Extreme security in web servers
•
11 j'aime•2,929 vues
A model for safe deployment of web servers, thinking of extreme security, performance and maintainability.
Recommandé
Contenu connexe
En vedette
En vedette (20)
Similaire à Extreme security in web servers
Similaire à Extreme security in web servers (20)
Plus de Daniel Garcia (a.k.a cr0hn)
Plus de Daniel Garcia (a.k.a cr0hn) (11)
Dernier
Dernier (20)
Extreme security in web servers
- 1. Extreme security in web servers Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 1
- 2. Creative Commons License The art of disguise - Anti-fingerprinting techniques by Daniel García García a.k.a. cr0hn is licensed under a: Creative Commons Reconocimiento-NoComercial-SinObraDerivada 3.0 Unported License. Permissions beyond the scope of this license may be available at: dani@iniqua.com. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 2
- 3. Acknowledgments • Manuel Trujillo <TooManySecrets> • Francisco Jesus Gomez Rodriguez (@ffranz) • @capi_x <capi_x@haibane.org> • Maikel Mayán <@AloneInTheShell> Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 3
- 4. About what is this talk? 1. Infrastructure: virtualization vs physical. 2. Choosing OS base: FreeBSD. 3. Brief intro to configuration of FreeBSD. 4. Isolating process. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 4
- 5. 1 - Infrastructure: Virtualization vs physical Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 5
- 6. 1 – Infrastructure: Virtualization vs physical a) Virtualization advantages. b) Virtualization’s solutions. c) Why use server virtualization system? d) Organizing the virtual machines: approaches. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 6
- 7. 1.a - Virtualization advantages • Less physical space. • Less energy costs. • More use of resources. • Scalability. • Simplicity of administration. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 7
- 8. 1.b - Virtualization solutions Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 8
- 9. 1.c - Why use server virtualization system? • Scalability • Centralized storage system. • Hot cloning. • Hot migrating of machines. • Modular architecture. • Simplicity management. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 9
- 10. 1.c - Why use server virtualization system? Examples: • VMWare ESXi • Xen • Proxmox
- 11. 1.d - Organizing the virtual machines: approaches I. One machine for all. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 11
- 12. 1.d - Organizing the virtual machines: approaches II. Two machines: frontend and backend. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 12
- 13. 1.d - Organizing the virtual machines: approaches III. Multilevel: Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 13
- 14. 2 – Choosing OS base: Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 14
- 15. 2 – Choosing OS base: FreeBSD a) Why use FreeBSD? b) Who use FreeBSD? Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 15
- 16. 2.a – Why use FreeBSD? • Simplicity of kernel. • Simplicity of re-compile all system. • Build-in security features. • Isolating features, like jails. • Administration simplicity. • Can run Linux binaries Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 16
- 17. 2.b – Who use FreeBSD? • JunOS • Citrix • Nokia’s firewalls • PlayStation 3 • Netflix • Netcraft • Some parts of Apple OS X • … Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 17
- 18. 3 – Configuration of system Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 18
- 19. 3 – Configuration of system. a) Adjust system binaries. b) Configuration files. c) Kernel and “user-land”. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 19
- 20. 3.a – Adjust system binaries Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 20
- 21. I. Install LLVM/clang Q: Why use LLVM/clang? A: Generate more optimized code than gcc. See a comparison: http://blog.buguroo.com/?tag=compilador-gcc-llvm-clang-benchmark&lang=en Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 21
- 22. II. Patch and reinstall OpenSSH Q: Why path openSSH? A: Patch to evade fingerprinting techniques. See how to path it in: http://www.slideshare.net/cr0hn/the-art-of-disguise-antifingerprinting-techniques Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 22
- 23. 3.b – Configuration files. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 23
- 24. I. /etc/src.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 24
- 25. II. /etc/auth.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 25
- 26. III. /etc/login.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 26
- 27. IV. /etc/sysctl.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 27
- 28. V. /etc/make.conf Difficult the of execution exploits Prevent hooking Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 28
- 29. VI. /etc/rc.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 29
- 30. 3.c – Kernel and “user-land” Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 30
- 31. I. Update system source • First, we need cvsup tool. • Configure our repository config file: • Update system source (also include kernel). Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 31
- 32. II. Configure kernel • Configuration file: • Adjust some basic parameters: Only if you don’t need fat/vfat support! Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 32
- 33. III. Compile the kernel Our kernel configuration file Enable LLVM static analyzer Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 33
- 34. IIII. The “user-land” Q: What’s “user-land”? A: The user-land is a way to naming all basic binaries and programs of system, like: syslog, common commands (sed, awk, sort…), gcc, clang… Q: How configure the “user-land”? A: You can customize what include the user-land with the file: “/etc/src.conf” Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 34
- 35. IIII. Recompile the user-land Delete old compiled objects Make erasable all files Enable static optimizations of LLVM Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 35
- 36. 4 – Isolating processes Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 36
- 37. 4 – Isolating process a) Concept of jail. b) How to create basic a jail?. c) Maintainable jail system. d) Jail deploy: Approaches. e) How deploy a web site using jails. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 37
- 38. 4.a – Concept of jail Jail ≠ chroot Jail chroot rules Resources Network tools Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 38
- 39. 4.a – Concept of jail. Jail: Operating system level virtualization Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 39
- 40. 4.b – How to create a basic jail Hand to work! Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 40
- 41. I. – Compilation variables When can you use compilation variables? • When compiling a port. • When compiling the kernel. • When compiling the user-land. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 41
- 42. I. – Compilation variables • FORCE_PKG_REGISTER: Force reinstallation, if binary is already installed. • PORT_DBDIR: location of database that manager what’s binaries are installed. • PREFIX: destination of compiled binaries. • DESTDIR: makes a chroot to indicated path, and install binaries in it. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 42
- 43. II. – Create a jail 1. Creating root folder for our jail: 2. Copying common system binaries: 3. Copying system source code: Special command that copy files, permissions, 4. Installing port system into jail: hadlinks, softlinks, etc 5. Copying missing system configuration files: Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 43
- 44. II. – Create a jail • Add to host /etc/rc.conf: To allow to jail to access to outside of jail network, each jail must have an alias and the same IP of alias. • Manually start jail system: Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 44
- 45. II. – Create a jail • Add to jail /home/j/test_jail/etc/rc.conf: This line allow to the jail outside connectivity Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 45
- 46. III. – Installation of programs Installing nginx server into jail: Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 46
- 47. 4.c – Maintainable Jail system Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 47
- 48. 4.c – Maintainable Jail system I. Separating roles II. Block diagram III. Advantages IV. Real example: role separated web server Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 48
- 49. I. – Separating roles Isolated system Shared base Shared Skeletons binaries programs Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 49
- 50. I. – Separating roles Q: What’s shared base binaries? A: The user-land binaries. All jails have this in common. Q: What’s Skeletons? A: Collection of configuration files tuned for an specific task. We have one skel for each role: webservers, database servers, php, java… Also mush be called templates Q: What’s shared programs? A: Any program you want to run: apache, mysql, etc Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 50
- 51. I. – Separating roles In other words… Shared base binaries Common commands: Resulting jail. E.g. -> ls, sed, awk, sort, an jailed apache uniq… web server. Custom config files: - /etc/rc.conf Shared programs: -/etc/make.conf Apache, mysql, -/etc/pf.conf php… -…. Shared programs Skeletons Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 51
- 52. II. – Block diagram Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 52
- 53. III. – Advantages Q: Why is maintainable jail system? A: Because all binaries are shared between all virtual machines and jails in a shared storage. Q: Why use skel templates? A: Then you can deploy new jail only copying a template. i.e: copying skel of a web server. Q: How can I update the system and/or any binary? A: You only must update shared binaries folder and/or shared binaries folder. Updates will spread to all jails.
- 54. IV. – Role separated web server a) Create folders for each type of role b) Create shared base binaries container c) Create base skeleton d) Create shared web server e) Mount the jail f) Start the jail Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 54
- 55. a) Create folders for each type of role • Skeletons: • Shared base binaries: • Shared binaries: • Mounted jails: Working directory for a concrete jail. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 55
- 56. b) Create shared base binaries container Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 56
- 57. c) Create base skeleton Move configuration and non-shared info to skel Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 57
- 58. c) Create base skeleton Copy missing configuration files Not necessary for a template Make relative links to essential directories Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 58
- 59. c) Create base skeleton Copy hardened configuration files, following steps of point 3.b, at jail: • src.conf • auth.conf • login.conf • make.conf • sysctl.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 59
- 60. d) Create shared web server 1. Create directory for binary: 2. Install nginx, and all dependences, into folder: Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 60
- 61. e) Mount the jail Concrete skeleton of web server • Create mounting folder for our web server: Common and shared binaries • Like a puzzle, join roles in /etc/fstab: • Add jail to /etc/rc.conf of host: Shared of web server binaries Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 61
- 62. f) Start the jail And the end, we start the jail system typing: Or, if is already started… Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 62
- 63. 4.d – Jail deploys: Approaches Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 63
- 64. 4.d – Jail deploys: Approaches a) Simple architecture I b) Simple architecture II c) Equilibrated architecture. d) Complex architecture. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 64
- 65. Deploy approaches Maintainability Security level a) Simple architecture II b) Simple architecture II c) Equilibrated architecture d) Complex architecture: Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 65
- 66. a) Simple architecture I Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 66
- 67. a) Simple architecture I • One machine for all services. • Shared programs: nginx, php, MySQL, pureFTPd… • Separated type of storages: DB/web content. • Isolated communications between jails. • Isolated php runtime environment for each web site. • Shared web and ftp servers for all web sites. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 67
- 68. a) Simple architecture II Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 68
- 69. a) Simple architecture II • One machine for all services. • Shared programs: nginx, php, MySQL, pureFTPd… • Separated type of storages: DB/web content. • Isolated communications between jails. • Isolated php runtime environment for each web site. • Shared ftp servers for all web sites. • Isolated web server for each web site. Like Simple architecture I Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 69
- 70. b) Equilibrated architecture Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 70
- 71. b) Equilibrated architecture • Separated backend and frontend in two virtual machines. • Shared programs in network storage: nginx, php, MySQL, pureFTPd… • Isolated communications between jails. • Isolated php runtime environment for each web site. • Shared ftp servers for all web sites. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 71
- 72. c) Complex architecture Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 72
- 73. c) Complex architecture • 3 level in 3 virtual machines: load balancer, business layer and backend. • Separated storage out ouf virtualization server. • Isolated communications between jails. • Isolated php runtime environment for each web site. • Isolated web server for each web site. • Shared ftp servers for all web sites. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 73
- 74. 4.d – Deploying a web site using jails Example: Deploy the WordPress Site www.mytestsite.com Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 74
- 75. 4.d – Deploy a web site using jails I. Select a deploy model II. Create system binaries III. Create binaries IV. Create user content info V. Create mounting folder VI. Configure PHP VII. Configure web server VIII. Create PHP for site IX. Create web server for site X. Create FTP server XI. Create web balancer XII. Create MySQL server XIII. Install WordPress XIV. Configure jail and enable jail. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 75
- 76. I. – Select deploy model This example follows mentioned model: Simple architecture II Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 76
- 77. II. – Create system binaries System binaries folder. Shared for all jails Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 77
- 78. III. – Create binaries • Install php Don’t forget compile it without CLI option! (for security) • Install mysql • Install nginx • Install ftp Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 78
- 79. IV. – Create user content info Directories that will contain site info. For future use Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 79
- 80. V. – Create mounting folder 1. Create mount point directory: 2. Create root directories: Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 80
- 81. VI. – Configure php • Modifying: /php/mytestsite.com/conf/php-fpm.ini Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 81
- 82. VI. – Configure php • Modifying: /home/js/mytestsite.com-php/usr/local/etc/php-fpm.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 82
- 83. VII. – Configure web server • Configuring: /home/j/mytestsite.com/usr/local/etc/nginx/nginx.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 83
- 84. VIII. – Create PHP for site • Create base folder and copy skeleton (or profile) for web server • Create mount point for each site of isolated php server. • Create mount point web content. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 84
- 85. VIII. – Create PHP for site • Configuration of init script for web server jail: /home/j/mytestsite.com-php/etc/rc.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 85
- 86. IX. – Create web server for site • Create base folder and copy skeleton (or profile) for web server • Create mount point for each site of isolated web server. • Create mount point web content. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 86
- 87. IX. – Create web server for site • Configuration of init script for web server jail: /home/j/mytestsite.com-wserver/etc/rc.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 87
- 88. X. – Create FTP server • Create base folder and copy skeleton (or profile) for FTP server • Create mount point of FTP isolated server. • Create mount point for web content. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 88
- 89. X. – Create FTP server • Configuration of init script for FTP server jail: /home/j/ftpserver/etc/rc.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 89
- 90. X. – Create FTP server • Configuring: /home/j/ftpserver/usr/local/etc/pure-ftpd.conf There is more configuration parameters, but this is the most important. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 90
- 91. XI. – Create web balancer • Create base folder and copy skeleton (or profile) for web balancer: • Create mount point of web balancer isolated server. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 91
- 92. XI. – Create web balancer • Configuration of init script for web balancer jail: /home/j/webbalancer/etc/rc.conf Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 92
- 93. XI. – Create web balancer • Configuring: /home/j/webbalancer/usr/local/etc/nginx/nginx.conf Redirect to web server of isolated web site. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 93
- 94. XII. – Create MySQL server • Create base folder and copy skeleton (or profile) for mysql server: • Create mount point of mysql isolated server. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 94
- 95. XII. – Create MySQL server • Configuration of init script for web server jail: /home/j/mysql/etc/rc.conf Change listen address. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 95
- 96. XIII. – Install WordPress • Install WordPress from FreeBSD sources, into host system. This method allows us to easily install our own patches. • Copy sources to our site: Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 96
- 97. XIII. – Install wordpress • Configure our WordPress installation defining location of MySQL. IP of our jail with MySQL Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 97
- 98. XIV. – Configure and enable de jail Configure /etc/fstab. Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 98
- 99. XIV. – Configure and enable de jail Configure /etc/fstab (cont). Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 99
- 100. XIV. – Configure and enable de jail Enable jail in the system /etc/rc.conf: Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 100
- 101. XIV. – Configure and enable de jail Enable jail in the system /etc/rc.conf (cont): Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 101
- 102. Questions? Daniel García García a.k.a cr0hn (@ggdaniel) http://es.linkedin.com/in/garciagarciadaniel 102