This is an excellent book for users and system administrators who want to migrate to the OpenBSD operating system. If you are an experienced BSD developer and want to know the internals, program the system, or go into depth on some security protocols, this book is probably not for you. OpenBSD is a fantastic operating system that is simple and very secure. Very few published books or courses exist that train people in OpenBSD systems. This book fills that void. A large number of Internet service providers, carriers, and Web hosting providers deploy OpenBSD to do a variety of tasks, and primarily use it for firewalls and security gateways. All those people will benefit from this book immensely. The author is good at explaining things, and is at times humorous.
It is best if the reader has a computer with OpenBSD installed to try out various things mentioned in this book. The author discusses how to get help from the OpenBSD community, should something go wrong, what steps are required in the pre-install stage, booting in single mode versus multi mode (shared with multiple operating systems), post-install setup, and user management. Upgrading the system to a later version is also touched upon in a separate chapter. Most of the system files, along with their meanings and usages, are explained throughout the book.
Networking is given special emphasis throughout the book, as one of the main strengths of BSD systems is transmission control protocol/Internet protocol (TCP/IP) networking. General introductions to TCP/IP routing, IP addressing, and connections using point-to-point protocol are provided. Secure levels and security aspects are also discussed, though I would have liked a more thorough discussion about security. I found this to be a weakness of the book. I would have specifically liked a detailed discussion on kerberos, open secure shell (openSSH), IP security (IPSec), and so on, as OpenBSD offers a very strong lineup of security protocol implementations. Kernel configuration and building kernels are explained in separate chapters. One of the key advantages of systems like OpenBSD is the availability of the entire source code for the operating system so that users can make modifications and inspect the code for vulnerabilities. The code evolves to a very mature level because of such openness. Other aspects of administering a system, such as disk and file management, and configuration directories, are also given special attention.
Packet filtering concepts are of special interest to a large number of OpenBSD users, and are explained in three chapters. Various filter rules and their nuances are lucidly explained. Network address translation (NAT), bandwidth management through alternate queueing (ALTQ) framework, and queuing are illustrated through numerous examples of system commands. An appendix also delves into examples of setting rules for typical home, office, and enterprise scenarios.
In summary, a system administrator deploying OpenBSD will find this book very valuable, as will someone studying the operating system for its features and uses.
Though a more thorough discussion about security aspects would have been welcomed, it is nevertheless a valuable volume for the shelves of a Unix/BSD user. This book addresses a broad readership, most of whom will be pretty satisfied with the book.