From 61a850f3faddbf689655e971a6daf89244466aa0 Mon Sep 17 00:00:00 2001 From: mazocomp Date: Sat, 13 Jan 2018 05:08:14 +0000 Subject: [PATCH] Simplify --- docs/handbook/Security/index.mdwn | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/docs/handbook/Security/index.mdwn b/docs/handbook/Security/index.mdwn index 7947ef23..f567851d 100644 --- a/docs/handbook/Security/index.mdwn +++ b/docs/handbook/Security/index.mdwn @@ -1,23 +1,9 @@ # Security -[[!toc levels=3]] - -## Synopsis - This chapter will provide a basic introduction to system security concepts, some general good rules of thumb, and some advanced topics under DragonFly. A lot of the topics covered here can be applied to system and Internet security in general as well. The Internet is no longer a ***friendly*** place in which everyone wants to be your kind neighbor. Securing your system is imperative to protect your data, intellectual property, time, and much more from the hands of hackers and the like. DragonFly provides an array of utilities and mechanisms to ensure the integrity and security of your system and network. -After reading this chapter, you will know: - -* About the various crypt mechanisms available in DragonFly, such as DES and MD5. - -* How to set up one-time password authentication. - -* How to create firewalls using IPFW. - -* How to configure IPsec and create a VPN between DragonFly/Windows® machines. - Before reading this chapter, you should: * Understand basic DragonFly and Internet concepts. @@ -26,6 +12,8 @@ Before reading this chapter, you should: **Command vs. Protocol:** Throughout this document, we will use **bold** text to refer to a command or application. This is used for instances such as ssh, since it is a protocol as well as command. +[[!toc levels=3]] + ## DES, MD5, and Crypt Every user on a UNIX® system has a password associated with their account. It seems obvious that these passwords need to be known only to the user. In order to keep these passwords secret, they are encrypted with what is known as a ***one-way hash***, that is, they can only be easily encrypted but not decrypted. In other words, the operating system itself does not ***really*** know the password. It only knows the ***encrypted*** form of the password. The only way to get the ***plain-text*** password is by a brute force search of the space of possible passwords. -- 2.41.0