FreeBSD flavours and projects

Tonight I’ve updated the FreeBSD Flavours and projects page. There was a broken link, some missing pictures and the content had to be updated here and there.

Please have a look and let me know what you think and/or if anything is missing.

Also, I’d like to include some non English FreeBSD projects on there as well, and I need your help really. If you’re aware of, say, a Russian FreeBSD project (by Russions, for Russions), I’d love to hear from you. So if you know a localised, non-English FreeBSD project, please let me know, so they can be included here.

BSDroid – porting the Android framework to FreeBSD

Android is an exciting and much promising (open source) mobile phone platform developed by Google.

Android 1.5 (Cupcake), has now been released and promises to be(come) a strong contender for Apple’s iPhone. The first Android powered netbook is coming, Acer is working on several Android devices, and Samsung is releasing the Android I7500 phone.

Amidst all this positive news, there’s news that Google is being sued for using the Android name, but Ars Technica thinks Erich Specht has little chance of winning.

So, why am I writing this?

bsdroid google android

First, Android is exciting;  second, there’s a project working on porting the Android framework to FreeBSD: BSDroid, and thirdly, the Android software uses bits of NetBSD and OpenBSD userland code.

The main goal of project is to provide native binaries for tools and make it possible to develop Android applications on FreeBSD powered system without Android SDK for Linux.

Visit BSDroid for more information and downloads

Universal BIOS Flash utility for FreeBSD, Linux

coreboot flashrom linuxbiosThe developers of the CoreBoot project have released FlashROM 0.9 which is able to read, delete, rewrite and verify the flash chips which store a systems BIOS.

coreboot (formerly known as LinuxBIOS) is a Free Software project aimed at replacing the proprietary BIOS (firmware) you can find in most of today’s computers. It performs just a little bit of hardware initialization and then executes a so-called payload.

Benefits:  100% Free Software (GPL), no royalties, no license fees! Fast boot times (3 seconds to Linux console)

FlashROM runs on FreeBSD, Linux, Solaris and Mac OS X and allows re-flashing to take place from the command line on a running operating system. With FlashROM it is possible to re-flash the BIOS without rebooting the PC at all. Most manufacturers’ flash programming utilities only support Windows / DOS and require you to reboot the PC in order to re-flash the BIOS. The FlashROM program only requires root access to a system and can be run remotely via SSH.

A wide range of motherboards and flash chip-sets (157 flash chip families and 75 different chip-sets) are supported. There’s also support for dozens of non-standard x86 motherboards are supported in the 0.9.0 release.

Howto: Booting FreeBSD using coreboot

Multi processor compilations

Pav Lucistnik has been working on ports compilations utilising multiple cores:

Two days ago, I have checked in probably most requested feature of last few years. Ports framework now systematically supports building ports on multiple processing cores. It is achieved by passing -jX flag to make(1) running on vendor code. Of course not all ports handle this well, experimental run on pointyhat with this flag globally enabled turned up shy of 400 failures. Because of that, the feature was designed as a
whitelist. Individual ports need to be enabled, and indeed, fellow developers took on and already started adding required declarations to popular ports like Firefox and others.

More

Sun VirtualBox on FreeBSD – update

Martin Wilke has been working hard over the past 6 days to improve VirtualBox on FreeBSD.

after a lot work and hacking we got finaly VirtualBox to start under FreeBSD HEAD. 6 Days work was needed with about 20 patches. :). This works is done by Bernhard Froehlich, beat@, dhn@ and myself. A lot thanks to the VirtualBox Developers were helped here :).

He’s posted a number of screenshots here.

More on VirtualBox on FreeBSD here.

FreeBSD security (incl video)

These are some recent links with regards FreeBSD security:

1.  Using DenyHosts to help thwart SSH attacks on FreeBSD

DenyHosts is a script intended to be run by UNIX-like system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).

  1. % su
  2. # cd /usr/ports/security/denyhosts
  3. # make install clean
  4. # echo ‘denyhosts_enable=”YES”‘ >> /etc/rc.conf
  5. # echo ‘syslogd_flags=”-s -c”‘ >> /etc/rc.conf
  6. # echo “sshd : /etc/hosts.deniedssh : deny” >> /etc/hosts.allow
  7. # echo “sshd : ALL : allow” >> /etc/hosts.allow
  8. # touch /etc/hosts.deniedssh
  9. Edit /usr/local/etc/denyhosts.conf and uncoment the BLOCK_SERVICE = sshd entry.
  10. # /usr/local/etc/rc.d/denyhosts onestart

Source - linux-bsd-sharing.blogspot.com

2. Network Security Monitoring

Richard Bejtlich, from TAO Security, did a presentation on network security monitoring using FreeBSD.

In this presentation I’ll discuss my latest thinking on using FreeBSD to identify normal, suspicious, and malicious traffic in enterprise networks. FreeBSD is a powerful platform for network traffic inspection and log analysis, and I’ll share a few ways I use it in production environments.


3. FreeBSD supported branches update

The branches supported by the FreeBSD Security Officer have been updated to reflect the EoL (end-of-life) of FreeBSD 7.0. The new list is below and at . Please note that FreeBSD 7.0 was originally announced with an EoL date of February 28, 2009, but the EoL was delayed by two months in order to allow a 3 month window for systems to be upgraded to FreeBSD 7.1. [source]

The current designation and estimated lifetimes of the currently supported branches are given below. TheEstimated EoL (end-of-life) column gives the earliest date on which that branch is likely to be dropped. Please note that these dates may be extended into the future, but only extenuating circumstances would lead to a branch’s support being dropped earlier than the date listed.

  • RELENG_6 – 30 November 2010
  • RELENG_6_3 – 31 January 2010
  • RELENG_6_4 -  30 November 2010
  • RELENG_7 - last release + 2 years
  • RELENG_7_1 - 31 January 2011

These dates can also be found on the calendar at BSDEvents.net

4. How to harden FreeBSD

After a fresh install, it is important to harden the security on a server before it hits your network for use.  Not only making configuration changes aid in the security of your box, but there are some practical rules to abide by.  These are some hardening tips to make your FreeBSD box more secure and will apply to both the 5.x and 4.x branches, but I will assume you are running 5.x.  If a 4.x change is different, I will note it.

Instructions here (Tux Training)

BSD week – 4 BSD releases

In the last 7 days we’ve seen a new version released by each of the 4 major BSD operating systems: OpenBSD 4.5, NetBSDFreeBSD 7.2 and a “minor” DragonFlyBSD release  (2.2.1).

Who said BSD was dying? Video 1 – “BSD is dying” (2007)  - Video 2 – “BSD is still dying” (2009).

netbsd logoNetBSD 5

NetBSD, well-known for its high portability has arrived at version 5, which has been worked on for about 2 year. This release seems pretty interesting from a performance point of view. It’s claimed that NetBSD 5.0 now outruns NetBSD 4, FreeBSD 7.1 and Fedora 10.

In addition to scalability and performance improvements, a significant number of major features have been added. Some highlights are: a preview of metadata journaling for FFS file systems (known as WAPBL, Write Ahead Physical Block Logging), the ‘jemalloc’ memory allocator, the X.Org X11 distribution instead of XFree86 on a number of ports, the Power Management Framework, ACPI suspend/resume support on many laptops, write support for UDF file systems, the Automated Testing Framework, the Runnable Userspace Meta Program framework, Xen 3.3 support for both i386 and amd64, POSIX message queues and asynchronous I/O, and many new hardware device drivers. [source]

Release Notes  -  NetBSD Website

openbsd logoOpenBSD 4.5

OpenBSD,  renowned for its focus on security (incl OpenSSH), has released version 4.5. The latest version comes with improved hardware support, new tools and functionalities and upgraded ports.

Oh yeah, and there’s also a new release song.

Release Notes  -  OpenBSD website

dragonflybsd logoDragonFlyBSD 2.2.1

The new 2.2 release includes Hammer, a file system that includes instant crash recovery, multi-volume file systems, data integrity checking, fine grained history retention, and the ability to mirror data to other volumes. It has undergone extensive stress-testing and is considered production-ready!

Release Notes  -  DragonFly website

freebsd_logo-100x100FreeBSD 7.2

Read here about the release

7.2 review: improved virtualisation (nixcraft)

FreeBSD 7.2 released

FreeBSD LogoThe FreeBSD Release Engineering Team has announced the availability of FreeBSD 7.2-RELEASE. This is the third release from the 7-STABLE branch which improves on the functionality of FreeBSD 7.1 and introduces some new features. Some of the highlights:

  • support for fully transparent use of superpages for application memory
  • support for multiple IPv4 and IPv6 addresses for jails
  • csup(1) now supports CVSMode to fetch a complete CVS repository
  • Gnome updated to 2.26, KDE updated to 4.2.2
  • sparc64 now supports UltraSparc-III processors

Before installing, check the complete list of new features and known problems.

Links:

Release Notes –  Release Errata –  Release InformationFreeBSD Project site