Chapter 10 Security

Table of Contents
10.1 Synopsis
10.2 Introduction
10.3 Securing FreeBSD
10.4 DES, MD5, and Crypt
10.5 One-time Passwords
10.6 KerberosIV
10.7 Kerberos5
10.8 Firewalls
10.9 OpenSSL
10.10 VPN over IPsec
10.11 OpenSSH
10.12 Mandatory Access Control (MAC)
10.13 File System Access Control Lists
Much of this chapter has been taken from the security(7) manual page by Matthew Dillon.

10.1 Synopsis

This chapter will provide a basic introduction to system security concepts, some general good rules of thumb, and some advanced topics under FreeBSD. A lot of the topics covered here can be applied to system and Internet security in general as well. The Internet is no longer a ``friendly'' place in which everyone wants to be your kind neighbor. Securing your system is imperative to protect your data, intellectual property, time, and much more from the hands of hackers and the like.

FreeBSD provides an array of utilities and mechanisms to ensure the integrity and security of your system and network.

After reading this chapter, you will know:

Before reading this chapter, you should:

This, and other documents, can be downloaded from

For questions about FreeBSD, read the documentation before contacting <[email protected]>.
For questions about this documentation, e-mail <[email protected]>.