High Availability Router/Firewall Using OpenBSD, CARP, pfsync, and ifstated
https://dzone.com/articles/high-availability-routerfirewall-using-openbsd-car
#firewall #router
https://dzone.com/articles/high-availability-routerfirewall-using-openbsd-car
#firewall #router
Basic Printing on OpenBSD.
Brother Network Printer with PostScript
https://paedubucher.ch/articles/2020-09-20-basic-printing-on-openbsd.html
#print
Brother Network Printer with PostScript
https://paedubucher.ch/articles/2020-09-20-basic-printing-on-openbsd.html
OpenBSD DNS Server with unbound and nsd.
The default installation of OpenBSD comes with both unbound(8) and nsd(8); unbound is a validating, recursive, and caching DNS resolver that provides DNSSEC validation, while nsd is an authoritative name server that holds DNS records...
https://jamsek.dev/posts/2019/Jul/28/openbsd-dns-server-with-unbound-and-nsd/
#dns #unbound #nsd
The default installation of OpenBSD comes with both unbound(8) and nsd(8); unbound is a validating, recursive, and caching DNS resolver that provides DNSSEC validation, while nsd is an authoritative name server that holds DNS records...
https://jamsek.dev/posts/2019/Jul/28/openbsd-dns-server-with-unbound-and-nsd/
#dns #unbound #nsd
A simple shell status bar for OpenBSD and cwm(1)
The idea behind termbar is to launch an terminal that will loop printing the information you want ; via a shell script. It’s a bit like using xsetroot with dwm(1). That terminal will be ignored by cwm(1) and stay in some reserved placed...
https://www.tumfatig.net/20200923/a-simple-shell-status-bar-for-cwm/
#desktop
The idea behind termbar is to launch an terminal that will loop printing the information you want ; via a shell script. It’s a bit like using xsetroot with dwm(1). That terminal will be ignored by cwm(1) and stay in some reserved placed...
https://www.tumfatig.net/20200923/a-simple-shell-status-bar-for-cwm/
#desktop
Docker and OpenBSD.
Attached is a port of the command line utility for Docker, specifically version v19.03.13.
This is created in the same spirit as sysutils/kubectl, allowing OpenBSD users to interact with Docker servers from their OpenBSD systems.
https://marc.info/?l=openbsd-ports&m=160080737110919&w=2
#docker #kubectl
Attached is a port of the command line utility for Docker, specifically version v19.03.13.
This is created in the same spirit as sysutils/kubectl, allowing OpenBSD users to interact with Docker servers from their OpenBSD systems.
https://marc.info/?l=openbsd-ports&m=160080737110919&w=2
#docker #kubectl
An experimental proof of concept rootkit for OpenBSD 6.7. leveraging the 'KARL' system
KARK is a tool that when run as root attempts to patch sys_seteuid code in the kern_prot.o file to remove safety checks and relinks the kernel so that when the system is restarted any call like seteuid(0) from an unprivileged user will succeed. KARK is a minimal example of an experimental rootkit-like program provided as a proof of concept for security research and demonstration.
https://github.com/linuxthor/kark
#karl #rootkit
KARK is a tool that when run as root attempts to patch sys_seteuid code in the kern_prot.o file to remove safety checks and relinks the kernel so that when the system is restarted any call like seteuid(0) from an unprivileged user will succeed. KARK is a minimal example of an experimental rootkit-like program provided as a proof of concept for security research and demonstration.
https://github.com/linuxthor/kark
#karl #rootkit
OpenBSD Laptop.
Hi, I know it’s been a while. I recently had to nuke and re-pave my personal laptop and I thought it would be a nice thing to share with the community how I set up OpenBSD on it so that I have a useful, modern, secure environment for getting work done. I’m not going to say I’m the expert on this or that this is the BEST way to set up OpenBSD, but I thought it would be worthwhile for folks doing Google searches to at least get my opinion on this. So, given that, let’s go…
https://functionallyparanoid.com/2020/10/14/openbsd-laptop/
#hardware #desktop
Hi, I know it’s been a while. I recently had to nuke and re-pave my personal laptop and I thought it would be a nice thing to share with the community how I set up OpenBSD on it so that I have a useful, modern, secure environment for getting work done. I’m not going to say I’m the expert on this or that this is the BEST way to set up OpenBSD, but I thought it would be worthwhile for folks doing Google searches to at least get my opinion on this. So, given that, let’s go…
https://functionallyparanoid.com/2020/10/14/openbsd-laptop/
#hardware #desktop
Forwarded from NetBSD
YouTube
Break your BSD kernel Fuzzing BSD kernel
by Maciej Grochowski
At: FOSDEM 2020
https://video.fosdem.org/2020/AW1.121/fuzzing_bsd_kernel.webm
Fuzzing is an efficient technique to find bugs and vulnerabilities in the software.
Todays BSD based operating systems allows using such techniques to test…
At: FOSDEM 2020
https://video.fosdem.org/2020/AW1.121/fuzzing_bsd_kernel.webm
Fuzzing is an efficient technique to find bugs and vulnerabilities in the software.
Todays BSD based operating systems allows using such techniques to test…
How the OpenBSD -stable packages are built
In this long blog post, I will write about the technical details of the OpenBSD stable packages building infrastructure. I have setup the infrastructure with the help of Theo De Raadt who provided me the hardware in summer 2019, since then, OpenBSD users can upgrade their packages using pkg_add -u for critical updates that has been backported by the contributors. Many thanks to them, without their work there would be no packages to build. Thanks to pea@ who is my backup for operating this infrastructure in case something happens to me...
https://dataswamp.org/~solene/2020-10-29-official-openbsd-stable-architecture.html
#package
In this long blog post, I will write about the technical details of the OpenBSD stable packages building infrastructure. I have setup the infrastructure with the help of Theo De Raadt who provided me the hardware in summer 2019, since then, OpenBSD users can upgrade their packages using pkg_add -u for critical updates that has been backported by the contributors. Many thanks to them, without their work there would be no packages to build. Thanks to pea@ who is my backup for operating this infrastructure in case something happens to me...
https://dataswamp.org/~solene/2020-10-29-official-openbsd-stable-architecture.html
#package
How to build an amazing router and firewall with OpenBSD.
Part 1: Introduction.
Part 2: The network and DHCP.
Part 3: PF - The firewall.
#pf #firewall #network
Part 1: Introduction.
Part 2: The network and DHCP.
Part 3: PF - The firewall.
#pf #firewall #network
edgewalker.
An opinionated DIY VPN setup script based on OpenBSD, OpenIKEd, Wireguard and Let's Encrypt.
https://github.com/fazalmajid/edgewalker
#vpn #wireguard #network
An opinionated DIY VPN setup script based on OpenBSD, OpenIKEd, Wireguard and Let's Encrypt.
https://github.com/fazalmajid/edgewalker
#vpn #wireguard #network
How to deploy Vger gemini server on OpenBSD
In this article I will explain how to install and configure Vger, a server for the Gemini protocol. Short introduction about Gemini: it’s a very recent protocol that is being simplistic and limited. Keys features are: pages are written in markdown like, mandatory TLS, no header, UTF–8 encoding only.
https://dataswamp.org/~solene/2020-11-30-gemini-vger-server.html
#vger #gemini
In this article I will explain how to install and configure Vger, a server for the Gemini protocol. Short introduction about Gemini: it’s a very recent protocol that is being simplistic and limited. Keys features are: pages are written in markdown like, mandatory TLS, no header, UTF–8 encoding only.
https://dataswamp.org/~solene/2020-11-30-gemini-vger-server.html
#vger #gemini
A mesh VPN using OpenBSD and WireGuard
I own a few VPS (hello Vultr, hello OpenBSD.amsterdam) that tend to be connected through filtered public services and/or SSH tunnels. And that’s neither efficient nor easy to manage. Here comes the wg(4) era where all those peers will communicate with a bit more privacy and ease of management.
https://www.tumfatig.net/20201202/a-mesh-vpn-using-openbsd-and-wireguard/
#wireguard #vpn #network
I own a few VPS (hello Vultr, hello OpenBSD.amsterdam) that tend to be connected through filtered public services and/or SSH tunnels. And that’s neither efficient nor easy to manage. Here comes the wg(4) era where all those peers will communicate with a bit more privacy and ease of management.
https://www.tumfatig.net/20201202/a-mesh-vpn-using-openbsd-and-wireguard/
#wireguard #vpn #network