Skip to main content.

Episode 038: A BUG's Life

2014-05-21

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise Servers and Storage For Open SourceTarsnap - online backups for the truly paranoid


Headlines

FreeBSD 11 goals and discussion

  • Something that actually happened at BSDCan this year...
  • During the FreeBSD devsummit, there was some discussion about what changes will be made in 11.0-RELEASE
  • Some of MWL's notes include: the test suite will be merged to 10-STABLE, more work on the MIPS platforms, LLDB getting more attention, UEFI boot and install support
  • A large list of possibilities was also included and open for discussion, including AES-GCM in IPSEC, ASLR, OpenMP, ICC, in-place kernel upgrades, Capsicum improvements, TCP performance improvements and A LOT more
  • There's also some notes from the devsummit virtualization session, mostly talking about bhyve
  • Lastly, he also provides some notes about ports and packages and where they're going

An SSH honeypot with OpenBSD and Kippo

  • Everyone loves messing with script kiddies, right?
  • This blog post introduces Kippo, an SSH honeypot tool, and how to use it in combination with OpenBSD
  • It includes a step by step (or rather, command by command) guide and some tips for running a honeypot securely
  • You can use this to get new 0day exploits or find weaknesses in your systems
  • OpenBSD makes a great companion for security testing tools like this with all its exploit mitigation techniques that protect all running applications

NetBSD foundation financial report

  • The NetBSD foundation has posted their 2013 financial report
  • It's a very "no nonsense" page, pretty much only the hard numbers
  • In 2013, they got $26,000 of income in donations
  • The rest of the page shows all the details, how they spent it on hardware, consulting, conference fees, legal costs and everything else
  • Be sure to donate to whichever BSDs you like and use!

Building a fully-encrypted NAS with OpenBSD

  • Usually the popular choice for a NAS system is FreeNAS, or plain FreeBSD if you know what you're doing
  • This article takes a look at the OpenBSD side and explains how to build a NAS with security in mind
  • The NAS will be fully encrypted, no separate /boot partition like FreeBSD and FreeNAS require - this means the kernel itself is even protected
  • The obvious trade-off is the lack of ZFS support for storage, but this is an interesting idea that would fit most people's needs too
  • There's also a bit of background information on NAS systems in general, some NAS-specific security tips and even some nice graphs and pictures of the hardware - fantastic write up!

Interview - Brian Callahan & Aaron Bieber - admin@lists.nycbug.org & admin@cobug.org

Forming a local BSD Users Group


Tutorial

The basics of pkgsrc


News Roundup

FreeBSD periodic mails vs. monitoring

  • If you've ever been an admin for a lot of FreeBSD boxes, you've probably noticed that you get a lot of email
  • This page tells about all the different alert emails, cron emails and other reports you might end up getting, as well as how to manage them
  • From bad SSH logins to Zabbix alerts, it all adds up quickly
  • It highlights the periodic.conf file and FreeBSD's periodic daemon, as well as some third party monitoring tools you can use to keep track of your servers

Doing cool stuff with OpenBSD routing domains

  • A blog post from our viewer and regular emailer, Kjell-Aleksander!
  • He manages some internally-routed IP ranges at his work, but didn't want to have equipment for each separate project
  • This is where OpenBSD routing domains and pf come in to save the day
  • The blog post goes through the process with all the network details you could ever dream of
  • He even named his networking equipment... after us

LibreSSL, the good and the bad

  • We're all probably familiar with OpenBSD's fork of OpenSSL at this point
  • However, "for those of you that don't know it, OpenSSL is at the same time the best and most popular SSL/TLS library available, and utter junk"
  • This article talks about some of the cryptographic development challenges involved with maintaining such a massive project
  • You need cryptographers, software engineers, software optimization specialists - there are a lot of roles that need to be filled
  • It also mentions some OpenSSL alternatives and recent LibreSSL progress, as well as some downsides to the fork - the main one being their aim for backwards compatibility

PCBSD weekly digest

  • Lots going on in PCBSD land this week, AppCafe has been redesigned
  • The PBI system is being replaced with pkgng, PBIs will be automatically converted once you update
  • In the more recent post, there's some further explanation of the PBI system and the reason for the transition
  • It's got lots of details on the different ways to install software, so hopefully it will clear up any possible confusion

Feedback/Questions


Latest News

New discussion segment

2015-01-17

We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?

2014-11-26

We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

EuroBSDCon 2014

2014-09-18

As you might expect, both Allan and Kris will be at EuroBSDCon this year. They'll be busy hunting down various BSD developers and forcing them to do interviews, but don't hesitate to say hi if you're a listener!...

BSDCan 2014

2014-04-30

We just wrapped up episode 35 after having some horrible audio issues. Sorry about the quality being lower than usual, we did the best we could given the circumstances. Next week we've got a normal episode, but the following week Allan and Kris will be at BSDCan. That week will...


Episode 074: That Sly MINIX

2015-01-28

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines The missing EuroBSDCon videos Some of the missing videos from EuroBSDCon 2014 we mentioned before have mysteriously appeared Jordan Hubbard, FreeBSD, looking forward to another 10 years Lourival Viera Neto, NPF scripting with Lua Kris Moore,...

Episode 073: Pipe Dreams

2015-01-21

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines FreeBSD quarterly status report The FreeBSD team has posted an updated on some of their activities between October and December of 2014 They put a big focus on compatibility with other systems: the Linux...

Episode 072: Common *Sense Approach

2015-01-14

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Be your own VPN provider with OpenBSD We've covered how to build a BSD-based gateway that tunnels all your traffic through a VPN in the past - but what if you don't trust...

Episode 071: System Disaster

2015-01-07

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Introducing OPNsense, a pfSense fork OPNsense is a new BSD-based firewall project that was recently started, forked from the pfSense codebase Even though it's just been announced, they already have a formal release based...