Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

BSD Security - Protect Your BSD
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

BSD Security - Protect Your BSD

subinsubin Member
edited May 2012 in General

For BSD user :)

bsdmag.org/magazine/1800-bsd-security-protect-your-bsd

A Fresh Look at the Warden for PC-BSD 9.1

For the PC-BSD 8.x series, new jail management software named “Warden” was first introduced. This software provided users a brand new graphical method of managing FreeBSD jails on their desktops. For 9.1 Warden has been given a complete makeover, and incorporated directly into the base system. Read the article to find out what are the new features that make PC-BSD 9.1 more versatile than ever for jail administrators and users.

  • Kris Moore
    Intro to DTrace

Sometimes you wish you had a comprehensive tool for profiling and debugging without having to maintain a chain of tools, merge their outputs and put some glue here and there to extract meaningful information from it. We now have a tool called DTrace, originally developed by Sun. From this article you will find out how to setup DTrace in your Freebsd box. The author will test also some of the providers available for DTrace and see the output.

  • Carlos Atonio Neira
    A Web Application Firewall for Nginx

When servers got compromised web applications present themselves very often as the entry point. In most cases the reason is an outdated script with known or unknown vulnerabilities or an in-house development which is not properly validating submitted data. Well this is nothing new to you, I hope. The questions is what we can do to prevent this. By reading this article you will learn how to set up a high performance, low maintenance Web Application Firewall in NGINX. This what you will find in this article is just a sample of what you can read in a new book written by Benedikt Niessen. Unfortunately, published in German, but who knows – maybe soon the english edition will be available as well.

  • Benedikt Niessen
    Introducing EasyPBI – Making PBI Modules With a Few Mouse Clicks

In this article we are going to talk a bit about Push Button Installer (PBI) packages and how we can quickly create these packages from existing software in the FreeBSD Ports Collection. The tool we will be using to facilitate the creation of these packages is called EasyPBI and it can be installed from FreeBSD Ports.

  • Jesse Smith
    Mysql-zrm: Enterprise Level Backups for MySQL

Setting up MySQL backup and restore processes typically takes up a lot of a DBA’s time and attention. With mysql-zrm we can setup a backup strategy without the need of creating complex custom shell scripts.Once we have our MySQL server up and running we need a backup strategy to save our data. Instead of using complex scripts written around mysqldump we could use a software that has many feautures to backup our databases and that is easy enough to deploy.

  • Giovanni Bechis
    Anatomy of FreeBSD Compromise (Part 5)

In the penultimate part in our series, we will compromise a FreeBSD server using different techniques. The *BSD family are some of the most secure operating systems available today. Security is very much a fundamental philosophy and mindset, as it is very difficult to implement once software is written. Earlier versions are not so secure (unless patched) so I have created another FreeBSD 7.0 test server, as well as our 6.1 and 5.0 hosts. Let’s see what happened…

  • Rob Somerville
    Hardening FreeBSD with TrustedBSD and Mandatory Access Controls (MAC)

Most system administrators understand the need to lock down permissions for files and applications. In addition to these configuration options on FreeBSD, there are features provided by TrustedBSD that add additional layers of specific security controls to fine tune the operating system for multilevel security. From this article you will learn the configuration of the Mandatory Access Controls provided by FreeBSD. You fill also find out how to apply the concepts of multilevel security model to FreeBSD.

  • Michael Shirk
    Security Best Practice for DNS Servers

What happens when a trusted server turns out not to be so trustworthy, whether by accident or by intent? Many client machines are only configured with stub resolvers and use trusted servers to perform all of their DNS queries on their behalf. In many cases, the trusted server is furnished by the user’s ISP and advertised to the client via DHCP. Besides accidental betrayal of this trust relationship — whether by server bugs, successful server break-ins, etc. — the server itself may be configured to give back answers that are not what the user would expect.

Thanked by 1taipres

Comments

  • taiprestaipres Member

    Thanks you for making this post, seems like the BSD's don't get much love, but they're definitely awesome os's. These are some good locking down tips too.

Sign In or Register to comment.