How To Install and Configure OSSEC on FreeBSD 10.1

This tutorial by finid shows us how to get OSSEC running on FreeSBD 10.1.

ossec-hidsOSSEC is an open source, host-based intrusion detection system (HIDS) that performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response.

It’s one of the most important security applications you could install on your server and it can be used to monitor one machine or thousands in a client/server or agent/server fashion. If properly configured, OSSEC can give you a view into what’s happening on your server via email alerts to any number of configured email addresses.

This tutorial will show you how to install and configure OSSEC to monitor a DigitalOcean Droplet running FreeBSD 10.1. In addition to OSSEC’s default rulesets for user access and integrity checking, we will configure additional rules so that if a file is modified or added to the system, OSSEC will notify you by email.

Full tutorial:

[FreeBSD] How to Install FreeBSD OS, Step by step guide using a virtual machine

This guide by InfySim shows us how to get FreeBSD set up in a virtual machine.

Take a deep breathe and be sure that you have at least an hour of time.
We have to go a long way towards an important step.

Before going into any administration or any driver development guide, you must know how to install FreeBSD and configure it.

Just to stay in the safe side I will take the help of Virtualization software to install the FreeBSD OS.

So here goes the details about what all things you have to be with you before we start:
1.) FreeBSD OS ISO image or a DVD containing the bootable FreeBSD OS.
2.) A virtualization software
3.) A Host PC
4.) Enough time and confidence

View the full tutorial:

Fed up with systemd and Linux? Why not try PC-BSD?

The folks at iTWire spoke to PC-BSD developer Kris Moore about his project and what Linux users can expect from it.

With the growing adoption of systemd, dissatisfaction with Linux has reached proportions not seen in recent years, to the extent that people have started talking of switching to FreeBSD.

Talk is all very well as a means of making a threat, but how difficult is it to actually make the move? Has Linux moved so far ahead that switching systems will mean one has to do without many applications that one has gotten used to?

iTWire spoke to Kris Moore, one of those deeply involved with the PC-BSD project. Moore also works with iXsystems, a company that sells hardware loaded with FreeBSD and PC-BSD.

Moore said initially there should be an understanding of what PC-BSD actually was. “First of all, I’m going to reference PC-BSD a lot here, but you need to understand that PC-BSD isn’t a fork per se, it’s just vanilla FreeBSD kernel/world with some unique installation options and a slew of graphical or command-line utilities to make FreeBSD on the desktop ‘easy’,” he said.

Full article:

BSDNow.TV – Episode 075: From the Foundation (Part 1)

This week on the show, we’ll be starting a two-part series detailing the activities of various BSD foundations. Ed Maste from the FreeBSD foundation will be joining us this time, and we’ll talk about what all they’ve been up to lately. All this week’s news and answers to viewer-submitted questions, coming up on BSD Now – the place to B.. SD.

FreeBSD Unix Show Mounted File Systems

This tutorial by shows us how to show mounted file systems in FreeBSD.

I recently switched from MS-Windows server to a FreeBSD Unix server. How can I see list of mounted file systems on a FreeBSD based Unix server using command line options?

Tutorial details
Difficulty Easy (rss)
Root privileges No
Requirements FreeBSD
Estimated completion time 1m

The command to view mounted files systems, to mount or add any local devices such USB,DVD/CD or remote file systems such asNFS, SAMBA shares or files is the mount command on a FreeBSD operating systems.

How can I list mounted local and remote file systems?

This will list mounted remote and local file systems, run:
$ mount
Sample outputs:

/dev/ada0p2 on / (ufs, local, journaled soft-updates)
devfs on /dev (devfs, local, multilabel) on /mnt/nfs (nfs)

The first field displays the special device such as /dev/ada0p2 or remote file system such as mounted on second field. The second field is the mount point for the file system displayed in the first field. Adding the -v flag will add IDs too:
$ mount -v

Check out the full tutorial:

PC-BSD 10.1.1-RELEASE available

pc-bsd_logoThe Moore brothers are proud to announce PC-BSD 10.1.1-RELEASE.

PC-BSD 10.1.1 notable Changes

* Brand new system updater which supports automatic background updating of the system
* Many improvements to boot-environments and GRUB support for a wider
variety of setups
* Support for installation to a specific GPT partition and GPT
dual-booting improvements
* Conversion to Qt5 for all desktop utilities
* Fixes to using dtrace when booted from GRUB
* Re-write of Mount Tray utility, improves mounting of external media
* Support for full-disk encryption (without an unencrypted /boot) using
* More packages available for installation from DVD/USB/CD images via
“PC-BSD roles“
* New OVA files for virtual machines
* Misc bugfixes and improvements to utilities
* GNOME 3.14.1
* Cinnamon 2.4.2
* Lumina desktop 0.8.1
* Chromium 39.0.2171.95
* Firefox 35.0
* NVIDIA Driver 340.65
* Pkg 1.4.4

Download ISO/image:


[FreeBSD-Announce] Changes to the FreeBSD Support Model


Changes to the FreeBSD Support Model

Over the past several months, the teams responsible for supporting the
FreeBSD operating system discussed the current support model, and how
that model can be improved to provide better support for FreeBSD users
and consumers.

The changes below greatly improve FreeBSD support, reduce turnaround time
for Errata Notices and Security Advisories, provide consistency between
binary package sets and the underlying FreeBSD base system version, and
reduce the amount of time before new features are included in the official
FreeBSD binary package sets.

Changes Proposed in a New FreeBSD Support Model

The proposed changes include:

– Moving from a point release-based support model to a set of releases
from a branch with a guaranteed support lifetime.

– Resolving our arbitrary (and unofficial) 5-year branch lifetime
guarantee. The support policy is that the stable/X branch will be
supported for 5 years (minimum) from the point X.0-RELEASE is released.
We now guarantee a 5-year lifetime on the branch, regardless of how many
releases are built from the branch. Additionally, a “last minute”
release from the stable/X branch does not constitute expanding the support
lifetime for the branch as a whole for an additional two years.

– The Security Officer or Ports Management Team may extend support for any
individual numbered release or branch at their discretion, in
exceptional cases.

– A new stable/ branch release will not occur before two years after the
X.0-RELEASE from the prior branch. This limits the number of
simultaneous supported branches, which will greatly reduce the overall
number of branches that must be maintained and build-tested for
Security Advisories and Errata Notices, reducing turnaround time.

– Each new release from the stable/X branch deprecates the previous
release on the branch, providing a three-month window within which
consumers are urged to upgrade to the latest release. During this
three-month window, Security Advisories and Errata Notices will still
be issued for the previous release, as necessary.

Full announcement:

[FreeBSD-Announce] Reminder: FreeBSD 10.0 end-of-life approaching

Dear FreeBSD community,
At 00:00 UTC, February 28, 2015, FreeBSD 10.0 will reach end-of-life and will
no longer be supported by the FreeBSD Security Team.  Users of FreeBSD 10.0
are strongly encouraged to upgrade to a newer release as soon as possible.

The currently supported branches and releases and their expected
end-of-life dates are:

 |   Branch  |   Release  |  Type  |   Release Date   |     Estimated EoL     |
 |stable/8   |n/a         |n/a     |n/a               |June 30, 2015          |
 |releng/8.4 |8.4-RELEASE |Extended|June 9, 2013      |June 30, 2015          |
 |stable/9   |n/a         |n/a     |n/a               |last release + 2 years |
 |releng/9.3 |9.3-RELEASE |Extended|July 16, 2014     |December 31, 2016      |
 |stable/10  |n/a         |n/a     |n/a               |last release + 2 years |
 |releng/10.0|10.0-RELEASE|Normal  |January 20, 2014  |February 28, 2015      |
 |releng/10.1|10.1-RELEASE|Extended|November 14, 2014 |December 31, 2016      |

Please refer to for an up-to-date list of
supported releases and the latest security advisories.

- --
Xin Li
FreeBSD Deputy Security Officer

Official announcement:

Build your own FreeBSD update server

This tutorial by Tobias Feldhaus will show you how to create your own FreeBSD update server, eliminating the need to manually update each one individually.

FreeBSD is an operating system that we use to power various things at work. Its most significant advantage lays in the advanced filesystem ZFS and it’s proven stability. As of this writing we run 39 servers with FreeBSD and we update them regularly. While normal patches are quite fast to fetch and install, the upgrade from version 9.2 to 9.3 took a significant amount of time to fetch all the necessary files from the official servers.

That is why we started to run our own internal FreeBSD update server. There exists some documentation for this inside the official handbook which formed the basis for this blog post.


Important to know is that the update server has to run a newer version than the version you are trying to distribute. Thus I first upgraded the update server machine to 9.3 via the freebsd-update -r 9.3-RELEASE upgrade command as described in point 24.2.3 in the handbook.

When running on the newest version, proceed with checking out the SVN repository that holds all the configuration and scripts for the update server via:

cd /usr/local/
svn co freebsd-update-server

I suggest to use /usr/local as this is the ‘standard’ path of most scripts within the repository.

Check out the full tutorial: