Miscelaneous FreeBSD news and links (week 32)

1. FreeBSD East Coast Mirror

Yesterday we posted the FreeBSD Foundation’s turns to NYI press release, Steven Kreuzer who was directly involved in the project has put more details on his website:

Pretty much since the time that The NYC BSD Users Group was formed, The NY Internet Company have donated a full cabinet and a 10 Mb internet connection to NYCBUG. We used that space to host our website and mailing lists, hardware for developers and mirrors for all the major BSD projects.

In October of 2009, I received an email inviting me to a grand opening party at NYI’s new state of the art data center located in Bridgewater, NJ. I asked some folks on core@ if they thought it would be worthwhile to approach NYI to see if they would be willing to donate a few cabinets so we could build out a FreeBSD mirror on the east coast. gnnjhb and I had a very informal meeting with Phil from NYI and after asking him if they would be willing to provide us with a few cabinets, some power and bandwidth, without thought or hesitation he said yes. The possibility of putting a mirror of FreeBSD.org on the east coast quickly became possible.

Continues: East Coast FreeBSD Mirror

2. FreeBSD VirtualBox Image for Port Maintainers

This website provides 64bit VirtualBox Images for FreeBSD Port Maintainers with some common used software pre-installed.

3. 10 Differences between Linux and BSD

  • Licenses
  • Control
  • Kernel vs operating system
  • UNIX/like
  • Base systems
  • More from source
  • Upgrades
  • Bleeding edge
  • Hardware support
  • User base

Full post: 10 differences between Linux and BSD (techrepublic.com)

4. Open Source projects that changed the world

FreeBSD is one of them: Open source projects that changed the world (ostatic.com)

5. BSDCan through the years

Kirk Russell has posted a summary of BSDCan through the years on the Google Open Source Blog.

I’m Kirk Russell, a Google Site Reliability Engineer who moves files around the cloud at a massive scale. I use BSD software on a daily basis — in my Android phone, my home NAS and my MacBook. My newest toy is a small ARM board that runs FreeBSD.

Earlier this year I attended BSDCan, a software conference for BSD based operating systemprojects. I attended this conference to learn about new BSD technology that will someday become part of my daily life and to meet people with similar interests — there is time to chat in-between the scheduled talks and in the pub. BSDCan is a conference where I learn about new development that I can put to use both at work and at home. Learning these things from the original developers makes it that much more interesting.

Here is a quick reflection on some highlights of past conferences:

BSDCan through the years

FreeBSD Foundation turns to NYI.net for East Coast US Mirror

The following is a press release issued by the FreeBSD Foundation and New York Internet; Bill Lessard from nyi.net forwarded this to me.
If you have any FreeBSD related products or services you want to generate interest in, why not contact me
too?

FreeBSD Foundation turns to NYI.net for East Coast US Mirror

Deployment Adds Enterprise-Grade Redundancy for Improved Reliability, Reduced Latency, High-Speed Backups and Other Efficiencies

The FreeBSD Foundation, a 501(c)(3) non-profit organization dedicated to supporting the FreeBSD Project and community, today announced that NYI, a New York City-based, mission-critical data services provider, will be mirroring key West coast infrastructure at NYI’s 999 Frontier Road data center in Bridgewater, New Jersey, a recently opened 40,000 square foot facility.

In addition to providing enterprise-grade redundancy and reliability for the Project’s infrastructure, the East coast mirror will reduce latency during heavy download times, distribute load between the two coasts, and allow for up-to-date backups of all Project data that can be synchronized via high-speed Internet connections.

“Having a well-connected, secondary site with NYI’s amenities to host FreeBSD project infrastructure means that we can move services between sites when doing scheduled maintenance to improve reliability for FreeBSD developers and users,”

said Simon L. Nielsen, FreeBSD.org administrative team. He added,

“The new site also enables us to expand significantly the available hardware for FreeBSD package building, allowing the FreeBSD ports team to perform QA test builds and quickly produce binary FreeBSD packages for end-users.”

“We are long-time open-source advocates. The FreeBSD Foundation in particular represents everything that got us into technology in the first place. With this deployment, we take our commitment to a new level in the hope that what we are doing lays the foundation for next-generation data centers built around FreeBSD. As many people in the community know, NYI’s 999 Frontier Road facility features many of the Project’s efforts, as everything from PDUs to the servers run FreeBSD.”

said Phillip Koblence, VP Operations, NYI.

The East coast mirror at 999 Frontier is also notable because it replaces aging and inadequate hardware; provides dual-configuration so that experimental vs. production runs can be separated out, allowing changes to the ports system to be evaluated continuously rather the interrupting production flow; deploys to multiple sites, providing resiliency in the event of a failure; provides build capacity required to support the ports ABI changes required to improve the foundations for binary package support while maintaining ports-stable regression testing.

The FreeBSD Foundation is pleased to have been able to fund the purchase of the hardware. Brad Davis, Mark Linimon, and Simon Nielsen from the FreeBSD Project worked on the configuration, along with key members of the NYI team.

About The FreeBSD Foundation
The FreeBSD Foundation is a 501(c)(3) non-profit organization dedicated to supporting the FreeBSD Project and community. The Foundation gratefully accepts donations from individuals and businesses, using them to fund and manage projects, sponsor FreeBSD events, Developer Summits and provide travel grants to FreeBSD developers. In addition, the Foundation represents the FreeBSD Project in executing contracts, license agreements, and other legal arrangements that require a recognized legal entity. The FreeBSD Foundation is entirely supported by donations. More information about The FreeBSD Foundation is available on the web.

About NYI

Established in 1996, NYI is headquartered in the heart of the Wall Street area and owns and maintains its own data centers, including 999 Frontier, a newly opened 40,000 square foot facility in Bridgewater, New Jersey. The company’s core services include colocation, dedicated servers, web and email hosting, and managed services, as well as turnkey disaster recovery and business continuity solutions from its Bridgewater location. With high-bandwidth connectivity partners AboveNet, Verizon Business, Optimum Lightpath, and AT&T, NYI specializes in mission-critical data services for the financial services industry, in addition to customers from a broad range of industries, including media, law, fashion, architecture, life sciences and real estate. NYI is SAS 70 Type II-compliant, in additon to being both PCI and HIPAA compliant.

FreeBSD events and conferences (KyivBSD, MeetBSD, EuroBSD)

Here is some info and details of upcoming FreeBSD related conferences and events.

KyivBSD 2010 Conference

On 25 Septempter the annual KyivBSD Conference will be held in Kiev, Ukraine. It’s mainly aimed at FreeBSD and PC-BSD users and developers.

More info: http://ru.kyivbsd.org.ua (RU) (EN translation) (via)

BSD-Day 2010

BSD-Day@2010 will be held at Eötvös Loránd University, Budapest, Hungary on 20 November 2010.

The purpose of this one-day event is to gather Central European developers of today’s open-source BSD systems, popularize their work, and provide a real-life communication interface between developers and users. There are no formalities, no papers, and no registration or participation fee, however the invited developers are encouraged to give a talk on their favorite BSD-related topic. The goal is to motivate potential future developers and users, especially undergraduate university students to work with BSD systems.

EuroBSDCon 2010 Travel Grants

The FreeBSD Foundation is now accepting travel grant applications for EuroBSDCon 2010 (Karlsruhe, Germany from October 8-10′. More details: EuroBSDCon 2010 Travel Grants.

For those interested in open source firewalls, there will be a pfSense tuturial at EuroBSDCon 2010.

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution.

MeetBSD 2010 (California)

Registration is now open for MeetBSD 2010 (Mountain View, California, 5-6 November): www.meetbsd.com

NYCBUG presentation

Ivan Ivanov presented “Examples in Cryptography with OpenSSL”. Download/listen the MP3.

Usenix Security Symposium 2010 (Capsicum)

Robert Watson will present Capsicum (coming in FreeBSD 9.0) at Usenix Security Symposium.

Capsicum is a lightweight operating system capability and sandbox framework planned for inclusion in FreeBSD 9. Capsicum extends, rather than replaces, UNIX APIs, providing new kernel primitives (sandboxed capability mode and capabilities) and a userspace sandbox API. These tools support compartmentalisation of monolithic UNIX applications into logical applications, an increasingly common goal supported poorly by discretionary and mandatory access control. We demonstrate our approach by adapting core FreeBSD utilities and Google’s Chromium web browser to use Capsicum primitives, and compare the complexity and robustness of Capsicum with other sandboxing techniques.

These and other conferences can be found on my FreeBSD Events and Conferences Calandar.

FreeBSD quick news and links (04/08/2010)

PC-BSD Blog

Dru Lavigne has joined the PC-BSD team this month. The first thing she did, was setting up another blog: the PC-BSD Blog. She already posts BSD related posts on it.toolbox.com: A year in the life of  a BSD guru.

A new *BSD Planet Website

Edward launched AboutBSD recently as a new *BSD blogs agregating website. It won’t be a copy of blogs.freebsdish.org or news.bsdplanet.net, but it will also have some background info on the different BSD systems.

As for the goal for AboutBSD, I want to turn it into a planet website that aggregates how BSD system admins use BSD. So that new users or system admins can learn that BSD is flexible, powerful, and provides all the freedom one needs to deploy services on BSD.

FreeBSD/Linux Benchmarking (Phoronix)

PC-BSD Review: Strike that: now I’m a PC-BSD!

The review finishes with:

I would have no hesitation in recommending PC-BSD for desktop use. It has definitely been the best install experience for a desktop system I have had. It seems exactly tailored for someone like me, a developer in an office where we have tried to be operating-system-neutral as much as possible: most of our programmers do run PCs but we have weaned ourselves off any PC-only applications long ago (apart from specialist applications). As I mentioned in the previous blog, it is a smooth and pretty OS, and feels solid.

Whole review here

ZFS v15 imported into FreeBSD (head)

As announced before, ZFS v15 was successfuly imported into FreeBSD! For a time there was an option of importing just v15 or proceeding directly to v16 but the community has decided to first import the older version for reasons of stability and compatibility with Solaris 10 Update 8. (via)

Millions of home routers at risk.

According to new research delivered today here at the Black Hat security conference, millions of home routers may have a serious security flaw.

In his presentation at Black Hat, security researcher Craig Heffner detailed how an external attacker could gain full control of a user’s router and use that to gain access to the internal local area network (LAN). Though the implications are ominous, Heffner, also detailed a variety of steps users can take to protect themselves.

You should use pfSense instead:

Heffner also called on router vendors to build in DNS Rebinding mitigations into their routers directly.

“The only router software that I know of that does this now is pfSense

(Whole article here:  Millions of home routers at risk)

Foremay ships world’s largest 2TB SSD

This 2TB SSD should work on FreeBSD:

Foremay has introduced a 1TB 2.5? SATA solid-state drive alongside the industry-leading 2TB 3.5? SATA SSD, as the company expects to see an increased demand in SSD products for the enterprise.

The EC188 M-series model-V includes 200 MB/s read/write speeds, and can be used in the enterprise and workstation PCs.

Ideally, enterprise users will be able to utilize the EC188 M-series model-V, as it includes support for Microsoft Windows, Mac, several versions of Linux, OpenSolaris, Solaris, FreeBSD, HP-UX, Unix, and other operating systems…. Continues

Stopping SSH Brute Force attacks with PF on FreeBSD

Most people know that port 22 is used for SSH communication and due to this common knowledge, you get people using scripts to test for weak passwords. If you look into your /var/log/auth.log and you see tons of fails/errors from users not on your system or from invalid passwords for root, it means you have people trying to break into your system. Truthfully, anyone that puts a system online with port 22 open will see this happen to them.  It’s quite common and not direct attack against you, just scripts looking for IPs with port 22 open.

Now it goes without saying that you should make sure you have a strong password that take use of numbers, upper and low case letters and symbols. Doing this will go along way in preventing someone from breaking into your system. You should also ensure that people can’t remotely log in as root by making sure that you have ‘PermitRootLogin’ set to ‘no’ in your /etc/ssh/sshd_config file. This will ensure that no mater how many passwords they try for root they will never be able to log in.

Now you could just set your SSH server to run on a different port or have your firewall redirect a different port from the outside to the system, but what’s the fun in that when you can use a great tool like PF.

Read the whole howto: Stopping SSH Brute Force attacks with PF on FreeBSD

A Deadly Linux/UNIX Command in Action (Video)

The short and simple “rm -rf /” command is DISASTROUS.


FreeBSD 8.1 release uses different open source philosophy

This post was written by James Mowery, a computer geek who writes about technology and related topics.

FreeBSD may not receive the attention that Linux does, but its latest upgrade could provide some instruction to the makers of Ubuntu about how to do open source releases. The makers of Ubuntu and the popular Linux Mint usually add new features to every release of these Linux distributions, whether or not these are features that the average users will ever need.

FreeBSD 8.0 was the last large release of the operating system. Like Linux, FreeBSD is known for its security and stability, but it has never captured the imagination of computer users in the same way that Linus Torvald’s operating system has. Instead of introducing new features, 8.1 featured on making certain features released with the 8.0 upgrade more stable and improving the features that the user requested.

Users who upgraded to 8.0 from earlier releases noted that there were problems with certain drivers, particularly those belonging to Network Interface Card manufactured by the Intel corporation. The bug fixes
allowed computers running FreeBSD with Intel NICs to stay connected to the Internet and local area networks more reliably than they could in the previous incarnation.

The developers of FreeBSD 8.1 hope that the design philosophy will lead to a shift where open source developers ave the new features for major releases and use the minor revisions to fix updates. Users of
OpenOffice, whether or not they use the Linux versions, may benefit from such a shift, as the developers usually add features that were not requested with every new release.

About the author: James Mowery is a computer geek that writes about technology and related topics. To read more blog posts by him, go to laptop computers.

FreeBSD foundation newsletter – July 2010

The FreeBSD Foundation has published their semi-anual newsletter with updates on projects receiving support and funding, their donation goal for 2010 and how FreeBSD and commercial vendors can co-operate.

Bordeaux 2.0.6 for FreeBSD and PC-BSD Released

The Bordeaux Technology Group released Bordeaux 2.0.6 for FreeBSD and PC-BSD. Bordeaux 2.0.6 is a maintenance release that fixes a number of small bugs and includes many new features.

Some of the changes are:

  • Wine 1.2 included,
  • Updated to the latest winetricks release,
  • Updated to the latest DIB Engine patch,
  • Added support for IrfanView 4.27,
  • Install the IrfanView Plug ins during the IrfanView Install,
  • Improved Internet Explorer 7 support,
  • Added Support for FireFox 3.6.3 and multimedia plugins,
  • Added Support for VLC 1.1.0,
  • Added Support for Google SketchUp 7.1 (NVIDIA Video Card Recommended),
  • Added many fixes for Steam,
  • More fixes to the Bordeaux UI and Cellar Manager.

Bordeaux 2.0.6 was built on FreeBSD 8, PC-BSD 8 and PC-BSD 7.1. A .sh installer is provided for FreeBSD and .pbi installers for PC-BSD.

Depending on sales, the Bordeau Group plans to add Pulse Audio to the next BSD release. So if you would like to have Pulse Audio in Wine on FreeBSD and PC-BSD make a purchase.

Read the full press release: Bordeaux 2.0.6 for FreeBSD and PC-BSD Released

I have just bought a copy of Bordeaux for PC-BSD/FreeBSD to support Tom and his team. They’re doing a great job building a bridge between *nix and the Windows world. Most of use still need/want to use some Windows programs Linux/PC-BSD/FreeBSD. If you’re interested, be quick as there’s a 50% off sale on. A copy costs only $10.

Find out more about Bordeau for FreeBSD/PC-BSD

The Bordeaux Technology Group is a software services and development company specializing in Windows compatibility software. Users of Linux systems from time to time find themselves in the need to run specialized Windows software. The Bordeaux suite enables access to these programs and data in a seamless and low cost manner without requiring licensing of Microsoft Technology.

Projects funded by the FreeBSD Foundation

The FreeBSD Foundation funds various projects each year and there are several interesting projects in progress:

The FreeBSD Foundation is able to fund these projects due to the generosity of user donations. If you haven’t donated yet this year, consider doing so here. No donation amount is too small–in fact, the more individual donations the better, as this helps the Foundation to meet the IRS’ non-profit requirements. Also, your name is added to the website when you donate, allowing you to show your support for FreeBSD.

Source: Dru’s blog (reposted with permission)