Absolute OpenBSD, 2nd Edition

Absolute OpenBSD, 2nd Edition
Unix for the Practical Paranoid
by 
Michael W. Lucas
April 2013, 536 pp.
ISBN-13: 
978-1-59327-476-4

"The definitive book on OpenBSD gets a long-overdue refresh."
Theo de Raadt, OpenBSD Founder

OpenBSD, the elegant, highly secure Unix-like operating system, is widely used as the basis for critical DNS servers, routers, firewalls, and more. This long-awaited second edition of Absolute OpenBSD maintains author Michael Lucas's trademark straightforward and practical approach that readers have enjoyed for years. You'll learn the intricacies of the platform, the technical details behind certain design decisions, and best practices, with bits of humor sprinkled throughout. This edition has been completely updated for OpenBSD 5.3, including new coverage of OpenBSD's boot system, security features like W^X and ProPolice, and advanced networking techniques.

You'll learn how to:

  • Manage network traffic with VLANs, trunks, IPv6, and the PF packet filter
  • Make software management quick and effective using the ports and packages system
  • Give users only the access they need with groups, sudo, and chroots
  • Configure OpenBSD's secure implementations of SNMP, DHCP, NTP, hardware sensors, and more
  • Customize the installation and upgrade processes for your network and hardware, or build a custom OpenBSD release

Whether you're a new user looking for a complete introduction to OpenBSD or an experienced sysadmin looking for a refresher, Absolute OpenBSD, 2nd Edition will give you everything you need to master the intricacies of the world's most secure operating system.

Author Bio 

Michael W. Lucas is a network/security engineer who keeps getting stuck with network problems nobody else wants to touch. He is the author of the critically acclaimed Absolute FreeBSD, Network Flow Analysis, Cisco Routers for the Desperate, and PGP & GPG, all from No Starch Press. Find his website and blog at http://www.michaelwlucas.com/, or follow @mwlauthor on Twitter.

Table of contents 

Introduction
Chapter 1: Getting Additional Help
Chapter 2: Installation Preparations
Chapter 3: Installation Walk-Through
Chapter 4: Post-Install Setup
Chapter 5: The Boot Process
Chapter 6: User Management
Chapter 7: Root, and How to Avoid It
Chapter 8: Disks and Filesystems (PDF)
Chapter 9: More Filesystems
Chapter 10: Securing Your System
Chapter 11: Overview of TCP/IP
Chapter 12: Connecting to the Network
Chapter 13: Software Management
Chapter 14: Everything /etc
Chapter 15: System Maintenance
Chapter 16: Network Servers
Chapter 17: Desktop OpenBSD
Chapter 18: Kernel Configuration
Chapter 19: Building Custom Kernels
Chapter 20: Upgrading
Chapter 21: Packet Filtering
Chapter 22: Advanced PF
Chapter 23: Customizing OpenBSD
Afterword

View the Index (PDF)
View the detailed Table of Contents (PDF)

Reviews 

"Michael Lucas's books are good enough to raise national productivity statistics. Every copy of OpenBSD should be bundled with this book."
Richard Bejtlich, CSO of Mandiant, TaoSecurity blogger, and author of The Practice of Network Security Monitoring

"After 13 years of using OpenBSD, I learned something new and useful!"
Peter Hessler, OpenBSD Journal

"The OpenBSD world, myself included, has been waiting for an update to Absolute OpenBSD for years. Michael Lucas tackles OpenBSD topics in ways that are bound to inspire the learner and warm the hearts of Unix greybeards."
Peter Hansteen, author of The Book of PF

"Michael Lucas is a layperson's tutor, sitting next to you in front of an OpenBSD box and working through the same issues the average sysadmin does."
George Rosamond, founding member of the NYC*BSD User Group

"This is truly an excellent book. It's full of essential material on OpenBSD presented with a sense of humor and an obvious deep knowledge of how this OS works. I doubt that a better book on OpenBSD could be written."
Sandra Henry-Stocker, ITworld (Read More)

"Lucas has a sense of humour and that makes what would otherwise be a dry look at the nuts and bolts of an open source operating system a surprisingly fun journey. I certainly recommend the book for administrators."
Jesse Smith, DistroWatch (Read More)

"The second edition of Absolute OpenBSD delivers an updated tour of OpenBSD with great attention to detail and zero hand-waving. Mr. Lucas and No Starch Press have once again demonstrated exemplary respect and loyalty to OpenBSD and the BSD community."
Michael Dexter, Call For Testing (Read More)

"If you use OpenBSD, and have not yet achieved guru status, yes, this book is just for you. Even gurus will find valuable things in this book that they did not know."
Warren Block (Read More)

Updates 

Page 191:
In the section Viewing IPv4 Addresses, the sentence at the beginning of the paragraph which reads "The lines starting with inet are IPv6 addresses." should read "The lines starting with inet are IPv4 addresses."

Page 79:
The second paragraph that starts with: "This entry is named tty01" should read "This entry is named tty03."

Page 107:
In the section titled "The /etc/group File", in the paragraph that starts with "The third field gives the group’s unique numeric GID," the number 232 should be 2^32.

Page 120:
Under the section sudo Password Caching, the example which reads:
Defaults timestamp_timeout 10

Should read:
Defaults timestamp_timeout=10

Page 193:
In the third paragraph, the address which reads 2001:db8:a12a:bad:c0de:café should read 2001:db8:a12a:bad:c0de:cafe.

Page 195:
In the third paragraph, the address which reads fe80::bad:code:cafe should read fe80::bad:c0de:cafe (with a zero).

Page 198:
Under the section Transport Protocol Ports, the sentence "A logical port is just an arbitrary number ranging from 0 to 65536..." should instead read "A logical port is just an arbitrary number ranging from 0 to 65535..."

Page 223:
"more than 1Gpbs" should read "more than 1Gbps."

Page 316:
"Command Address Redundancy Protocol" should read "Common Address Redundancy Protocol."

Page 467:
"Command Address Redundancy Protocol" should read "Common Address Redundancy Protocol."