Quick news and links

Security Advisories

The FreeBSD Security issued 3 security advisories

FreeBSD Errata Notice

Since FreeBSD 8.0 was released, several stability and performance problems have been identified. This Errata Notice describes several fixes judged to be of particular importance, but low risk, to users with specific workloads or using specific features that trigger these problems.

Areas where problems are addressed include NFS, ZFS, Multicast networking, SCTP as well as the rename(2) syscall.

Continues

Adopt a FreeBSD Port

There are currently 4726 ports without maintainer, which means that no one is actively maintaining them. Out of these ports, 243 (roughly 5.00%) are out of date. Can you help?

Android SDK

Android SDK on FreeBSD is now available for FreeBSD 8

ZFS Patches on FreeBSD 7

Alexander has made a lot of ZFS patches for FreeBSD 7

FreeBSD Snapshots

The first batch of FreeBSD snapshot releases for 2010 are now available:  ftp://ftp.freebsd.org/pub/FreeBSD/snapshots/201001

PBI Builder 2.5

A newer version of the PC-BSD PBI Builder (package builder) has been released

FreeBSD link roundup – 28/04/09

FreeBSD

FreeBSD Logo1) Martin Wilke is looking for people to test QT 4.5.1. He also reports he managed to get Firefox 3.1 Beta4 working on FreeBSD. Please test.

2) Ivan Voras has done some virtualised benchmarking of

  • Ubuntu 8.10,
  • FreeBSD 7.1 and
  • Windows Server 2008 R2 beta

on the three currently most prominent virtualisation platforms:

  • VMWare ESX 3.5 U3,
  • Citrix XenServer 5.0 U2,
  • Microsoft Hyper-V 2008 R2

The results are mostly better then I thought they will be. Especially suprising was FreeBSD’s more than decent performance which actually lead the others in one benchmark…”

… The results show that a wholly-virtualized FreeBSD machine under ESXi was consistently almost as fast as the para-virtualized Xen Linux.


pfSense

pfSense logoAbout a month ago, the pfSense developers gave a sneak preview of the new pfSense dashboard theme. Following feedback and comments, Holger Bauer has now designed a new theme:

Well, after there was not too much love for my last theme I tried to do something more masscompatible this time trying to take all the critics in consideration that I earned so far:

  • less colorful, stick with the original pfSense-colors (grey/red)
  • don’t waste too much space for the header/footer
  • kind of corporate look
  • static menu, that doesn’t scroll away (I guess that at least was
  • something everybody liked about the hackathon theme)
  • more lightweight on graphics
  • So here is what I came up with so far. This is still in the making so (like always) your feedback is appreciated and might influence the final result.

New design here

 

BSD CertificationBSD Certification

Dru Lavigne has an update on the BSDA Exam

The BSD Associate Exam is now over a year old! Here are some interesting
atats so far:

  • 12 Events in all of 2008; 14 events in just the first half of 2009 
  • Over 1000 people have registered for a BSDCG ID (needed to register for an exam)
  • The exam has been held in US, Brazil, Canada, Germany, Japan, France, Denmark, Ukraine, Netherlands, Argentina, and the UK
  • So far, 66 people have passed the BSDA exam and received their certificates
  • Read further

(Free)BSD links round up (week 8)

Welcome to the (Free)BSD leftovers for week 8. In this post we have a mix of news snippets, links, howto’s  ’n software/package update. Just a roundup of those little things I saved up throughout the week. Previous roundups can be found here.

 

(Free)BSD News

  1. Desktop NetBSD Project
    An interesting discussion was started by Andrew Doran on the NetBSD mailing list regarding the ease of install of a “modern” desktop for users.The primary goal for the Desktop NetBSD project is:
      

    Given a NetBSD CD and a reasonably modern x86 computer, make it possible to install a useful desktop system in under 15 minutes, responding to only a few prompts in the process. 

    Announcement |  Project website

     

     

  2. New FreeBSD USB2/ USB4BSD  Stack

    “We are in the final stages of bringing in the new usb stack. Features include: SMP, better device support, speed increases.We hope to make it in for 8.0. It will really take a unified effort to make this all work and I look forward to all contributors input.

    We have a few large steps ahead of us and I wanted to lay out the schedule so that people understand what is coming and what to expect.

    At this point we expect there to be no style or changes in usb2 that are not bugfixes until Phase 3 “Hand off”. The reason for this is to prevent bugs from creeping in and allow the maintainer to focus 100% on bugs and feature parity with the oldusb stack.”

    Here is the plan and timeline

 

Releases

  1. OpenBSD turns 4.5-BETA
    Miod Vallat has tagged OpenBSD 4.5-BETA. Snapshots should be available soon for testing, check the mirrors for availability.  

    OpenBSD Project Page  |  Read the full commit message

  2. DragonFly 2.2 released
    The DragonFly 2.2 release is here! The HAMMER filesystem is considered production-ready in this release; It was first released in July 2008. The 2.2 release represents major stability improvements across the board, new drivers, much better pkgsrc support and integration, and a brand new release infrastructure with multiple target options.
    DragonFlyBSD Project Page  |  Release Announcement 

 

New FreeBSD committers
The following people have been awarded with update rights this week:

  • Andriy Gapon (Source)

 

Guides ‘n howtos

  • Stopping HTTP brute force attacks with BruteBlock & IPFW (Chris Buckley)
    Chris Buckley writes about how to stop HTTP brute force attacks using BruteBlock and ipfw.n
    Link to howto (thanks to Edmondas)
     
  • Machine backups using tarsnap (Tim Bishop)
    “I’ve got a dedicated server that I’ve been backing up for the past few years. My crude backup system involved taring everything to local disk and then rsyncing it to a remote server. It worked well at first, but as the amount of data grew it was taking half a day to run. Add to that the amount of disk space being used by the local copy and I had to find a better solution…..”
    Link to howto (thanks to Kevin


(Free)BSD links round up (week 6)

Week 6 round up: Welcome to the (Free)BSD leftovers for week 6. In this post we have a mix of news snippets, quick links, howto’s, links ’n software/package updates. Just a round up of those little things I saved up this week. Previous weeks’ roundups can be found here.

(Free)BSD News

  1. New Sidekick Will Run NetBSD, Not Windows CE
    Many sites are reporting that the next Sidekick LX 2009/Blade, from Danger (acquired by Microsoft early in 2008), is going to run NetBSD as their operating system, causing Microsoft’s recruiters to look for NetBSD developers
    “After Danger was bought by Microsoft in 2008, one would expect that their upcoming models will run Microsoft’s embedded operating system Windows CE as operating system. Apparrently that’s not the case, and the new Sidekick will rather run NetBSD as operating system. It seems Danger did too much work that they didn’t want to throw away.”  More…

(Free)BSD Releases

  1. NetBSD 5.0 RC1 released
    The announcement says: “On behalf of the NetBSD Release Engineering team, I am proud to announce that the first release candidate of NetBSD 5.0 is now available for download” More…
    Hubert F’s NetBSD Blog says: “Probably the two most significant improvements in NetBSD 5.0 will be journalling for UFS  and the move from XFree to X.org. Download now, or have a look at the changes in 5.0

 

 

New FreeBSD committers
The following people have been awarded  with update rights this week:

  • Beat Gätzi (ports)

Guides ‘n howtos

  • Notes on Installing Sguil Using FreeBSD 7.1 Packages  (Richard Bejtlich)
    “It’s been a while since I’ve looked at the Sguil ports for FreeBSD, so I decided to see how they work. In this post I will talk about installing a Sguil sensor and server on a single FreeBSD 7.1 test VM using packages shipped with FreeBSD 7.1.”
    Sguil: The Analyst Console for Network Security Monitoring – sguil.net
    Link to howto: taosecurity.blogspot.com
  • Upgrading FreeBSD Packages   (Richard Bejtlich)
    In my last post I discussed upgrading from FreeBSD 7.0 to 7.1. In this post I’ll mention packages that needed to be updated.
    In the last post I showed two installed packages using the native pkg_info command. … I decided to use Portupgrade to update packages installed on the system. Portupgrade was not on the box so I added it via pkg_add. I used the -n switch to do a “dry run” to see what version would be added.
    Link to howto: taosecurity.blogspot.com

Ports ‘n Packages
The following interesting and useful programs are now availble as (updated) ports or packages:

  • N/A

FreeBSD howto links (week 29)

FreeBSD howto and installation tips

FreeBSD howtos and installation tips

Here are some links to FreeBSD howto articles published this week. This may be of interest to those who don’t mind “getting their hands dirty”.

Building a router with pfSense (video)

Do you have extra computers lying around the house? In this episode, Matt shows us how to convert an old computer into a home network router.

Link (wideopenmind.com)

Installing A FreeBSD 7.0 DNS Server With BIND

This tutorial shows how to set up a FreeBSD based server that offers DNS services. This tutorial is written for the 64-bit version of FreeBSD, but should apply to the 32-bit version.

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

Link (howtoforge.com)

How To Patch / Upgrade BIND 9.x Under FreeBSD Operating System

BIND 9 is part of core FreeBSD 7.x. How do I apply BIND 9 security patch under FreeBSD 7.x? Do I need to fetch entire source (buildworld) to patch BIND 9? How do I patch up recent BIND 9 DNS cache poisoning bug?

Link (www.cyberciti.biz)

FreeBSD Install Logwatch Tool For Log Analysis and Monitoring

How do I watch, monitor system log under FreeBSD systems and generate summery of critical UNIX log files via email?

Link (cyberciti.biz)

FreeBSD Install and Configure Webmin Web-based Interface ( Control Panel )

Q. How do I install webmin control panel for my FreeBSD server?

Link (cyberziti.biz)

ezjail – A jail administration framework

I want to set up some jails. They will each be very similar. They will each be used to test a slightly different configuration of Bacula. My tool of choice is ezjail, available in the ports tree.

With ezjail, I can:

  • create a jail flavour, upon which the creation of other jails can be based
  • centrally update the jail’s ports tree

Link (freebsddiary.org)

FreeBSD News – quick links (week 27)

These are a few links to FreeBSD howtos published this week that may be of interest to those who don’t mind “getting their hands dirty”.

Managing jails

This document is an introduction to basic FreeBSD jails also called ‘fat jails’. We discuss an easy jail installation process. We will do some basic jail configuration and show you how to manage the jail environment. This document wil not cover building ‘chroot jails’ in a jail.

Link

Step by step install WordPress Multi Users (WPMU) in FreeBSD

A client need to install wordpress multi user to teach their employee about blog. They want it installed in their server, running FreeBSD 7 stable.

Here’s a step by step to install wpmu in FreeBSD, might be useful for someone

Link

How FreeBSD makes vulnerability auditing easy: portaudit

There are a number of things I like about FreeBSD, more than any Linux distribution I’ve ever used. Some of those are advantages shared by no Linux distribution I’ve used, and some are advantages shared by a few Linux distributions but not others — but no Linux distribution shares all of these advantages (even discounting things no Linux distribution has, like a BSD-licensed kernel).

Link

FreeBSD News – quick links (week 17)

I News & Articles

FreeBSD for Web and E-Mail Servers

I’m not touting FreeBSD over Linux. Within the Unix-like community, and even within the Linux world, it’s easy to find heated arguments over the various versions of operating systems. It seems that no matter what software or computer system some people use, they will fight to the death to prove theirs is the best. I can only tell you that FreeBSD works well for us. For years, ComputorEdge.com ran well on a Linux box. The only reason that we didn’t continue was concerns for the age of the hardware. When we brought in new servers, we installed FreeBSD. Once Apache—the same Web server we used on the Linux computer—was installed, the movement of the site to the new machine was fairly simple.

I had to learn to use FreeBSD, but now I’ve developed a certain comfort level. I could go to a Linux computer and do many of the same things I do now, but there are just enough differences for it to feel foreign to me. I’m sure that this is true to some extent even when moving between versions of Linux.

The Linux world is taking many more steps toward making the individual user more comfortable with using it as a replacement for Windows. If I were looking to do that, then I would probably start with Linux. However, if your primary objective is to build a server—for the Web, e-mail, or another intensive application—it would be difficult to go wrong with FreeBSD. More…

pfSniffer? A non-firewall use for pfSense

Several years ago my company looked into getting Distributed Sniffer Appliances, made by Network General. These are devices that attach to an Ethernet segment (at a branch office) and allow you to remotely connect and pull traces. Ideally, we would have loved to have these in each remote location so that we could more easily troubleshoot problems that seemed to crop up regularly. They looks like very nice appliances, but Network General wanted an arm and a leg for each one, so we passed.

We recently had a need for this sort of thing and I had a great idea. Many months ago, I noticed that pfSense had added a very nifty feature called Packet Capture. Essentially, the pfSense WebGUI has an interface to tcpdump, allowing you to put in some simple filter criteria (source/destination IP Address) and have a trace executed on a particular interface. This is a really nice feature for troubleshooting your firewall, but I thought that this could be used to make a distributed “pfSniffer”. More…

II Releases

New PC-BSD PBI Builder released

The PBI builder is a powerful command-line script system, which can be used to convert a FreeBSD port into a PBI file. The configuration for this process is stored as a module, which can then be used to rebuild the PBI automatically. Developers can then submit these finished modules to PC-BSD Software, where they will be added to a build server, which rebuilds the PBI every time the underlying port is updated. More…

Portscout Services Started!

Time to make my Portscout public for all.

What is Portscout? Portscout is a tool which looks for new versions of software in the
FreeBSD ports tree and potentially other software repositories. More…

III Howto

SpamAssassin Installed in 10 minutes.

In our example we are going to install SpamAssassin from the ports. This example is suitable for a small company with up to few dozen of mailboxes. More…

FreeBSD News – quick links (week 16)

Howto’s

Interesting pages

FreeBSD news – quick links (week 6)

1) Hex Live CD 1.0.3 released

HexLive is a live cd based on FreeBSD and build with the FreeSBIE toolkit. It is suited for network analysis. The idea behind this network analysis live cd builds up, according to the authors, on one of Richard Bejtlichs books. From the website:

We had found that there are many liveCDs out there. However, their target audience was more towards desktop users, penetration testers or system engineers. We did not find a liveCD that ran in line with our passion, network security analysis. After all, packet monkeys need a liveCD too! We also learned about and decided to use Freesbie2 toolkits to create the liveCD since both of us were already familiar with FreeBSD.

Hex Live CD project page

2) Dru’s links of the week – I’m not going to copy and paste them here; just have a look at her blog and the links.