1. EachPod

7: Go Directly to Jail(8)

Author
JT Pennington
Published
Wed 16 Oct 2013
Episode Link
https://www.bsdnow.tv/7

On this week's show, you'll be getting the full jail treatment. We'll show you how to create and deploy BSD jails, as well as chatting with Poul-Henning Kamp - the guy who actually invented them! There's lots of interesting news items to cover as well, so stay tuned to BSD Now - the place to B.. SD.

Headlines

FreeBSD turns it up to 11


  • The -CURRENT branch is now known as 11

  • 10 has been branched to -STABLE

  • 10-BETA1 ISOs are available now

  • Will be the next -RELEASE, probably next year
    ***

Stopping the SSH bruteforce with BSD and pf


  • The Hail Mary Cloud is an SSH bruteforce botnet that takes a different approach

  • While most botnets pound port 22 rapidly, THMB does it very slowly and passively

  • This makes prevention based on rate limiting more involved and complex

  • Nice long blog post about some potential solutions and what we've learned
    ***

ZFS and GELI in bsdinstall coming soon


  • The man with the beard strikes again, new patch allows for ZFS-on-root installs

  • Supports GELI for disk encryption

  • Might be the push we need to make Michael W Lucas update his FreeBSD book
    ***

AsiaBSDCon 2014 announced


  • Will be held in Tokyo, 13-16 March, 2014

  • The conference is for anyone developing, deploying and using systems based on FreeBSD, NetBSD, OpenBSD, DragonFlyBSD, Darwin and Mac OS X

  • Call for papers can be found here
    ***

Interview - Poul-Henning Kamp - [email protected] / @bsdphk

FreeBSD beginnings, md5crypt, jails, varnish and his... telescope project?

Tutorial

Everything you need to know about Jails

News Roundup

New pf queue system


  • Henning Brauer committed the new kernel-side bandwidth shaping subsystem

  • Uses the HFSC algorithm behind the scenes

  • ALTQ to be retired "in a release or two" - everyone should migrate soon
    ***

Dragonfly imports FreeBSD KMS driver


  • Hot on the trails of OpenBSD and later FreeBSD, Dragonfly gets AMD KMS

  • Ported over from the FreeBSD port
    ***

Get paid to hack OpenSSH


  • Google has announced they will pay up to $3113.70 for security patches to OpenSSH

  • Patches can fix security or improve security

  • If you come up with something, send it to the OpenSSH guys
    ***

Feedback/Questions

Share to: