August 27, 2014

52: Reverse Takeover

1 hour 14 minutes

Coming up this week, we'll be chatting with Shawn Webb about his recent work with ASLR and PIE in FreeBSD. After that, we'll be showing you how you can create a reverse SSH tunnel to a system behind a firewall... how sneaky. Answers to your emails plus the latest news, on BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

FreeBSD foundation August update

The foundation has published a new PDF detailing some of their recent activities

It includes project development updates, the 10.1-RELEASE schedule and some of its new features

There is also a short interview with Dru Lavigne in the "voices from the community" section

If you're into hardware, there's another section about some new FreeBSD server equipment

In closing, there's an update on funding too

***

NSD for an authoritative nameserver

With BIND having been removed from FreeBSD 10.0, you might be looking to replace your old DNS setup

This article shows how to use NSD for an authoritative DNS nameserver

It's also got a link to a similar article on Unbound, the new favorite recursive and caching resolver (they work great together)

All the instructions are presented very neatly, with all the little details included

Less BIND means less vulnerabilities, everybody's happy

***

BIND and Nginx removed from OpenBSD

While we're on the topic of DNS servers, BIND was finally removed from OpenBSD as well

The base system contains both NSD and Unbound, so users can transition over between 5.6 (November of this year) and 5.7 (May of next year)

They've also removed nginx from the base system, in favor of the new custom HTTP daemon

BIND and Nginx are still available in ports if you don't want to switch

We're hoping to have Reyk Floeter on the show next week to talk about it, but scheduling might not work out, so it may be a little later on

With Apache gone in the upcoming 5.6, It's also likely that sendmail will be removed before 5.7 - hooray for modern alternatives

***

NetBSD demo videos

A Japanese NetBSD developer has been uploading lots of interesting videos

Unsurprisingly, they're all featuring NetBSD running on exotic and weird hardware

Most of them are demoing sound or running a modern Twitter client on an ancient computer

They're from the same guy that did the conference wrap-up we mentioned recently

***

Interview - Shawn Webb - [email protected] / @lattera

Address space layout randomization in FreeBSD

Tutorial

Reverse SSH tunneling

News Roundup

Puppet master-agent installation on FreeBSD

If you've got a lot of BSD boxes under your control, or if you're just lazy, you've probably looked into Puppet before

The author claims a lack of BSD-specific Puppet documentation, so he decided to write up some notes of his own

He goes through some advantages of using this type of tool for deployments, even when you don't have a huge number of systems

The rest of the post explains how to set up both the master and the agent configurations

***

Misc. pfSense items

We found a few miscellaneous pfSense articles this past week

The first one is about the hunt for the "ultimate" free open source firewall, where pfSense is obviously a strong contender

The second one shows how to log NAT firewall states (a good way to find out which family member has been torrenting!)

In the third, you can see how to automatically back up your configuration files

The fourth item shows how to set up PXE booting with pfSense, similar to one of our tutorials

***

Time Machine backups on ZFS

If you've got a Mac you need to keep backed up, a FreeBSD server with ZFS can take the place of an expensive "time capsule"

This post walks you through setting up netatalk and mDNS for a very versatile Time Machine backup system

With a single command on the OS X side, you can write to and read from the BSD box just like a regular external drive

Surprisingly simple to do, recommended for anyone with Macs on their network

***

Lumina desktop preview

Lumina, the BSD-exclusive desktop environment, seems to be coming along nicely

The main developer has posted an update on the PCBSD blog with some screenshots

Lots of new features have been added, many of which are documented in the post

There just might be a BSD Now episode about Lumina coming up.. (cough cough)

***

Feedback/Questions

Gary writes in

Cedric writes in

Caldwell writes in

Cary writes in

***

...more

View all episodes

By JT Pennington

4.9

8989 ratings

August 27, 2014

52: Reverse Takeover

1 hour 14 minutes

This episode was brought to you by

Headlines

FreeBSD foundation August update

The foundation has published a new PDF detailing some of their recent activities

It includes project development updates, the 10.1-RELEASE schedule and some of its new features

There is also a short interview with Dru Lavigne in the "voices from the community" section

If you're into hardware, there's another section about some new FreeBSD server equipment

In closing, there's an update on funding too

***

NSD for an authoritative nameserver

With BIND having been removed from FreeBSD 10.0, you might be looking to replace your old DNS setup

This article shows how to use NSD for an authoritative DNS nameserver

It's also got a link to a similar article on Unbound, the new favorite recursive and caching resolver (they work great together)

All the instructions are presented very neatly, with all the little details included

Less BIND means less vulnerabilities, everybody's happy

***

BIND and Nginx removed from OpenBSD

While we're on the topic of DNS servers, BIND was finally removed from OpenBSD as well

The base system contains both NSD and Unbound, so users can transition over between 5.6 (November of this year) and 5.7 (May of next year)

They've also removed nginx from the base system, in favor of the new custom HTTP daemon

BIND and Nginx are still available in ports if you don't want to switch

We're hoping to have Reyk Floeter on the show next week to talk about it, but scheduling might not work out, so it may be a little later on

With Apache gone in the upcoming 5.6, It's also likely that sendmail will be removed before 5.7 - hooray for modern alternatives

***

NetBSD demo videos

A Japanese NetBSD developer has been uploading lots of interesting videos

Unsurprisingly, they're all featuring NetBSD running on exotic and weird hardware

Most of them are demoing sound or running a modern Twitter client on an ancient computer

They're from the same guy that did the conference wrap-up we mentioned recently

***

Interview - Shawn Webb - [email protected] / @lattera

Address space layout randomization in FreeBSD

Tutorial

Reverse SSH tunneling

News Roundup

Puppet master-agent installation on FreeBSD

If you've got a lot of BSD boxes under your control, or if you're just lazy, you've probably looked into Puppet before

The author claims a lack of BSD-specific Puppet documentation, so he decided to write up some notes of his own

He goes through some advantages of using this type of tool for deployments, even when you don't have a huge number of systems

The rest of the post explains how to set up both the master and the agent configurations

***

Misc. pfSense items

We found a few miscellaneous pfSense articles this past week

The first one is about the hunt for the "ultimate" free open source firewall, where pfSense is obviously a strong contender

The second one shows how to log NAT firewall states (a good way to find out which family member has been torrenting!)

In the third, you can see how to automatically back up your configuration files

The fourth item shows how to set up PXE booting with pfSense, similar to one of our tutorials

***

Time Machine backups on ZFS

If you've got a Mac you need to keep backed up, a FreeBSD server with ZFS can take the place of an expensive "time capsule"

This post walks you through setting up netatalk and mDNS for a very versatile Time Machine backup system

With a single command on the OS X side, you can write to and read from the BSD box just like a regular external drive

Surprisingly simple to do, recommended for anyone with Macs on their network

***

Lumina desktop preview

Lumina, the BSD-exclusive desktop environment, seems to be coming along nicely

The main developer has posted an update on the PCBSD blog with some screenshots

Lots of new features have been added, many of which are documented in the post

There just might be a BSD Now episode about Lumina coming up.. (cough cough)

***

Feedback/Questions

Gary writes in

Cedric writes in

Caldwell writes in

Cary writes in

***

...more

More shows like BSD Now

View all

Security Now (Audio)

1,970 Listeners

Software Engineering Radio - the podcast for professional software developers

272 Listeners

The Changelog: Software Development, Open Source

284 Listeners

LINUX Unplugged

265 Listeners

Python Bytes

215 Listeners

Late Night Linux

154 Listeners

Home Assistant Podcast

65 Listeners

CoRecursive: Coding Stories

189 Listeners

Kubernetes Podcast from Google

181 Listeners

Late Night Linux Family All Episodes

44 Listeners

Linux Dev Time

21 Listeners

Self-Hosted

135 Listeners

2.5 Admins

92 Listeners

Linux After Dark

29 Listeners

Oxide and Friends

47 Listeners

Share 52: Reverse Takeover

Sign up to save your podcasts

52: Reverse Takeover

52: Reverse Takeover

More shows like BSD Now

Security Now (Audio)

Software Engineering Radio - the podcast for professional software developers

The Changelog: Software Development, Open Source

LINUX Unplugged

Python Bytes

Late Night Linux

Home Assistant Podcast

CoRecursive: Coding Stories

Kubernetes Podcast from Google

Late Night Linux Family All Episodes

Linux Dev Time

Self-Hosted

2.5 Admins

Linux After Dark

Oxide and Friends