brent timothy saner on 10 Aug 2009 08:56:05 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] ssl digi certs

Hash: SHA1

Ron Kaye Jr wrote:
> looking for a quick get up to speed resource on ssl/digital certificates
> in the linux world.

in what contexts? there are some basics (ssl itself, how the ssl design
works, what certificates are and who signs them, etc.), and there are
some more heavy stuff (recent vulnerabilities associated, ssl vs. tls,
context-specific gotchas, using different certs for different services,

are you looking to implement them for mail, https, vpn? etc.

in general, forums and wikis found via queries from can usually contain the most recent info, as
print books are static content and not updated fast enough and ssl is a
bit of a moving target in terms of reading up on it.

the docs for openssl (which should be in /usr/share/doc somewhere,
depending on the distro) are usually rather good in getting a fair
practical understanding of it. same thing, to a slightly lesser extent,
with gnutls.

> also, perhaps an intermediate tome on firewall design/install.

two books for you to check out:

Linux Firewalls: Attack Detection and Response with iptables, psad, and
Michael Rash
Great if you've set up a few firewall rules yourself before but that's
about it. Focusus moreso on more proactive measures like IDS/NDS and
things like that, but it's still a pretty good read. Some of the things
are a bit outdated but it's still quite applicable.

Linux Administration Handbook (2nd Ed.)
Evi Nemeth et. al.
AMAZING. THE book to have for any sysadmin. it covers EVERYTHING.
backups, hardware maintenance, firewalling, dns, mail, etc. and it does
it all remarkably in-depth (but not overwhelmingly so at all). this
isn't the first time i recommend this book on this list, and for quite
good reasons. not only does it cover the practical knowledge, but it
also covers things you won't find in a lot of other texts- sysadmin
theory. it teaches you not only how to DO like a sysadmin, but also to
THINK like a sysadmin.
Version: GnuPG v2.0.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla -

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --