Chapter 15 Security

Table of Contents
15.1 Synopsis
15.2 Introduction
15.3 Securing FreeBSD
15.4 DES, Blowfish, MD5, SHA256, SHA512, and Crypt
15.5 One-time Passwords
15.6 TCP Wrappers
15.7 Kerberos5
15.8 OpenSSL
15.9 VPN over IPsec
15.10 OpenSSH
15.11 File System Access Control Lists (ACLs)
15.12 Monitoring Third Party Security Issues
15.13 FreeBSD Security Advisories
15.14 Process Accounting
Much of this chapter has been taken from the security(7) manual page by Matthew Dillon.

15.1 Synopsis

This chapter will provide a basic introduction to system security concepts, some general good rules of thumb, and some advanced topics under FreeBSD. A lot of the topics covered here can be applied to system and Internet security in general as well. The Internet is no longer a “friendly” place in which everyone wants to be your kind neighbor. Securing your system is imperative to protect your data, intellectual property, time, and much more from the hands of hackers and the like.

FreeBSD provides an array of utilities and mechanisms to ensure the integrity and security of your system and network.

After reading this chapter, you will know:

Before reading this chapter, you should:

Additional security topics are covered throughout this book. For example, Mandatory Access Control is discussed in Chapter 17 and Internet Firewalls are discussed in Chapter 31.