BSDTalk interview with Michael Lauth, CEO of iXsystems

FreeBSD Podcasts

Will Backman from BSDTalk has a 17 minutes interview with Michael Lauth, CEO of iXsystems.

They talk about how iXsystems has build its business model around open source software and how open source software is being used internally as much as possible.

iXsystems offer PC-BSD laptops and desktops, FreeNAS base NAS servers etc

As a sidenote, BSDTalk is celebrating its 3rd birthday. Congratulations, Will. Keep this going!

BSDTalk 168 - Listen to the podcast: MP3 | OGG

FreeBSD 6.4 CDs/DVDs now shipping from FreeBSDMall

iXsystems have announced the availability of FreeBSD 6.4-based products through FreeBSD Mall, one of their subsidiaries. In addition to CD and DVD products, there’s a large collection of FreeBSD shirts, hats, jackets, boxer shorts, stickers, case-plates, coffee mugs, mouse pads, and other promotional materials.

FreeBSD is a free operating system developed by many volunteers. To help iXsystems promote FreeBSD, why not buy some of their product?

Announcement here

FreeBSD 7.1 RC2 available

FreeBSD LogoThe FreeBSD Project has announced the availability of FreeBSD 7.1 Release Candidate 2.

FreeBSD 7.1-RC2 is now available, the second of the Release Candidates. Unless an as yet undiscovered show-stopper comes along the release itself will be anywhere from a week to two weeks from now. We might be doing it next week since the release test cycle has gone on for quite a while now and the latest thing that delayed the release was a Security Advisory (SAs don’t typically get or need much in the way of public testing). The traffic we’re seeing on the lists and in Gnats is certainly stuff we’ll pay attention to and deal with but isn’t quite severe enough to warrant further delaying an already severely delayed release. Continued…

The ISO images and FTP install trees are available on the FreeBSD Mirror sites.

Full release Announcement

Many thanks Prudvi for submitting this story.

Cool board games on FreeBSD

FreeBSD is used a lot on servers but it can be used as desktop operating system as well. You may not be able to play the latest Windows games, but there are plenty of cool board games you can play on FreeBSD (and PC-BSD / DesktopBSD)

K.C. Smith has a post on board games on FreeBSD.

Cool board games… On FreeBSD, of course. There’re many great games in ports of course. In the area of board games, gnuchess, gnugo, and gnubg have been around for a while and are all excellent. gnubg (backgammon) is a very tough opponent! Turns out computers are a lot (lot!) better at backgammon than they are at Go.So, I like board games. I also like to play board games against humans because, well, I guess I’m not that good at them. :) If you’ve got your java web-plugin working, you’ve got a great variety of games you can play against other people on-line. Yahoo! games uses java and has a large user-base and selection of games.

Recently, though, I’ve discovered this website called BoardSpace. It also uses java and works great on FreeBSD. They have bots available for many games — which is nice, it gives you a chance to learn the basics before playing against other people. And, they have a large variety of unusual games. 

More…

FreeBSD Security Advisories (ftpd & protosw)

The FreeBSD Team has issued 2 security warnings:

  • FreeBSD-SA-08:13.protosw – netgraph / bluetooth privilege escalation
  • FreeBSD-SA-08:12.ftpd – Cross-site request forgery in ftpd(8)

FreeBSD-SA-08:13.protosw

I. Background

The FreeBSD kernel provides support for a variety of different types of communications sockets, including IPv4, IPv6, ISDN, ATM, routing protocol, link-layer, netgraph(4), and bluetooth sockets. As an early form of object-oriented design, much of the functionality specific to different types of sockets is abstracted via function pointers.

II. Problem Description

Some function pointers for netgraph and bluetooth sockets are not properly initialized.

III. Impact

A local user can cause the FreeBSD kernel to execute arbitrary code. This could be used by an attacker directly; or it could be used to gain root privilege or to escape from a jail.

For a workaround, solution and patch etc go here

FreeBSD-SA-08:12.ftpd

I. Background

ftpd(8) is a general-purpose implementation of File Transfer Protocol (FTP) server that is shipped with the FreeBSD base system. It is not enabled in default installations but can be enabled as either an inetd(8) server, or a standard-alone server.

A cross-site request forgery attack is a type of malicious exploit that is mainly targeted to a web browser, by tricking a user trusted by the site into visiting a specially crafted URL, which in turn executes a command which performs some privileged operations on behalf of the trusted user on the victim site.

II. Problem Description

The ftpd(8) server splits long commands into several requests. This may result in the server executing a command which is hidden inside another very long command.

III. Impact

This could, with a specifically crafted command, be used in a cross-site request forgery attack.

FreeBSD systems running ftpd(8) server could act as a point of privilege escalation in an attack against users using web browser to access trusted FTP sites.

For a workaround, solution and patch etc go here

OpenVPN – getting it running

FreeBSD Diary has 2 howtos on setting up OpenVPN on FreeBSD

This article is about OpenVPN, a full-featured open source SSL VPN solution. I first started using OpenVPN in December 2006. That is nearly two years ago. I took some notes but I never published anything until today. My original use for OpenVPN was easy access to my home network while away from home. For this is was wonderful. Being able to ssh “directly” to my machines, cvsup, etc, was very convenient.

1) 1 OpenVPN – getting it running

In this article, I will show you how I created a routed VPN using OpenVPN. In this network, multiple clients can attach to the server, each of which has access to the network attached to the server. Each client can also contact any other client, subject to firewall rules.

In my case, I wanted a way for all my servers (on the internet, in data centers) to contact my CVS repository behind my firewall at home. Given that home has a dynamic IP address, it complicates matters. A VPN solves this issue and provides several benefits.

2) Creating a Routed VPN

iPod A1285 and FreeBSD happiness

Earlier this year Naomi got her hands on a blue iPod. It is the first time that an iPod thing invaded our life and now that I spend about a good two hours per day on the train, I think it is the right time. Only, what to put on it?

Music! Everywhere I see people with the white earplugs I hear their music, I see them chosing the next track and I wonder “Which music can be so good that you can listen to it every day?”. So music is a no-no.

Podcasts! I have several of them and up to now I always managed to listen to them while I was working from home. Right now I don’t have the luxery of working from home, or listening to them on the weekend because I spend all my time entertaining the kids. So for the last weeks these things have been piling up:….

Read further how to get (some) ipod(s) working with FreeBSD and gtkpod