This chapter will provide a basic introduction to system security concepts, some general good rules of thumb, and some advanced topics under FreeBSD. A lot of the topics covered here can be applied to system and Internet security in general as well. The Internet is no longer a ``friendly'' place in which everyone wants to be your kind neighbor. Securing your system is imperative to protect your data, intellectual property, time, and much more from the hands of hackers and the like.
FreeBSD provides an array of utilities and mechanisms to ensure the integrity and security of your system and network.
After reading this chapter, you will know:
Basic system security concepts, in respect to FreeBSD.
About the various crypt mechanisms available in FreeBSD, such as DES and MD5.
How to set up one-time password authentication.
How to set up KerberosIV on FreeBSD releases prior to 5.0.
How to set up Kerberos5 on post FreeBSD 5.0 releases.
How to create firewalls using IPFW.
How to configure IPsec and create a VPN between FreeBSD/Windows® machines.
How to configure and use OpenSSH, FreeBSD's SSH implementation.
How to configure and load access control extension modules using the TrustedBSD MAC Framework.
What file system ACLs are and how to use them.
Before reading this chapter, you should:
Understand basic FreeBSD and Internet concepts.
This, and other documents, can be downloaded from ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/.
For questions about FreeBSD, read the documentation before contacting <[email protected]>.
For questions about this documentation, e-mail <[email protected]>.