Absolute OpenBSD : Unix for the practical paranoid / by Michael W. Lucas.

Format:

Book

Author/Creator:

Lucas, Michael W. (Michael Warren), 1967-

Language:

English

Subjects (All):

OpenBSD (Electronic resource).

UNIX (Computer file).

Operating systems (Computers).

Physical Description:

1 online resource (536 p.)

Edition:

2nd ed.

Place of Publication:

[San Francisco, California] : No Starch Press, 2013.

Language Note:

English

System Details:

text file

Summary:

OpenBSD, the elegant, highly secure Unix-like operating system, is widely used as the basis for critical DNS servers, routers, firewalls, and more. This long-awaited second edition of Absolute OpenBSD maintains author Michael Lucas's trademark straightforward and practical approach that readers have enjoyed for years. You'll learn the intricacies of the platform, the technical details behind certain design decisions, and best practices, with bits of humor sprinkled throughout. This edition has been completely updated for OpenBSD 5.3, including new coverage of OpenBSD's boot system, security fe

Contents:

Intro

Absolute OpenBSD

Advance Praise for Absolute OpenBSD, 2nd Edition

Dedication

About the Author

About the Technical Reviewer

Foreword

Acknowledgments

Introduction

What Is Security?

What Is BSD?

The BSD License

AT&amp

T vs. the World

The Birth of OpenBSD

The OpenBSD Community

OpenBSD Users

OpenBSD Contributors

OpenBSD Committers

OpenBSD Coordinator

OpenBSD's Strengths

Portability

Power

Documentation

Free

Correctness

Security

OpenBSD and Your Security

OpenBSD's Uses

Desktop

Server

Network Management

About This Book

Contents Overview

1. Getting Additional Help

OpenBSD's Support Model

The Code Is Fine. What's Wrong with You?

Sources of Information

Man Pages

Manual Sections

Viewing Man Pages

Finding Man Pages

Overlapping Man Page Names

Man Page Contents

Man Pages on the Web

The OpenBSD Website

Mirrors

The OpenBSD FAQ

Non-Project Websites

OpenBSD Mailing Lists

Unofficial Mailing Lists

Read-Only Mailing Lists

Using OpenBSD Problem-Solving Resources

Using the OpenBSD Website

Using Man Pages

Using Internet Searches

Using Mailing Lists

Creating a Good Help Request

How to Be Ignored

Sending Your Email

Responding to Email

2. Installation Preparations

OpenBSD Hardware

Supported Hardware

Proprietary Hardware, Blobs, and Firmware

Processors

Memory (RAM)

Hard Drives

Virtualization

Multiple Operating Systems

Getting OpenBSD

Official CDs

Internet Downloads

Mirror Site Layout

Release Directories

Boot Media

Choosing Install Media

Local Installation Servers

File Sets

Partitioning

Standard OpenBSD Partitions

Root Partition

Swap Space

/tmp Directory

/var Partition

/usr Partition

/usr/X11R6 Partition.

/usr/local Partition

/usr/src Partition

/usr/obj Partition

/home Partition

Creating Other Partitions

Partition Filesystems

Multiple Hard Drives

Understanding Partitions

MBR Partitions

Disklabel Partitions

Understanding Disklabels

Sectors and Lies

Sectors and Disklabels

Other Information

3. Installation Walk-Through

Hardware Setup

BIOS Configuration

Making Boot Media

Making Boot Floppies

Creating Floppies on Unix-like Systems

Creating Floppies on Microsoft Systems

Making Boot CDs

Installing OpenBSD

Running the Installation Program

Multiple Network Cards

Setting Up Services and the First User

Setting the Time Zone

Setting Up the Disk

Choosing File Sets

Finishing the Installation

Custom Disk Layout

Viewing Disklabels

Deleting Partitions

Erasing Existing Disklabels

Creating Disklabel Partitions

Writing the New Disklabel

Adding More Disks

Advanced Disklabel Commands

Changing Basic Drive Parameters

Modifying Existing Partitions

Entering Expert Mode

Getting More Help

4. Post-Install Setup

First Steps

Checking the System Errata

Setting the Root Password

Software Configuration

Time and Date

Setting the Date and Time

Setting the Time with ntpd(8)

Setting the Date Manually

Hostname

Networking

Configuring Ethernet Interfaces

Static IP Addresses

Dynamic Configuration

Setting a Default Gateway

Setting Name Service Servers

Mail Aliases and Status Mail

Keyboard Mapping

Installing Ports and Source Code

Booting to a Graphic Console

Onward!

5. The Boot Process

Power-On and the Boot Loader

Booting in Single-User Mode

Mounting Disks in Single-User Mode

Starting the Network in Single-User Mode

Booting an Alternate Kernel.

Booting a Different Kernel File

Booting from an Alternate Hard Disk

Finding the Disk

Finding the Partition

Booting the Kernel

Making Boot Loader Settings Permanent

Serial Consoles

Other Platform Serial Consoles

Serial Console Physical Setup

Serial Console Configuration

Configuring the Serial Console Client

Setting Up the Serial Console

Testing the Serial Configuration

Changing the Serial Console Speed

Changing the Client Serial Port

Serial Logins

Multiuser Startup

Startup System Scripts

The /etc/rc Script

The /etc/rc.conf Script

The /etc/rc.conf.local Script

The /etc/netstart Script

The /etc/rc.securelevel Script

The /etc/rc.local Script

The /etc/rc.shutdown Script

The /etc/rc.firsttime Script

The /etc/fastboot Script

The /etc/rc.d Directory

Software Startup Scripts

Third-Party rc.d Scripts

Force-Starting Software

6. User Management

The Root Account

Adding Users

Adding Users Interactively

Configuring adduser

Creating User Accounts

Adding Users Noninteractively

Groups in Batch Mode

Passwords and Batch Mode

Other Batch Mode Options

User Account Restrictions

Removing User Accounts

Editing User Accounts

Login Classes

Login Class Definitions

Changing login.conf

Legal Values for login.conf Variables

Setting Resource Limits

Modifying the Shell Environment

Password and Login Options

Changing Authentication Methods

Using Login Classes for RADIUS Authentication

Unprivileged User Accounts

The nobody Account

_username

Creating Unprivileged Users

7. Root, and How to Avoid It

The Root Password

Using Groups

The /etc/group File

Creating Groups

Groups, Unprivileged Users, and Group Permissions

Hiding Root with sudo

Why Use sudo?

sudo Disadvantages.

An Overview of the sudo Software

The visudo(8) Command

The /etc/sudoers File

Multiple Entries in a sudoers Field

Running Commands As Non-root Users

Long Lines

/etc/sudoers Aliases

User Aliases

Run as Aliases

Host Aliases

Command Aliases

Using Aliases in /etc/sudoers

Nesting Aliases

Alias Naming Conventions

Changing sudo's Default Behavior

Overriding Defaults per Host

Overriding Defaults per User

Overriding Defaults per Command

Overriding Defaults per Run As

sudo and the Environment

Using sudo

sudo Password Caching

Running Commands Under sudo

Running Commands as Other Users

sudoedit

The Biggest sudo Mistake: Exclusions

sudo Logs

8. Disks and Filesystems

Device Nodes

Raw and Block Devices

Block Devices

Raw Devices

Choosing Your Mode

Device Attachment vs. Device Name

DUIDs and /etc/fstab

MBR Partitions and fdisk(8)

Viewing MBR Partitions

Adding and Removing Partitions

Making a Partition Bootable

Exiting fdisk

Labeling Disks

Viewing Labels

Backing Up and Restoring Disklabels

The Fast File System

FFS Versions

Blocks, Fragments, and Inodes

Blocks

Inodes

Superblocks

Creating FFS Filesystems

FFS Mount Options

Mount Options and /etc/fstab

Read-Only Mounts

Read-Write Mounts

Synchronous Mounts

Asynchronous Mounts

Soft Update Mounts

"Don't Track Access Time" Mounts

No Device Nodes Permitted Mount

Execution Forbidden Mounts

setuid Forbidden

Do Not Automatically Mount This Filesystem

Filesystem Integrity

Running fsck

Blindly Trusting fsck

What's Currently Mounted?

Mounting and Unmounting Partitions

Mounting Standard Filesystems

Mounting at Nonstandard Locations

Unmounting Partitions

Mounting with Options.

How Full Is That Partition?

What's All That Stuff?

Setting BLOCKSIZE

Adding New Hard Disks

Creating an MBR Partition

Creating a Disklabel

Moving Partitions

Adding New Filesystems

Stackable Mounts

9. More Filesystems

Backing Up to the /altroot Partition

Memory Filesystems

Creating MFS Partitions

Mounting an MFS at Boot

Foreign Filesystems

Inodes vs. Vnodes

Common Foreign Filesystems

MS-DOS

NTFS

ext2fs

CD

Foreign Filesystem Ownership

Removable Media

Mounting Filesystem Images

Attaching Vnode Devices to Disk Images

Detaching Vnode Devices from Images

Basic NFS Setup

The OpenBSD NFS Server

Exporting Filesystems

NFS and Users

Permitted Clients

Multiple Exports for One Partition

NFS Clients

Software RAID

RAID Types

Preparing Disks for softraid

Creating softraid Devices

softraid Status

Identifying Failed softraid Volumes

Rebuilding Failed softraid Volumes

Deleting softraid Devices

Reusing softraid Disks

Booting from a softraid Device

Encrypted Disk Partitions

Creating Encrypted Partitions

Using Encrypted Partitions

Automatic Decryption

10. Securing Your System

Who Is the Enemy?

Script Kiddies

Botnets

Disaffected Users

Skilled Attackers

OpenBSD Security Announcements

OpenBSD Memory Protection

W^X

.rodata Segments

Guard Pages

Address Space Layout Randomization

ProPolice

And More!

File Flags

File Flag Types

Setting, Viewing, and Removing File Flags

Securelevels

Setting the System Securelevel

Securelevel Definitions

Securelevel -1

Securelevel 0

Securelevel 1

Securelevel 2

What Securelevel Do You Need?

Securelevel Weaknesses

Keeping Secure

11. Overview of TCP/IP

Network Layers

The Physical Layer

The Datalink Layer.

The Network Layer.

Notes:

Includes index.

Description based on publisher supplied metadata and other sources.

ISBN:

9781457172496

1457172496

9781593275235

1593275234

OCLC:

1156210602