FreeBSD and OpenBSD are increasingly gaining traction in educational institutions, non-profits, and corporations worldwide because they provide significant security advantages over Linux. Although a lot can be said for the robustness, clean organization, and stability of the BSD operating systems, security is one of the main reasons system administrators use these two platforms. There are plenty of books to help you get a FreeBSD or OpenBSD system off the ground, and all of them touch on security to some extent, usually dedicating a chapter to the subject. But, as security is commonly named as the key concern for today's system administrators, a single chapter on the subject can't provide the depth of information you need to keep your systems secure. FreeBSD and OpenBSD are rife with security "building blocks" that you can put to use, and Mastering FreeBSD and OpenBSD Security shows you how. Both operating systems have kernel options and filesystem features that go well beyond traditional Unix permissions and controls. This power and flexibility is valuable, but the colossal range of possibilities need to be tackled one step at a time. This book walks you through the installation of a hardened operating system, the installation and configuration of critical services, and ongoing maintenance of your FreeBSD and OpenBSD systems. Using an application-specific approach that builds on your existing knowledge, the book provides sound technical information on FreeBSD and Open-BSD security with plenty of real-world examples to help you configure and deploy a secure system. By imparting a solid technical foundation as well as practical know-how, it enables administrators to push their server's security to the next level. Even administrators in other environments--like Linux and Solaris--can find useful paradigms to emulate. Written by security professionals with two decades of operating system experience, Mastering FreeBSD and OpenBSD Security features broad and deep explanations of how how to secure your most critical systems. Where other books on BSD systems help you achieve functionality, this book will help you more thoroughly secure your deployments.
This book will walk the reader through the process of preparing and deploying open source host integrity monitoring software, specifically, Osiris and Samhain. From the configuration and installation to maintenance, testing, and fine-tuning, this book will cover everything needed to correctly deploy a centralized host integrity monitoring solution. The domain includes home networks on up to large-scale enterprise environments. Throughout the book, realistic and practical configurations will be provided for common server and desktop platforms. By the end of the book, the reader will not only understand the strengths and limitations of host integrity tools, but also understand how to effectively make use of them in order to integrate them into a security policy. * Brian Wotring is the creator of Osiris. He speaks and writes frequently on Osiris for major magazines, Web sites, and trade shows. And, the book can be prominently marketed from the Osiris Web site * This is the first book published on host integrity monitoring, despite the widespread deployment of Osiris and Samhain * Host Integrity Monitoring is the only way to accurately determine if a malicious attacker has successfully compromised the security measures of your network
OpenBSD is a Unix-like computer operating system that is widely regarded for its excellent documentation and its fanatical focus on security. "The OpenBSD Crash Course" Short Cut will help you get an x86 or AMD64/EM64T server, desktop, or network appliance up and running quickly with OpenBSD. You'll learn how to install or upgrade OpenBSD on x86 and AMD64 machines, how to configure it for server or workstation use, and how to properly maintain it until the next release.
Easy, Powerful Code Security Techniques for Every PHP Developer Hackers specifically target PHP Web applications. Why? Because they know many of these apps are written by programmers with little or no experience or training in software security. Don’t be victimized. Securing PHP Web Applications will help you master the specific techniques, skills, and best practices you need to write rock-solid PHP code and harden the PHP software you’re already using. Drawing on more than fifteen years of experience in Web development, security, and training, Tricia and William Ballad show how security flaws can find their way into PHP code, and they identify the most common security mistakes made by PHP developers. The authors present practical, specific solutions—techniques that are surprisingly easy to understand and use, no matter what level of PHP programming expertise you have. Securing PHP Web Applications covers the most important aspects of PHP code security, from error handling and buffer overflows to input validation and filesystem access. The authors explode the myths that discourage PHP programmers from attempting to secure their code and teach you how to instinctively write more secure code without compromising your software’s performance or your own productivity. Coverage includes Designing secure applications from the very beginning—and plugging holes in applications you can’t rewrite from scratch Defending against session hijacking, fixation, and poisoning attacks that PHP can’t resist on its own Securing the servers your PHP code runs on, including specific guidance for Apache, MySQL, IIS/SQL Server, and more Enforcing strict authentication and making the most of encryption Preventing dangerous cross-site scripting (XSS) attacks Systematically testing yourapplications for security, including detailed discussions of exploit testing and PHP test automation Addressing known vulnerabilities in the third-party applications you’re already running Tricia and William Ballad demystify PHP security by presenting realistic scenarios and code examples, practical checklists, detailed visuals, and more. Whether you write Web applications professionally or casually, or simply use someone else’s PHP scripts, you need this book—and you need it now, before the hackers find you!
This book shows in detail how to build enterprise-level secure, redundant, and highly scalable services from scratch on top of the open source Linux operating system, suitable for small companies as well as big universities. The core architecture presented is based on Kerberos, LDAP, AFS, and Samba. Coverage shows how to integrate web, message related, data base and other services with this backbone. This architecture provides a Single-Sign-On solution for different client platforms and can also be employed for clustering. Although it is implemented with Debian GNU/Linux, the content can be applied to other UNIX flavors.
The Latest Linux Security Solutions This authoritative guide will help you secure your Linux network--whether you use Linux as a desktop OS, for Internet services, for telecommunications, or for wireless services. Completely rewritten the ISECOM way, Hacking Exposed Linux, Third Edition provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the latest ISECOM security research and shows you, in full detail, how to lock out intruders and defend your Linux systems against catastrophic attacks. Secure Linux by using attacks and countermeasures from the latest OSSTMM research Follow attack techniques of PSTN, ISDN, and PSDN over Linux Harden VoIP, Bluetooth, RF, RFID, and IR devices on Linux Block Linux signal jamming, cloning, and eavesdropping attacks Apply Trusted Computing and cryptography tools for your best defense Fix vulnerabilities in DNS, SMTP, and Web 2.0 services Prevent SPAM, Trojan, phishing, DoS, and DDoS exploits Find and repair errors in C code with static analysis and Hoare Logic
Offering developers an inexpensive way to include testing as part of the development cycle, this cookbook features scores of recipes for testing Web applications, from relatively simple solutions to complex ones that combine several solutions.