Richard Bejtlich

OpenBSD, the elegant, highly secure Unix-like operating system, is widely used as the basis for critical DNS servers, routers, firewalls, and more. This long-awaited second edition of Absolute OpenBSD maintains author Michael Lucas's trademark straightforward and practical approach that readers have enjoyed for years. You'll learn the intricacies of the platform, the technical details behind certain design decisions, and best practices, with bits of humor sprinkled throughout. This edition has been completely updated for OpenBSD 5.3, including new coverage of OpenBSD's boot system, security features like W^X and ProPolice, and advanced networking techniques. You'll learn how to: –Manage network traffic with VLANs, trunks, IPv6, and the PF packet filter –Make software management quick and effective using the ports and packages system –Give users only the access they need with groups, sudo, and chroots –Configure OpenBSD's secure implementations of SNMP, DHCP, NTP, hardware sensors, and more –Customize the installation and upgrade processes for your network and hardware, or build a custom OpenBSD release Whether you're a new user looking for a complete introduction to OpenBSD or an experienced sysadmin looking for a refresher, Absolute OpenBSD, 2nd Edition will give you everything you need to master the intricacies of the world's most secure operating system.

Device drivers make it possible for your software to communicate with your hardware, and because every operating system has specific requirements, driver writing is nontrivial. When developing for FreeBSD, you've probably had to scour the Internet and dig through the kernel sources to figure out how to write the drivers you need. Thankfully, that stops now. In FreeBSD Device Drivers, Joseph Kong will teach you how to master everything from the basics of building and running loadable kernel modules to more complicated topics like thread synchronization. After a crash course in the different FreeBSD driver frameworks, extensive tutorial sections dissect real-world drivers like the parallel port printer driver. You'll learn: –All about Newbus, the infrastructure used by FreeBSD to manage the hardware devices on your system –How to work with ISA, PCI, USB, and other buses –The best ways to control and communicate with the hardware devices from user space –How to use Direct Memory Access (DMA) for maximum system performance –The inner workings of the virtual null modem terminal driver, the USB printer driver, the Intel PCI Gigabit Ethernet adapter driver, and other important drivers –How to use Common Access Method (CAM) to manage host bus adapters (HBAs) Concise descriptions and extensive annotations walk you through the many code examples. Don't waste time searching man pages or digging through the kernel sources to figure out how to make that arcane bit of hardware work with your system. FreeBSD Device Drivers gives you the framework that you need to write any driver you want, now.

Summary Securing DevOps explores how the techniques of DevOps and security should be applied together to make cloud services safer. This introductory book reviews the latest practices used in securing web applications and their infrastructure and teaches you techniques to integrate security directly into your product. You'll also learn the core concepts of DevOps, such as continuous integration, continuous delivery, and infrastructure as a service. Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications. About the Technology An application running in the cloud can benefit from incredible efficiencies, but they come with unique security threats too. A DevOps team's highest priority is understanding those risks and hardening the system against them. About the Book Securing DevOps teaches you the essential techniques to secure your cloud services. Using compelling case studies, it shows you how to build security into automated testing, continuous delivery, and other core DevOps processes. This experience-rich book is filled with mission-critical strategies to protect web applications against attacks, deter fraud attempts, and make your services safer when operating at scale. You'll also learn to identify, assess, and secure the unique vulnerabilities posed by cloud deployments and automation tools commonly used in modern infrastructures. What's inside An approach to continuous securityImplementing test-driven security in DevOpsSecurity techniques for cloud servicesWatching for fraud and responding to incidentsSecurity testing and risk assessment About the Reader Readers should be comfortable with Linux and standard DevOps practices like CI, CD, and unit testing. About the Author Julien Vehent is a security architect and DevOps advocate. He leads the Firefox Operations Security team at Mozilla, and is responsible for the security of Firefox's high-traffic cloud services and public websites. Table of Contents Securing DevOpsPART 1 - Case study: applying layers of security to a simple DevOps pipelineBuilding a barebones DevOps pipeline Security layer 1: protecting web applications Security layer 2: protecting cloud infrastructures Security layer 3: securing communications Security layer 4: securing the delivery pipeline PART 2 - Watching for anomalies and protecting services against attacksCollecting and storing logs Analyzing logs for fraud and attacks Detecting intrusions The Caribbean breach: a case study in incident response PART 3 - Maturing DevOps securityAssessing risks Testing security Continuous security

Malware analysis is big business, and attacks can cost a company dearly. When malware breaches your defenses, you need to act quickly to cure current infections and prevent future ones from occurring. For those who want to stay ahead of the latest malware, Practical Malware Analysis will teach you the tools and techniques used by professional analysts. With this book as your guide, you'll be able to safely analyze, debug, and disassemble any malicious software that comes your way. You'll learn how to: –Set up a safe virtual environment to analyze malware –Quickly extract network signatures and host-based indicators –Use key analysis tools like IDA Pro, OllyDbg, and WinDbg –Overcome malware tricks like obfuscation, anti-disassembly, anti-debugging, and anti-virtual machine techniques –Use your newfound knowledge of Windows internals for malware analysis –Develop a methodology for unpacking malware and get practical experience with five of the most popular packers –Analyze special cases of malware with shellcode, C++, and 64-bit code Hands-on labs throughout the book challenge you to practice and synthesize your skills as you dissect real malware samples, and pages of detailed dissections offer an over-the-shoulder look at how the pros do it. You'll learn how to crack open malware to see how it really works, determine what damage it has done, thoroughly clean your network, and ensure that the malware never comes back. Malware analysis is a cat-and-mouse game with rules that are constantly changing, so make sure you have the fundamentals. Whether you're tasked with securing one network or a thousand networks, or you're making a living as a malware analyst, you'll find what you need to succeed in Practical Malware Analysis.