(updated) Network Security monitoring using FreeBSD (Richard Bejtlich)

Richard Bejtlich as a security expert with a lot of experience on FreeBSD. This video is about network security monitoring using FreeBSD:

“I’ve been using FreeBSD as my preferred platform for Network Security Monitoring (NSM) since 2000. In this presentation I’ll discuss my latest thinking on using FreeBSD to identify normal, suspicious, and malicious traffic in enterprise networks. FreeBSD is a powerful platform for network traffic inspection and log analysis, and I’ll share a few ways I use it in production environments.”


 

FreeBSD Quarterly Status Report (July – September 2011)

This report covers FreeBSD-related projects between April and June 2011. It is the third of the four reports planned for 2011: FreeBSD Quarterly Status Report (July – September 2011).

This quarter was mainly devoted to polishing the bits for the next major version of FreeBSD, 9.0, which is to be released by then end of this year.

From the table of contents:

Projects

FreeBSD Team Reports

Network Infrastructure

Kernel

Documentation

Architectures

Ports

Miscellaneous

Google Summer of Code

Read: FreeBSD Quarterly Status Report (July – September 2011.

Why aren’t you using FreeBSD?

Paul Venezia wonders why more folks aren’t using FreeBSD.

‘There used to be a saying — at least I’ve said it many times — that my workstations run Linux, my servers run FreeBSD. Sure, it’s quicker to build a Linux box, do a “yum install x y z” and toss it out into the wild as a fully functional server, but the extra time required to really get a FreeBSD box tuned will come back in spades through performance and stability metrics. You’ll get more out of the hardware, be that virtual or physical, than you will on a generic Linux binary installation.’

FreeBSD is a free, fast, stable, feature-rich operating system. If you’ve never looked into it before, you should.

Thanks, Fernando, for emailing the link.

How to configure a pfSense 2.0 Cluster using CARP

howtoforge.com has a easy to follow tutorial (How to configure a pfSense 2.0 Cluster using CARP) showing you how to set up a pfSense cluster with CARP.

In this HowTo I will show you how to configure a pfSense 2.0 Cluster using CARP Failover. pfSense is quite a advanced (open-source) firewall being used everywhere from homes to enterprise level networks, I have been playing around with pfsense now for the last 3 months and to be honest I am not looking back, it is packed full of features and can be deployed easily within minutes depending on your requirements.

This howto is based on this tutorial on pfSense’s website: Configuring pfSense Hardware Redundancy (CARP).

 

FreeBSD Events (CE BSDday, EuroBSDCon, BSDday Arg)

These are some links to past and upcoming FreeBSD related events:

Central European BSD day 2011 (Slovakia)

Central Europen BSDDay 2011 is taking place in Bratislava, Slovakia, on 5 November.

The purpose of this one-day event is to gather Central European developers of today’s open-source BSD systems, popularize their work, and provide an interface for real-life communication. There are no formalities, no papers, and no registration or participation fee, however the invited developers are encouraged to give a talk on their favorite BSD-related topic, then have a beer with the other folks around. The language of this event is English, and the goal is to motivate potential future developers and users, especially undergraduate university students to work with BSD systems.

For more info and to see the schedule of lectures, visit the Central Europen BSDday 2011 page.

BSDday Argentina 2011

BSDday Argentina is taking place on 5 November 2011 too.

For more info (currently quite sparce) visit the BSDDay Argentina 2011 website.

Google Code-In 2011

DragonFlyBSD is taking part. Would be good to see all major BSD projects getting involved. Google Code-in 2011.

EuroBSDCon 2011

The FreeBSD Foundation has added some trip reports of FreeBSD Foundation funded trips to the EuroBSDCon 2011 earlier this month.

Clang on FreeBSD (mp3)

The mp3 of Adam David Alan Martin’s NYCBUG  presentation (“Clang on FreeBSD”) is now available at http://www.fetissov.org/public/nycbug/nycbug-10-05-11.mp3

The Inevitability of IPv6 (BSD Magazine 2011-10)

A new issue (October 2011) of the free BSD Magazine is now available: The Inevitability of IPv6 (pdf).

From the table of contents:

Configuring a FreeBSD Stealth Logging Server
The collection of log files provides security administrators with the ability to have an audit trail for the behavior of an information system. In the event that a system is compromised, remote logging provides a forensic trail to determine what occurred on the system.

DragonflyBSD News: Recovering Data With Hammer
It’s been a while since we had a straightforward news report for DragonFly; the time since then has been filled with reports on Hammer and bulk pkgsrc builds.

Using Openmaps Data With Geoserver
In this article in our GIS series, we will examine how to import Openmaps data. Open Street Map (openstreetmap.org) founded in July 2004 by Steve Coast, is a treasure trove of worldwide street maps available under the Creative Commons licence.

ONMP on OpenBSD 4.9
ONMP on OpenBSD 4.9OpenBSD is my BSD of choice. In fact, it is my OS of choice wherever possible. I always challenge those who disagree with me to name another OS with a similar track record for security.

OSSEC on OpenBSD (ONMP) 4.9
It is worth saying up front that these instructions assume that you’re running Nginx compiled from source vice Apache or Nginx from Ports or Packages.

Taking a Peek Under the Hood Without Compromising Security – LibGTop and OpenBSD
LibGTop allows developers to peek under the hood of the kernel and export lots of system data in a convenient and easy to use library.

Protecting Apache From Dos And Ddos Attacks
DOS or DDOS, it is an attack where multiple compromised systems (which are usually infected with a Trojan) are used to target a single system in attempt to make the system resources(cpu,memory,network) unavailable to its intended users and causing system to crash.

The Inevitability of IPv6, Part 1 & 2
Part 1: A switch from IPv4 to IPv6 is on your horizon. Are you ready for it?
Part 2: Configure IPv6 in your network – even if your routing infrastructure doesn’t yet support it.

BSD Mag (Oct 2011) – The Inevitability of IPv6

FreeBSD 9.0-RC1 Available

The first release candidate of FreeBSD 9.0 (RC1) is now available. Although several weeks behind the original schedule, the waiting is usually worth it:

The first RC build for the FreeBSD-9.0 release cycle is now available. ISO images for the architectures amd64, i386, ia64, powerpc, powerpc64, and sparc64 are available on most of our FreeBSD mirror sites. One of the many new features in 9.0 we would like to be tested is the new installer, so we encourage our users to do fresh installation on test systems. Alternatively, users upgrading existing systems may now do so using the freebsd-update(8) utility.

Thanks, David (Rodgers), you were the first to notify me. If you come across anything FreeBSD related, let me know. It would be great to link to some useful posts and FreeBSD related products and/or companies.