Episode 7

Go Directly to Jail(8)

Download Subscribe
00:00:00
/
01:16:49
RSS Feed Download (52.8 MB) Link with Timestamp

October 16th, 2013

1 hr 16 mins 49 secs

Link with Timestamp

Download MP3 (52.8 MB)

Your Hosts

About this Episode

On this week's show, you'll be getting the full jail treatment. We'll show you how to create and deploy BSD jails, as well as chatting with Poul-Henning Kamp - the guy who actually invented them! There's lots of interesting news items to cover as well, so stay tuned to BSD Now - the place to B.. SD.

Headlines

FreeBSD turns it up to 11

  • The -CURRENT branch is now known as 11
  • 10 has been branched to -STABLE
  • 10-BETA1 ISOs are available now
  • Will be the next -RELEASE, probably next year ***

Stopping the SSH bruteforce with BSD and pf

  • The Hail Mary Cloud is an SSH bruteforce botnet that takes a different approach
  • While most botnets pound port 22 rapidly, THMB does it very slowly and passively
  • This makes prevention based on rate limiting more involved and complex
  • Nice long blog post about some potential solutions and what we've learned ***

ZFS and GELI in bsdinstall coming soon

  • The man with the beard strikes again, new patch allows for ZFS-on-root installs
  • Supports GELI for disk encryption
  • Might be the push we need to make Michael W Lucas update his FreeBSD book ***

AsiaBSDCon 2014 announced

  • Will be held in Tokyo, 13-16 March, 2014
  • The conference is for anyone developing, deploying and using systems based on FreeBSD, NetBSD, OpenBSD, DragonFlyBSD, Darwin and Mac OS X
  • Call for papers can be found here ***

Interview - Poul-Henning Kamp - phk@freebsd.org / @bsdphk

FreeBSD beginnings, md5crypt, jails, varnish and his... telescope project?

Tutorial

Everything you need to know about Jails

News Roundup

New pf queue system

  • Henning Brauer committed the new kernel-side bandwidth shaping subsystem
  • Uses the HFSC algorithm behind the scenes
  • ALTQ to be retired "in a release or two" - everyone should migrate soon ***

Dragonfly imports FreeBSD KMS driver

  • Hot on the trails of OpenBSD and later FreeBSD, Dragonfly gets AMD KMS
  • Ported over from the FreeBSD port ***

Get paid to hack OpenSSH

  • Google has announced they will pay up to $3113.70 for security patches to OpenSSH
  • Patches can fix security or improve security
  • If you come up with something, send it to the OpenSSH guys ***

Feedback/Questions