security.html

FreeBSD操作系统的详细使用手册

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator" content="HTML Tidy, see www.w3.org" />
<title>Security</title>
<meta name="GENERATOR" content="Modular DocBook HTML Stylesheet Version 1.7" />
<link rel="HOME" title="FreeBSD Handbook" href="index.html" />
<link rel="UP" title="System Administration" href="system-administration.html" />
<link rel="PREVIOUS" title="Groups" href="users-groups.html" />
<link rel="NEXT" title="Introduction" href="security-intro.html" />
<link rel="STYLESHEET" type="text/css" href="docbook.css" />
</head>
<body class="CHAPTER" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#840084"
alink="#0000FF">
<div class="NAVHEADER">
<table summary="Header navigation table" width="100%" border="0" cellpadding="0"
cellspacing="0">
<tr>
<th colspan="3" align="center">FreeBSD Handbook</th>
</tr>

<tr>
<td width="10%" align="left" valign="bottom"><a href="users-groups.html"
accesskey="P">Prev</a></td>
<td width="80%" align="center" valign="bottom"></td>
<td width="10%" align="right" valign="bottom"><a href="security-intro.html"
accesskey="N">Next</a></td>
</tr>
</table>

<hr align="LEFT" width="100%" />
</div>

<div class="CHAPTER">
<h1><a id="SECURITY" name="SECURITY"></a>Chapter 14 Security</h1>

<div class="TOC">
<dl>
<dt><b>Table of Contents</b></dt>

<dt>14.1 <a href="security.html#SECURITY-SYNOPSIS">Synopsis</a></dt>

<dt>14.2 <a href="security-intro.html">Introduction</a></dt>

<dt>14.3 <a href="securing-freebsd.html">Securing FreeBSD</a></dt>

<dt>14.4 <a href="crypt.html">DES, MD5, and Crypt</a></dt>

<dt>14.5 <a href="one-time-passwords.html">One-time Passwords</a></dt>

<dt>14.6 <a href="tcpwrappers.html">TCP Wrappers</a></dt>

<dt>14.7 <a href="kerberosiv.html"><b class="APPLICATION">KerberosIV</b></a></dt>

<dt>14.8 <a href="kerberos5.html"><b class="APPLICATION">Kerberos5</b></a></dt>

<dt>14.9 <a href="firewalls.html">Firewalls</a></dt>

<dt>14.10 <a href="openssl.html">OpenSSL</a></dt>

<dt>14.11 <a href="ipsec.html">VPN over IPsec</a></dt>

<dt>14.12 <a href="openssh.html">OpenSSH</a></dt>

<dt>14.13 <a href="fs-acl.html">File System Access Control Lists</a></dt>

<dt>14.14 <a href="security-advisories.html">FreeBSD Security Advisories</a></dt>
</dl>
</div>

<i class="AUTHORGROUP"><span class="CONTRIB">Much of this chapter has been taken from the
security(7) manual page by</span> Matthew Dillon.</i> 

<div class="SECT1">
<h1 class="SECT1"><a id="SECURITY-SYNOPSIS" name="SECURITY-SYNOPSIS">14.1
Synopsis</a></h1>

<p>This chapter will provide a basic introduction to system security concepts, some
general good rules of thumb, and some advanced topics under FreeBSD. A lot of the topics
covered here can be applied to system and Internet security in general as well. The
Internet is no longer a ``friendly'' place in which everyone wants to be your kind
neighbor. Securing your system is imperative to protect your data, intellectual property,
time, and much more from the hands of hackers and the like.</p>

<p>FreeBSD provides an array of utilities and mechanisms to ensure the integrity and
security of your system and network.</p>

<p>After reading this chapter, you will know:</p>

<ul>
<li>
<p>Basic system security concepts, in respect to FreeBSD.</p>
</li>

<li>
<p>About the various crypt mechanisms available in FreeBSD, such as <acronym
class="ACRONYM">DES</acronym> and <acronym class="ACRONYM">MD5</acronym>.</p>
</li>

<li>
<p>How to set up one-time password authentication.</p>
</li>

<li>
<p>How to configure <acronym class="ACRONYM">TCP</acronym> Wrappers for use with <tt
class="COMMAND">inetd</tt>.</p>
</li>

<li>
<p>How to set up <b class="APPLICATION">KerberosIV</b> on FreeBSD releases prior to
5.0.</p>
</li>

<li>
<p>How to set up <b class="APPLICATION">Kerberos5</b> on post FreeBSD 5.0 releases.</p>
</li>

<li>
<p>How to create firewalls using <acronym class="ACRONYM">IPFW</acronym>.</p>
</li>

<li>
<p>How to configure IPsec and create a <acronym class="ACRONYM">VPN</acronym> between
FreeBSD/<span class="TRADEMARK">Windows</span>&reg; machines.</p>
</li>

<li>
<p>How to configure and use <b class="APPLICATION">OpenSSH</b>, FreeBSD's <acronym
class="ACRONYM">SSH</acronym> implementation.</p>
</li>

<li>
<p>What file system <acronym class="ACRONYM">ACL</acronym>s are and how to use them.</p>
</li>

<li>
<p>How to utilize the FreeBSD security advisories publications.</p>
</li>
</ul>

<p>Before reading this chapter, you should:</p>

<ul>
<li>
<p>Understand basic FreeBSD and Internet concepts.</p>
</li>
</ul>
</div>
</div>

<div class="NAVFOOTER">
<hr align="LEFT" width="100%" />
<table summary="Footer navigation table" width="100%" border="0" cellpadding="0"
cellspacing="0">
<tr>
<td width="33%" align="left" valign="top"><a href="users-groups.html"
accesskey="P">Prev</a></td>
<td width="34%" align="center" valign="top"><a href="index.html"
accesskey="H">Home</a></td>
<td width="33%" align="right" valign="top"><a href="security-intro.html"
accesskey="N">Next</a></td>
</tr>

<tr>
<td width="33%" align="left" valign="top">Groups</td>
<td width="34%" align="center" valign="top"><a href="system-administration.html"
accesskey="U">Up</a></td>
<td width="33%" align="right" valign="top">Introduction</td>
</tr>
</table>
</div>

<p align="center"><small>This, and other documents, can be downloaded from <a
href="ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/">ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/</a>.</small></p>

<p align="center"><small>For questions about FreeBSD, read the <a
href="http://www.FreeBSD.org/docs.html">documentation</a> before contacting &#60;<a
href="mailto:questions@FreeBSD.org">questions@FreeBSD.org</a>&#62;.<br />
For questions about this documentation, e-mail &#60;<a
href="mailto:doc@FreeBSD.org">doc@FreeBSD.org</a>&#62;.</small></p>
</body>
</html>