China chooses FreeBSD as basis for secure OS
by : Chad Perrin
Earlier this month, in "China blocks U.S. from cyber warfare", the Washington Times reported that China has developed a "more secure operating software for its tens of millions of computers and is already installing it on government and military systems, hoping to make Beijing’s networks impenetrable to U.S. military and intelligence agencies."
(more…)Tunnelling Ethernet over IP for FreeBSD
This document is largely based upon the work done by Husni.
It only provides some enhancements regarding automatic start-up and some fine details.
This document explains the configurations and procedures to enable Ethernet over IP tunneling on FreeBSD. I succesfully performed the test on a FreeBSD 4.10-RELEASE. I make no claim that it will work on other releases. I also tested it on FreeBSD 4.7-RELEASE.
(more…)
Busby SEO Test - Limit User’s Disk Space (Setting Quotas)
General Information
This guide details how to set up user accounts with disk allocation. Let’s say you want to limit each user to a specific size disk usage — 100 megs each. You will need to set "user quotas." Here we go!!he FreeBSD jail mechanism is an implementation of operating system-level virtualization that allows administrators to partition a FreeBSD-based computer system into several independent mini-systems called jails.
The need for the FreeBSD jails came from service providers’ desire to establish a clean cut separation between their services and their customers, mainly for security and ease of administration reasons. Instead of adding a new layer of fine-grained configuration options, the solution adopted was to compartmentalize the system, both its files and its resources, in such a way that only the right person(s) are allowed access to the right compartment(s).
(more…)
Busby SEO Test - Security Alert: FreeBSD-SA-08:06.bind DNS cache Poisoning
Busby SEO Test News
I. Background
BIND 9 is an implementation of the Domain Name System (DNS) protocols.
The named(8) daemon is an Internet Domain Name Server. DNS requests
contain a query id which is used to match a DNS request with the response
and to make it harder for anybody but the DNS server which received the
request to send a valid response.
Busby SEO Test News
I. Background
BIND 9 is an implementation of the Domain Name System (DNS) protocols.
The named(8) daemon is an Internet Domain Name Server. DNS requests
contain a query id which is used to match a DNS request with the response
and to make it harder for anybody but the DNS server which received the
request to send a valid response.
II. Problem Description
The BIND DNS implementation does not randomize the UDP source port when
doing remote queries, and the query id alone does not provide adequate
randomization.
Busby SEO Test - FreeBSD Kernel Critical Update: arc4random predictable sequence vulnerability
FreeBSD today released a core (kernel) patched to plug "arc4random predictable sequence vulnerability" security hole in its operating systems version 6.x and 7.x stable release. When the arc4random random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random; and it may take up to 5 minutes before arc4random is reseeded with secure entropy from the Yarrow random number generator. All security-related kernel subsystems that rely on a quality random number generator are subject to a wide range of possible attacks. This update has been rated as having important security impact.
arc4random(9) is a generic-purpose random number generator based on the key stream generator of the RC4 cipher. It is expected to be cryptographically strong, and used throughout the FreeBSD kernel for a variety of purposes, some of which rely on its cryptographic strength. arc4random(9) (more…)
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Jul | ||||||
| 1 | ||||||
| 2 | 3 | 4 | 5 | 6 | 7 | 8 |
| 9 | 10 | 11 | 12 | 13 | 14 | 15 |
| 16 | 17 | 18 | 19 | 20 | 21 | 22 |
| 23 | 24 | 25 | 26 | 27 | 28 | 29 |
| 30 | ||||||
