From 99333306b8924d300ffd745bf5e1e139e337e830 Mon Sep 17 00:00:00 2001 From: Sergio Carlavilla Delgado Date: Wed, 27 Sep 2023 18:46:56 +0200 Subject: Handbook - Security: Upgrade the chapter Upgrade Security chapter as part of the Handbook Working Group. This is a first approximation, there are things to improve and add to the chapter, but we can continue from here :) Changes: - Move VPN over IPSec to an article, in the future we will add too OpenVPN (DCO) and WireGuard to the article - Rework Securing Accounts section - Upgrade Password Hashes algorithms - Improve sudo/doas section - Add new Intrusion Detection System (IDS) section - Add new Secure levels section - Add new File flags section - Rework OpenSSH and OpenSSL sections - Rework Access Control Lists and add NFSv4 ACLs - Add Capsicum introduction section - Upgrade Resource Limits section - Improve Asciidoc syntax Documentation checked: - https://man.freebsd.org/security - https://calomel.org/ids_mtree.html - https://calomel.org/openssh.html - https://calomel.org/openssh_distributed.html - https://man.freebsd.org/cgi/man.cgi?query=chflags&sektion=1&apropos=0&manpath=FreeBSD+13.2-RELEASE+and+Ports - https://www.cyberciti.biz/tips/howto-write-protect-file-with-immutable-bit.html - https://wiki.gentoo.org/wiki/Doas - https://people.freebsd.org/~dannyboy/articles/freebsd_acls.pdf - https://wiki.freebsd.org/NFSv4_ACLs - https://man.freebsd.org/cgi/man.cgi?setfacl Reviewed by: emaste, karels, philip (first draft) Differential Revision: https://reviews.freebsd.org/D41620 Sponsored by: Daifressh --- shared/en/urls.adoc | 1 + 1 file changed, 1 insertion(+) (limited to 'shared') diff --git a/shared/en/urls.adoc b/shared/en/urls.adoc index 33fa8135b9..a7d91bef33 100644 --- a/shared/en/urls.adoc +++ b/shared/en/urls.adoc @@ -62,3 +62,4 @@ endif::[] :solid-state: {main-site}/articles/solid-state/ :vinum: {main-site}/articles/vinum/ :vm-design: {main-site}/articles/vm-design/ +:vpn-ipsec: {main-site}/articles/vpn-ipsec/ -- cgit v1.2.3