GhostBSD 10.1 Beta 1 now available

ghostbsd_2The developers of GhostBSD have made available the first 10.1 Beta.

Original post: http://ghostbsd.org/10.1-beta1

I am pleased to announce the availability the first BETA build of the 10.1-RELEASE of the Release cycle which is available on SourceForge for the amd64 and i386 architectures.

Changes and fix between 10.1-ALPHA2 and 10.1-BETA1 include:

  • Mouse integration suport for VirtualBox
  • Instant verification for user and root to know if the password is strong and match on the system installer
  • Host name and user name auto completion when typing the real name
  • Guake has been added as default software
  • Vim has been added as default software
  • PCDM Locales fixed

Where to download:

The image checksums, ISO images and USB images are available here:

http://www.ghostbsd.org/download-10.1

Continue reading

Verisign Announces vBSDcon 2015

vBSDcon, hosted by Verisign, has been announced and is being held on September 11-13 in Reston, Virginia.

Following the success of the inaugural vBSDcon, Verisign has elected to host a
second vBSDcon in Reston, Va at the Sheraton Reston hotel the weekend of
September 11, 2015. vBSDcon is a technical conference focused on the BSD
family of operating systems including, but not limited to, FreeBSD, OpenBSD,
NetBSD, and others. Any user, developer, engineer, or innovator involved with
any of the BSD family of operating systems will want to mark these dates.
vBSDcon will feature plenary talks, Birds of a Feather discussions, lightning
talks, and much more. Full details are available at http://www.vBSDcon.com/.
Additionally, While vBSDcon currently does not operate an “official” call for
presentations, proposals will be accepted until June. Anyone wishing to submit
a talk is invited to do so by emailing vbsd…@verisign.com. The event agenda
is expected to be finalized and published in mid-June.

We look forward to seeing you September 11, 2015!

Original announcement: https://www.mail-archive.com/freebsd-announce@freebsd.org/msg00644.html

How to Resize Your Existing FreeBSD Root Partition/Slice Safely Without Re-Installing on Amazon EC2

gpu_amazon_ec2_logoThis tutorial by user shows us how to resize/slice an existing root partition, without reinstalling FreeBSD, on Amazon EC2.

Original post: http://gg.edu.vn/how-to-resize-your-existing-freebsd-root-partitionslice-safely-without-re-installing/

@A: Daniel Morante

There comes a time when your FreeBSD root partition is just too small to be of any use. You’ve already moved /var, /usr, and /tmp to separate disks and there just isn’t anything else you can delete. The problem being that you initially created the partition to be too small when FreeBSD was first setup.

There are some guides out there that suggest to backup and start over. Others will tell you to use a dump and restore method. All that is too complicated and too much work for us lazy system administrators. Fortunately with recent versions of FreeBSD (9.0 and above) there is a handy little tool called “gpart”.

Requirements

  • FreeBSD 9.0 or later (if you have a lesser version, you might be able to get away with using a 9.x live CD)
  • FreeBSD 9.x or later boot-only media. (ISO or flash image)
  • Extra or unused space on the drive where the root partition is stored.
  • A backup of your most precious files stored on this system
  • This guide assumes you are using a single non-RAID IDE/SATA or SCSI disk. Device names may be different and extra drivers may need to be loaded for other types of disks.

    Preparation
    Continue reading

FreeBSD 1st Quarter 2015 Status Report

freebsd-logo-largeThe developers of FreeBSD have posted their quarterly status report. Follow the link below to hear reports from FreeBSD Bugmeister, Ports Collection, and the FreeBSD Core Team.

 

This report covers FreeBSD-related projects between January and March 2015. This is the first of four reports planned for 2015.

The first quarter of 2015 was another productive quarter for the FreeBSD project and community. FreeBSD is being used in research projects, and those projects are making their way back into FreeBSD as new and exciting features, bringing improved network performance and security features to the system. Work continues to improve support for more architectures and architecture features, including progress towards the goal of making ARM (32- and 64-bit) a Tier 1 platform in FreeBSD 11. The toolchain is receiving updates, with new versions of clang/LLVM in place, migrations to ELF Tool Chain tools, and updates to the LLDB and gdb debuggers. Work by ports teams and kernel developers is maintaining and improving the state of FreeBSD as a desktop operating system. The pkg team is continuing to make binary packages easier to use and upgrade.

Thanks to all the reporters for the excellent work!

The deadline for submissions covering the period from April to June 2015 is July 7th, 2015.

View the full report: https://www.freebsd.org/news/status/report-2015-01-2015-03.html

PC-BSD 10.1.2-RC1 Now Available

The developers of PC-BSD have made available the first release candidate for version 1.1.2.

Original announcement: http://blog.pcbsd.org/2015/05/pc-bsd-10-1-2-rc1-now-available/

pcbsd-logo

The PC-BSD team is pleased to announce the availability of RC1 images for the upcoming quarterly 10.1.2 release.

Please test these images out and report any issues found on our bug tracker.

PC-BSD 10.1.2 Notable Changes

  • New PersonaCrypt Utility allows moving all of users $HOME directory to an encrypted USB Drive. This drive can be connected at login, and used across different systems
  • Stealth Mode allows login to a blank $HOME directory, which is encrypted with a one-time GELI key. This $HOME directory is then discarded at logout, or rendered unreadable after a reboot
  • Tor mode switches the firewall to running transparent proxy, blocking all traffic except what is routed through Tor
  • Migrated to IPFW firewall for enabling VIMAGE in 10.2
  • Added sound configuration via the first boot utility
  • Support for encrypted iSCSI backups via Life-Preserver, including support for bare-metal restores via installer media
  • New HTML handbook, updated via normal package updates
  • Media Center support allowing direct login to Kodi and PlexHomeTheater for the 10ft user experience
  • Switch to new AppCafe interface, with remote support via web-browser
  • Improvements to Online Updater, along with GRUB nested menus for Boot-Environments
  • Migrate all ports to using LibreSSL instead of OpenSSL
  • Switch from NTP to OpenNTPD
  • Lumina desktop 0.8.4
  • Chromium 42.0.2311.90
  • Firefox 37.0.2
  • NVIDIA Driver 346.47
  • Pkg 1.5.1

Continue reading

Increase disk space in FreeBSD

This short tutorial by user  shows us how to increase your disk space in FreeBSD.

I use gpart to manage disk partitions in FreeBSD, because it works, and is much easier than the old bsdlabel shenanigans. Increasing the size of the last partition on a disk is easy:

  • Power down
  • resize disk (e.g. increase virtual machine’s disk allocation)
  • boot into single user mode
gpart recover da0
gpart show -p da0
gpart resize -i 5 da0
gpart show -p da0
growfs /dev/da0p5
  • reboot

Original post: https://gregoryo.wordpress.com/2015/04/30/increase-disk-space-in-freebsd/

How To Use OPIE to Get One-Time Passwords for FreeBSD 10.1

This tutorial by FreeBSD user Hathy A (DigitalOcean) shows us how to set up “one-time” passwords on FreeBSD 10.1, a method to keep secure from unwanted access.

Original post: https://www.digitalocean.com/community/tutorials/how-to-use-opie-to-get-one-time-passwords-for-freebsd-10-1

Introduction

SSH is the most popular way to log in to a server remotely. It is a cryptographic protocol that protects your password against man-in-the-middle and replay attacks.

You must keep in mind, though, that SSH protects your data only while it is in transit. Attackers can discover your SSH password by other means, such as by using keyloggers or strategically placed cameras.

As long as you use a trusted computer (say, one that belongs to you or your company), and do so from a safe location, you don’t have to worry about such attacks. However, sometimes you might need to use a public computer. To protect your passwords in such scenarios, FreeBSD comes with a security feature called One-time Passwords In Everything, or OPIE.

In this tutorial, you will learn how to generate and use one-time passwords to log in to your remote FreeBSD server. You can pregenerate one or more one-time passwords when you’re in a safe location, and save them for later when you access your server from a less secure location. That way, even if your one-time password gets logged, it won’t ever be useful to an attacker.

Prerequisites

In order to follow this tutorial, you will need:

  • A FreeBSD 10.1 server which is accessible over SSH
  • A user who is allowed to switch to root; the default freebsd user on DigitalOcean is fine

Continue reading

Mumblehard Malware Infects Thousands of Linux and FreeBSD Servers

A recent vulnerability has been found, affecting thousands of Linux and FreeBSD servers around the world. Norse encourages FreeBSD sysadmins to take proper measures to remedy this exploit. Check the whitepaper for more details.

m4lware

Researchers have documented a newly discovered family of malware that infected thousands of Linux and FreeBSD servers, making them part of a massive spam distribution campaign.

The unusually sophisticated malware, dubbed Mumblehard, has two main components which are both written in Perl and leverage the same custom packer which is written in assembly language to produce ELF binaries that work to obfuscate the source code.

“Our analysis and research also shows a strong link between Mumblehard and Yellsoft. Yellsoft sells software, written in Perl, designed to send bulk e-mails. This program is called DirectMailer,” the researchers said.

“The first link between them is that the IP addresses used as C&C servers for both the backdoor and spamming components are located in the same range as the web server hosting yellsoft.net. The second link is that we have found pirated copies of DirectMailer online that actually silently install the Mumblehard backdoor when run. The pirated copies were also obfuscated by the same packer used by Mumblehard’s malicious components.”

The team discovered Mumblehard after a system administrator reported that a server had been blacklisted for sending spam, and they proceeded to dump the memory of a process that was connecting to different SMTP servers.

“The memory dump clearly showed it to be a Perl interpreter. We investigated and found the executable file in the /tmp directory. We started analyzing this ELF binary and discovered what we now call Mumblehard,” the researchers explained.

“We got interested in this threat because the way the Perl scripts used by the cybercriminals are packed inside ELF executables is uncommon and more complex than the average server threat.”

Key findings in the analysis include:

  • Perl scripts were packed inside ELF binaries written in assembly language, showing a higher level of sophistication than average
  • A total of 8,867 unique IP addresses were seen in our sinkhole over a 7-month period
  • The highest number of unique IP addresses seen in a single day is as high as 3,292
  • Mumblehard has been active since at least 2009
  • Among the compromised machines, web servers are the most susceptible to being infected
  • There is a strong link between Mumblehard and Yellsoft, an online company selling software to send bulk e-mail messages

“Victims should look for unsolicited cronjob entries for all the users on their servers. This is the mechanism used by the Mumblehard backdoor to activate the backdoor every 15 minutes.” the researchers noted.

“The backdoor is usually installed in /tmp or /var/tmp. Mounting the tmp directory with the noexec option prevents the backdoor from starting in the first place.”

A detailed white paper on Mumblehard is available here (PDF).

Original post: http://blog.norsecorp.com/2015/04/30/mumblehard-malware-infects-thousands-of-linux-and-freebsd-servers/