TLS Mastery: Beastie Edition


Book Description

Transport Layer Security, or TLS, makes ecommerce and online banking possible. It protects your passwords and your privacy. Let’s Encrypt transformed TLS from an expensive tool to a free one. TLS understanding and debugging is an essential sysadmin skill you must have. TLS Mastery takes you through: · How TLS works · What TLS provides, and what it doesn’t · Wrapping unencrypted connections inside TLS · Assessing TLS configurations · The Automated Certificate Management Environment (ACME) protocol · Using Let’s Encrypt to automatically maintain TLS certificates · Online Certificate Status Protocol · Certificate Revocation · CAA, HSTS, and Certificate Transparency · Why you shouldn’t run your own CA, and how to do it anyway · and more! Stop wandering blindly around TLS. Master the protocol with TLS Mastery!




TLS Mastery


Book Description

Transport Layer Security, or TLS, makes ecommerce and online banking possible. It protects your passwords and your privacy. Let's Encrypt transformed TLS from an expensive tool to a free one. TLS understanding and debugging is an essential sysadmin skill you must have. TLS Mastery takes you through: - How TLS works - What TLS provides, and what it doesn't - Wrapping unencrypted connections inside TLS - Assessing TLS configurations - The Automated Certificate Management Environment (ACME) protocol - Using Let's Encrypt to automatically maintain TLS certificates - Online Certificate Status Protocol - Certificate Revocation - CAA, HSTS, and Certificate Transparency - Why you shouldn't run your own CA, and how to do it anyway - and more! Stop wandering blindly around TLS. Master the protocol with TLS Mastery!




FreeBSD Mastery: ZFS


Book Description

21st-Century Data Storage ZFS, the fast, flexible, self-healing filesystem, revolutionized data storage. Leveraging ZFS changes everything about managing FreeBSD systems. With FreeBSD Mastery: ZFS, you’ll learn to: -understand how your hardware affects ZFS -arrange your storage for optimal performance -configure datasets that match your enterprise’s needs -repair and monitor storage pools -expand your storage -use compression to enhance performance -determine if deduplication is right for your data -understand how copy-on-write changes everything -snapshot filesystems -automatically rotate snapshots -clone filesystems -understand how ZFS uses and manages space -do custom FreeBSD ZFS installs Whether you’re a long-term FreeBSD administrator or a new user, FreeBSD Mastery: ZFS will help you simplify storage. Master ZFS with FreeBSD Mastery: ZFS.




DNSSEC Mastery, 2nd edition


Book Description

DNS The world’s most successful distributed database—and the most naïve. The Domain Name System is one of the Internet’s oldest protocols, designed for a network without hostile users. Intruders targeting a network start by investigating their DNS. DNS Security Extensions, or DNSSEC, hardens DNS and brings it into the 21st century. Learning DNSSEC required wading through years of obsolete tutorials, dead ends, and inscrutable standards. Until now. This new edition of DNSSEC Mastery will have DNS administrators deploying DNSSEC with industry-standard software in hours instead of weeks. You will: · Understand what DNSSEC provides · Configure your servers to resist attack · Verify your environment supports modern DNS · Debug DNSSEC and the Chain of Trust · Sign your zones and attach them to the Chain of Trust · Conceal zone data with NSEC3 · Automate DNSSEC maintenance · Roll over keys to maintain integrity · Implement DNSSEC on private networks · Securely distribute security-critical information via DNS And more! DNSSEC Mastery transforms DNS from a headache to a solution.




OpenBSD Mastery: Filesystems


Book Description

"Many users assume that their advanced filesystem is better than UFS because they have so many features—snapshots, checksums, compression, sophisticated caching algorithms, and so on—while all UFS has ever done is muck about putting data on disk. But, conversely, UFS users believe their filesystem is better for exactly the same reasons." —Hitchhikers Guide to OpenBSD Disk management is the core of system administration. Nobody can tell you how large that database is going to grow or how many files that archive must eventually support, but for everything else there’s OpenBSD Mastery: Filesystems. This guide takes you through the latest in OpenBSD storage management, including: · OpenBSD’s cross-platform storage stack · MBR, GPT, and disklabel partitions · The Unix File System · Growing, removing, and repairing filesystems · Memory file systems · The Buffer Cache · Why you need swap, and how to live with it · Coping with FAT, NTFS, EXT, and more · The Network File System · iSCSI · Software RAID · Encrypted filesystems · Encrypted installs And more! Partition yourself for success and grab OpenBSD Mastery: Filesystems now.




Relayd & Httpd Mastery


Book Description

“I think we’re gonna need a bigger web server.” OpenBSD has a solid reputation for security and stability. It’s well known for the OpenSMTPd mail server, the LibreSSL cryptography library, and the PF packet filter. But nobody ever talks about the load balancer, or the web server. Until now. The httpd web server provides a fast, stable, secure environment for your web applications. The relayd load balancer lets you distribute Internet application load across multiple hosts. Between the two, you can slash hundreds of thousands of dollars off the cost of building, deploying, and managing applications. With Httpd and Relayd Mastery you’ll learn how to: · set up web sites · configure software to run in a chroot · run dozens or hundreds of sites on one host · dynamically reconfigure sites with Lua patterns · manage site logs · maintain free, globally-valid SSL certificates · improve performance with SSL stapling · install and maintain two-server clusters · distribute traffic between any number of hosts · stop worrying about old SSL versions and bad crypto algorithms Slash the amount of time you spend futzing with web servers. Get Httpd and Relayd Mastery today!




PAM Mastery


Book Description

Pluggable Authentication Modules: Threat or Menace? PAM is one of the most misunderstood parts of systems administration. Many sysadmins live with authentication problems rather than risk making them worse. PAM’s very nature makes it unlike any other Unix access control system. If you have PAM misery or PAM mysteries, you need PAM Mastery! With PAM Mastery, you’ll understand: · the different versions of PAM · the intricacies of Linux-PAM and OpenPAM · how PAM policies make decisions · how to debug PAM · the most frequently seen PAM modules · Linux-PAM extended controls and substacks · time-based one-time passwords · using SSH keys for more than SSH · password quality testing · policies from CentOS, Debian, and FreeBSD · and more! Transform PAM from a headache to an ally with PAM Mastery.




Virtue Politics


Book Description

Winner of the Helen and Howard Marraro Prize A Times Literary Supplement Book of the Year “Perhaps the greatest study ever written of Renaissance political thought.” —Jeffrey Collins, Times Literary Supplement “Magisterial...Hankins shows that the humanists’ obsession with character explains their surprising indifference to particular forms of government. If rulers lacked authentic virtue, they believed, it did not matter what institutions framed their power.” —Wall Street Journal “Puts the politics back into humanism in an extraordinarily deep and far-reaching way...For generations to come, all who write about the political thought of Italian humanism will have to refer to it; its influence will be...nothing less than transformative.” —Noel Malcolm, American Affairs “[A] masterpiece...It is only Hankins’s tireless exploration of forgotten documents...and extraordinary endeavors of editing, translation, and exposition that allow us to reconstruct—almost for the first time in 550 years—[the humanists’] three compelling arguments for why a strong moral character and habits of truth are vital for governing well. Yet they are as relevant to contemporary democracy in Britain, and in the United States, as to Machiavelli.” —Rory Stewart, Times Literary Supplement “The lessons for today are clear and profound.” —Robert D. Kaplan Convulsed by a civilizational crisis, the great thinkers of the Renaissance set out to reconceive the nature of society. Everywhere they saw problems. Corrupt and reckless tyrants sowing discord and ruling through fear; elites who prized wealth and status over the common good; religious leaders preoccupied with self-advancement while feuding armies waged endless wars. Their solution was at once simple and radical. “Men, not walls, make a city,” as Thucydides so memorably said. They would rebuild the fabric of society by transforming the moral character of its citizens. Soulcraft, they believed, was a precondition of successful statecraft. A landmark reappraisal of Renaissance political thought, Virtue Politics challenges the traditional narrative that looks to the Renaissance as the seedbed of modern republicanism and sees Machiavelli as its exemplary thinker. James Hankins reveals that what most concerned the humanists was not reforming institutions so much as shaping citizens. If character mattered more than laws, it would have to be nurtured through a new program of education they called the studia humanitatis: the precursor to our embattled humanities.




Absolute FreeBSD


Book Description

Absolute FreeBSD, 2nd Edition covers installation, networking, security, network services, system performance, kernel tweaking, filesystems, SMP, upgrading, crash debugging, and much more, including coverage of how to: Use advanced security features like packet filtering, virtual machines, and host-based intrusion detection; Build custom live FreeBSD CDs and bootable flash; Manage network services and filesystems; Use DNS and set up email, IMAP, web, and FTP services for both servers and clients; Monitor your system with performance-testing and troubleshooting tools; Run diskless systems; Manage schedulers, remap shared libraries, and optimize your system for your hardware and your workload; Build custom network appliances with embedded FreeBSD; Implement redundant disks, even without special hardware; Integrate FreeBSD-specific SNMP into your network management system. - Publisher.




FreeBSD Mastery: Jails


Book Description

CONFINE YOUR SOFTWARE Jails are FreeBSD’s most legendary feature: known to be powerful, tricky to master, and cloaked in decades of dubious lore. Deploying jails calls upon every sysadmin skill you have, and more—but unleashing lightweight virtualization is so worth it. FreeBSD Mastery: Jails cuts through the clutter to expose the inner mechanisms of jails and unleash their power in your service. You will: · Understand how jails achieve lightweight virtualization · Understand the base system’s jail tools and the iocage toolkit · Optimally configure jail hardware · Manage jails from the host and from within the jail · Optimize disk space usage to support hundreds or thousands of jails · Comfortably work within the limits of jails · Implement fine-grained control of jail features · Build virtual networks · Deploy hierarchical jails · Constrain jail resource usage · And more! Strip away the mystery. Read FreeBSD Mastery: Jails today! “This is the sequel to Git Commit Murder, right ?” /phk, creator of the jail system