April 14, 2005
"Mastering FreeBSD and OpenBSD Security": Building, Securing, and Maintaining BSD Systems
Sebastopol, CA--FreeBSD and OpenBSD are often considered the "other" free
operating systems--other than Linux, that is. However, these two BSD-based
operating systems have increasingly gained traction in educational
institutions, nonprofits, and corporations worldwide. The reason? They
provide significant security advantages over Linux. In fact, security is
the primary reason that most system administrators use these two
platforms. Oddly enough, books that focus specifically on the security
aspects of these two operating systems are rare.
"It's about time that FreeBSD and OpenBSD--operating systems that tout
security as one of their greatest assets--have a book on security," says
Yanek Korff, coauthor with Paco Hope and Bruce Potter of Mastering
FreeBSD and OpenBSD Security (O'Reilly, $49.95). Korff adds, "Deploying
these systems without a firm understanding that security must be thought
of in advance is folly."
There are plenty of books to help users get a FreeBSD or OpenBSD system
off the ground, and all of them touch on security to some extent, usually
dedicating a chapter to the subject. But, as security is commonly named as
the key concern for today's system administrators, a single chapter on the
subject can't provide the depth of information needed to keep systems
secure. Coauthor Potter agrees, citing, "a complete lack of coverage of
security in the BSD arena."
FreeBSD and OpenBSD are rife with security building blocks that can be put
to use by knowledgeable administrators. Both operating systems have kernel
options and filesystem features that go well beyond traditional Unix
permissions and controls. This power and flexibility is valuable, but the
colossal range of possibilities needs to be tackled one step at a time.
"Host-based security is more than just host-lockdown," Potter explains.
"Ongoing administration is the key to the overall security of a host."
Many people view security in terms of black and white: either a system is
secure or it is not. Korff, Hope, and Potter take another approach,
describing security as a journey--a product of ongoing risk management.
"Rather than trying to make your system secure, you continually evaluate
your exposure to risks and keep the system as secure as it needs to be,"
they tell readers.
Mastering FreeBSD and OpenBSD Security introduces readers to the wide
range of security tools that BSD systems offer so they'll be able to
choose which tools apply to their particular situations. "Security is all
about matching your defense to the threats you face, not making your
system 'go to eleven,'" says Hope. "We show the risks, explain why an
administrator cares, and offer a variety of mitigations that the
administrator can choose from."
By imparting a solid technical foundation as well as practical know-how,
Mastering FreeBSD and OpenBSD Security enables administrators to push
their servers' security to the next level. Even administrators in other
environments--like Linux and Solaris--can find useful paradigms to
emulate. The book covers the installation of hardened operating system,
the installation and configuration of critical services, and the ongoing
maintenance of the systems.
Written by security professionals with two decades of operating system
experience, Mastering FreeBSD and OpenBSD Security features broad and
deep explanations of how to secure the most critical systems. Where other
books on BSD systems help readers achieve functionality, this book will
help them more thoroughly secure their deployments.
Mastering FreeBSD and OpenBSD Security
Yanek Korff, Paco Hope, and Bruce Potter
ISBN: 0-596-00626-8, 445 pages, $49.95 US, $69.95 CA
O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An active participant in the technology community, the company has a long history of advocacy, meme-making, and evangelism.
Return to: O'Reilly Press Room
Recent Press Releases
Press Release Archive »
Media Relations - North America & Conferences
Media Relations - Japan
Media Relations - United Kingdom