linux iptables 技術實務─防火牆、頻寬管理、連線管制$620$527 -
Web CSS 網頁樣式設計學 (Cascading Style Sheets Standard Design Guide)$580$452 -
CCNA 認證教戰手冊 (CCNA: Cisco Certified Network Associate Study Guide, 5/e)(Exam 640-801)$820$697 -
遠端遙控、監控實戰 MIS 異地管理絕技$420$357 -
深入淺出 Java 程式設計, 2/e (Head First Java, 2/e)$880$695 -
CSS 功能索引式參考手冊$390$332 -
Ajax 網頁程式設計─Google 成功背後的技術$580$493 -
Ajax 與 Google Map API 入門實作$450$351 -
ASP.NET 2.0 深度剖析範例集$650$507 -
精通 Shell Scripting (Classic Shell Scripting)$620$490 -
Fun 心玩攝影$580$458 -
$399CompTIA Security+ Study Guide: Exam SY0-301, 5/e (Paperback)
相關主題
商品描述
Description:
FreeBSD and OpenBSD are increasingly gaining traction in educational institutions, non-profits, and corporations worldwide because they provide significant security advantages over Linux. Although a lot can be said for the robustness, clean organization, and stability of the BSD operating systems, security is one of the main reasons system administrators use these two platforms.
There are plenty of books to help you get a FreeBSD or OpenBSD system off the ground, and all of them touch on security to some extent, usually dedicating a chapter to the subject. But, as security is commonly named as the key concern for today's system administrators, a single chapter on the subject can't provide the depth of information you need to keep your systems secure.
FreeBSD and OpenBSD are rife with security "building blocks" that you can put to use, and Mastering FreeBSD and OpenBSD Security shows you how. Both operating systems have kernel options and filesystem features that go well beyond traditional Unix permissions and controls. This power and flexibility is valuable, but the colossal range of possibilities need to be tackled one step at a time. This book walks you through the installation of a hardened operating system, the installation and configuration of critical services, and ongoing maintenance of your FreeBSD and OpenBSD systems.
Using an application-specific approach that builds on your existing knowledge, the book provides sound technical information on FreeBSD and Open-BSD security with plenty of real-world examples to help you configure and deploy a secure system. By imparting a solid technical foundation as well as practical know-how, it enables administrators to push their server's security to the next level. Even administrators in other environments--like Linux and Solaris--can find useful paradigms to emulate.
Written by security professionals with two decades of operating system experience, Mastering FreeBSD and OpenBSD Security features broad and deep explanations of how how to secure your most critical systems. Where other books on BSD systems help you achieve functionality, this book will help you more thoroughly secure your deployments.
Table of Contents:
Preface
Part I. Security Foundation
1. The Big Picture
What Is System Security?
Identifying Risks
Responding to Risk
Security Process and Principles
System Security Principles
Wrapping Up
Resources
2. BSD Security Building Blocks
Filesystem Protections
Tweaking a Running Kernel: sysctl
The Basic Sandbox: chroot
Jail: Beyond chroot
Inherent Protections
OS Tuning
Wrapping Up
Resources
3. Secure Installation and Hardening
General Concerns
Installing FreeBSD
FreeBSD Hardening: Your First Steps
Installing OpenBSD
OpenBSD Hardening: Your First Steps
Post-Upgrade Hardening
Wrapping Up
Resources
4. Secure Administration Techniques
Access Control
Security in Everyday Tasks
Upgrading
Security Vulnerability Response
Network Service Security
Monitoring System Health
Wrapping Up
Resources
Part II. Deployment Situations
5. Creating a Secure DNS Server
The Criticality of DNS
DNS Software
Installing BIND
Installing djbdns
Operating BIND
Operating djbdns
Wrapping Up
Resources
6. Building Secure Mail Servers
Mail Server Attacks
Mail Architecture
Mail and DNS
SMTP
Mail Server Configurations
Sendmail
Postfix
qmail
Mail Access
Wrapping Up
Resources
7. Building a Secure Web Server
Web Server Attacks
Web Architecture
Apache
thttpd
Advanced Web Servers with Jails
Wrapping Up
Resources
8. Firewalls
Firewall Architectures
Host Lockdown
The Options: IPFW Versus PF
Basic IPFW Configuration
Basic PF Configuration
Handling Failure
Wrapping Up
Resources
9. Intrusion Detection
No Magic Bullets
IDS Architectures
NIDS on BSD
Snort
ACID
HIDS on BSD
Wrapping Up
Resources
Part III. Auditing and Incident Response
10. Managing the Audit Trails
System Logging
Logging via syslogd
Securing a Loghost
logfile Management
Automated Log Monitoring
Automated Auditing Scripts
Wrapping Up
Resources
11. Incident Response and Forensics
Incident Response
Forensics on BSD
Digging Deeper with the Sleuth Kit
Wrapping Up
Resources
Index
商品描述(中文翻譯)
描述:
FreeBSD 和 OpenBSD 在全球的教育機構、非營利組織和企業中越來越受到重視,因為它們相對於 Linux 提供了顯著的安全優勢。雖然 BSD 作業系統的穩健性、清晰的組織結構和穩定性都值得稱讚,但安全性是系統管理員選擇這兩個平台的主要原因之一。
有很多書籍可以幫助你啟動 FreeBSD 或 OpenBSD 系統,所有這些書籍都在某種程度上觸及安全性,通常會專門 dedicating 一章來討論這個主題。然而,因為安全性通常被認為是當今系統管理員的主要關注點,單一的一章無法提供你所需的深入資訊來保持系統的安全。
FreeBSD 和 OpenBSD 充滿了你可以利用的安全「基石」,而《Mastering FreeBSD and OpenBSD Security》將告訴你如何使用它們。這兩個作業系統擁有超越傳統 Unix 權限和控制的內核選項和檔案系統功能。這種強大和靈活性是有價值的,但龐大的可能性範圍需要逐步解決。本書將引導你完成安裝一個加固的作業系統、安裝和配置關鍵服務,以及持續維護你的 FreeBSD 和 OpenBSD 系統。
本書採用應用特定的方法,基於你現有的知識,提供有關 FreeBSD 和 OpenBSD 安全的可靠技術資訊,並提供大量的實際範例來幫助你配置和部署安全系統。通過傳授堅實的技術基礎和實用的專業知識,使管理員能夠將伺服器的安全性提升到一個新的水平。即使是在其他環境(如 Linux 和 Solaris)的管理員,也能找到有用的範例來模仿。
本書由擁有二十年作業系統經驗的安全專業人士撰寫,《Mastering FreeBSD and OpenBSD Security》提供了如何保護你最關鍵系統的廣泛而深入的解釋。其他有關 BSD 系統的書籍幫助你實現功能,而本書將幫助你更徹底地保護你的部署。
目錄:
前言
第一部分:安全基礎
1. 大局觀
- 什麼是系統安全?
- 識別風險
- 回應風險
- 安全過程和原則
- 系統安全原則
- 總結
- 資源
2. BSD 安全基石
- 檔案系統保護
- 調整運行中的內核:sysctl
- 基本沙盒:chroot
- 監獄:超越 chroot
- 內建保護
- 作業系統調整
- 總結
- 資源
3. 安全安裝與加固
- 一般考量
- 安裝 FreeBSD
- FreeBSD 加固:你的第一步
- 安裝 OpenBSD
- OpenBSD 加固:你的第一步
- 升級後的加固
- 總結
- 資源
4. 安全管理技術
- 存取控制
- 日常任務中的安全性
- 升級
- 安全漏洞回應
- 網路服務安全
- 監控系統健康
- 總結
- 資源
第二部分:部署情境
5. 創建安全的 DNS 伺服器
- DNS 的重要性
- DNS 軟體
- 安裝 BIND
- 安裝 djbdns
- 操作 BIND
- 操作 djbdns
- 總結
- 資源
6. 建立安全的郵件伺服器
- 郵件伺服器攻擊
- 郵件架構
- 郵件與 DNS
- SMTP
- 郵件伺服器配置
- Sendmail
- Postfix
- qmail
- 郵件存取
- 總結
- 資源
7. 建立安全的網頁伺服器
- 網頁伺服器攻擊
- 網頁架構
- Apache
- thttpd
- 使用監獄的高級網頁伺服器
- 總結
- 資源
8. 防火牆
- 防火牆架構
- 主機鎖定
- 選擇:IPFW 與 PF
- 基本 IPFW 配置
- 基本 PF 配置
- 處理故障
- 總結
- 資源
9. 入侵檢測
- 沒有魔法子彈
- IDS 架構
- BSD 上的 NIDS
- Snort
- ACID
- BSD 上的 HIDS
- 總結
- 資源
第三部分:審計與事件回應
10. 管理審計記錄
- 系統日誌
- 通過 syslogd 記錄
- 保護日誌主機
- 日誌檔管理
- 自動化日誌監控
- 自動化審計腳本
- 總結
- 資源
11. 事件回應與取證
- 事件回應
- BSD 上的取證
- 使用 Sleuth Kit 深入挖掘
- 總結
- 資源
索引
