Other Security Resources

Previous page
Table of content
Next page

This chapter has covered a few general security topics as they apply specifically to FreeBSD. However, the subject of network security is vast, and it grows each day as more and more malicious users try to find ways to bring down the Internet's core services.

A number of excellent resources are available on security, both FreeBSD-specific and general, that you would do well to check out.

The man security Page

Compiled by Matthew Dillon, the man security page contains a long discussion of general security topics and good administrative habits. It also provides miscellaneous tips for preventing break-ins and DOS attacks. This page is the basis for a number of online resources, including part of the FreeBSD Handbook.

Mailing Lists

Join the freebsd-security@freebsd.org mailing list. Do this by sending a message to majordomo@freebsd.org, with subscribe freebsd-security in the message body. This list is where the most up-to-date discussion of security issues takes place. As an administrator, you will need to keep abreast of the most recent developments so you can defend against each new vulnerability as it becomes known.

Another useful security list, geared toward UNIX security issues in general, is Bugtraq. This list receives advisories of all major issues that arise in Internet security, sometimes before their full impact on FreeBSD is known. Bugtraq is hosted at http://www.securityfocus.com, where you can subscribe to the list or search its archives.

CERT (http://www.cert.org) and SANS (http://www.sans.org) are indispensable securityfocused resources that will keep you abreast of developments in the world of security and new vulnerabilities across the spectrum of operating systems.

Finally, the comp.risks newsgroup is available in digest form at http://catless.ncl.ac.uk/Risks; this list is a forum for security professionals who discuss the technical and philosophical ramifications of security-related issues in everything from server platforms to credit card checksums and RFID tags.

FreeBSD Security Advisories

Security advisories are sent out by the FreeBSD Security Officer onto the freebsdannounce@freebsd.org and freebsd-security@freebsd.org lists to warn of newly discovered vulnerabilities. Each advisory is also archived at http://www.freebsd.org/security/.

An advisory contains a complete discussion of the nature and impact of a vulnerability, whether it exists in part of the core FreeBSD system or in a program in the ports collection, whether it's FreeBSD-specific or not, and how to work around or solve the problem. Because it would be inviting hackers to a free lunch to disclose the exact nature of a vulnerability before a fix is available, advisories are released only after a solution has been found. This is one good reason to subscribe to freebsd-security@freebsd.org; there will be discussion of a vulnerability there even before the advisory is released.

Fixes to vulnerabilities in ports or packages usually mean simply synchronizing your ports tree and rebuilding the port in question (see Chapter 16). A fix to the core FreeBSD system, though, is usually checked into the appropriate errata fix branch of the FreeBSD version you're running; to take advantage of it, you will need to rebuild that part of your system after synchronizing your sources. If the fix is in a sufficiently fundamental part of the system code, you might need to do a complete make world to make your system secure. Instructions on how to do this are in Chapter 19, "Keeping Up to Date with FreeBSD."

Web Resources

The FreeBSD Security Information page, http://www.freebsd.org/security/, contains resources and links geared toward the FreeBSD administrator or developer. Security advisories are archived here, as are various tips and tricks for reducing your risk factors.

CERT (http://www.cert.org), the Internet's foremost security advisory site, maintains resources on security vulnerabilities in all different operating systems and is widely regarded as the authoritative source of alerts and recovery information. CERT also handles incident reports; you can report a break-in there, and it will work with the proper authorities to catch the perpetrator.

SecurityFocus, the site that hosts Bugtraq, is a security news site covering topics from intrusion-detection systems to virus protection. It also has numerous articles on good security practices and how to run a system responsibly. It doesn't have much in the way of FreeBSD-specific material, but much of its information can be applied to any platform. The URL is http://www.securityfocus.com.

SANS (http://www.sans.org) is a security resource that provides training courses and certifications to security professionals, as well as an ongoing series of newsletters about the state of Internet security, and an "Internet Threat Level" that tracks the progress of active exploits making the rounds at any given time.

Books

Two books suggested in /etc/rc.firewall are Firewalls & Internet Security, by William R. Cheswick and Steven M. Bellowin, for general network security topics, and Building Internet Firewalls, 2nd Edition, by Brent Chapman and Elizabeth Zwicky, for fuller coverage of firewall theory and practice.

Further books and papers on security are listed and scored for usefulness at the SecurityFocus site, under the "Library" link.



Previous page
Table of content
Next page
FreeBSD 6 Unleashed
FreeBSD 6 Unleashed
ISBN: 0672328755
EAN: 2147483647
Year: 2006
Pages: 355
Authors: Brian Tiemann
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
Java How to Program (6th Edition) (How to Program (Deitel))
Making Sense of Change Management: A Complete Guide to the Models, Tools and Techniques of Organizational Change
The Java Tutorial: A Short Course on the Basics, 4th Edition
Special Edition Using Crystal Reports 10
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy