Kerberos on OpenBSDRelease Date: 2012-07
Free Issue to Download! BSD 7/2012
In order to download the magazine you need to sign up to our newsletter. After clicking the “Download” button, you will be asked to provide your email address. You need to verify your email address using the link from the activation email you will receive. If you already subscribed to our list, you will be asked to provide your email address each time you download the magazine. No activation email will be sent and you should see the link for download.
1. After the activation of your subscription you need to click the “download” button once again to start downloading the PDF.
2. In case you do not get the activation email please check your spam folder. If it is not there, please use different email address.
Deploy a Full-featured Mail Server on OpenBSD 5.1 with iRedMail
iRedMail installs and configures mail server binary packages automatically from the official software repositories provided by Linux/BSD distribution venders. These packages include: Postfix, Dovecot, Apache, OpenLDAP, MySQL or PostgreSQL, Amavisd and Roundcube. The article is dedicated to Open Source edition of the program.
freebsd-update as Intrusion Detection System
One of the most annoying things a sysadmin can endure is a system intrusion. A script kiddie might only install an IRC bot, but a skilled intruder can carefully replace core system binaries so as to exploit more systems or extract more data. An Advanced Persistent Threat (APT) intruder might even patch and secure a penetrated system, so as to delay detection…
Taming the Blowfish with a Dog
This article is meant to be a quick, yet comprehensive overview of using Kerberos to manage user passwords and single-sign-on on OpenBSD. It is by no way an exhaustive documentation about Kerberos – entire books have been written about it!
Upgrading Ports Using Portmaster
On a FreeBSD server, the system administrator has the choice of using either packages (binary) or the ports system (source). Packages are precompiled binaries from the source in the ports system. These packages come with some sane default options. It is sufficient for a server with minimum customization.
Hardening FreeBSD with TrustedBSD and Mandatory Access Controls (MAC) Part 2
Most system administrators understand the need to lock down permissions for files and applications. In addition to these configuration options on FreeBSD, there are features provided by TrustedBSD that add additional layers of specific security controls to fine tune the operating system for multilevel securit.y From this article you will learn the configuration of the Mandatory Access Controls provided by FreeBSD and how to apply the concepts of the Biba model to FreeBSD.
DNSSEC Part 3: Securing the DNS Hosting Environment
DNS security can be distilled into two maxims: always run the latest version of your chosen DNS software package, and never provide unnecessary information or services to strangers. Put another way, keep current and be stingy! The truth is: DNS servers are susceptible to the same types of vulnerabilities (platform, software, and network-level) as any other host on the Internet. This article will provide guidelines for secure configuration of the DNS hosting environment. The author focuses on three areas: content control of the zone file, securing the DNS host platform and software.
Interview with Gabriel Weinberg, Founder of DuckDuckGo
DuckDuckGo is a general purpose search engine with way more instant answers, way less spam/clutter, and real privacy. Read the interview with its developer to find out more about the purpouses behing its unique features!