Docker and OpenBSD.
Attached is a port of the command line utility for Docker, specifically version v19.03.13.
This is created in the same spirit as sysutils/kubectl, allowing OpenBSD users to interact with Docker servers from their OpenBSD systems.
https://marc.info/?l=openbsd-ports&m=160080737110919&w=2
#docker #kubectl
Attached is a port of the command line utility for Docker, specifically version v19.03.13.
This is created in the same spirit as sysutils/kubectl, allowing OpenBSD users to interact with Docker servers from their OpenBSD systems.
https://marc.info/?l=openbsd-ports&m=160080737110919&w=2
#docker #kubectl
An experimental proof of concept rootkit for OpenBSD 6.7. leveraging the 'KARL' system
KARK is a tool that when run as root attempts to patch sys_seteuid code in the kern_prot.o file to remove safety checks and relinks the kernel so that when the system is restarted any call like seteuid(0) from an unprivileged user will succeed. KARK is a minimal example of an experimental rootkit-like program provided as a proof of concept for security research and demonstration.
https://github.com/linuxthor/kark
#karl #rootkit
KARK is a tool that when run as root attempts to patch sys_seteuid code in the kern_prot.o file to remove safety checks and relinks the kernel so that when the system is restarted any call like seteuid(0) from an unprivileged user will succeed. KARK is a minimal example of an experimental rootkit-like program provided as a proof of concept for security research and demonstration.
https://github.com/linuxthor/kark
#karl #rootkit
OpenBSD Laptop.
Hi, I know it’s been a while. I recently had to nuke and re-pave my personal laptop and I thought it would be a nice thing to share with the community how I set up OpenBSD on it so that I have a useful, modern, secure environment for getting work done. I’m not going to say I’m the expert on this or that this is the BEST way to set up OpenBSD, but I thought it would be worthwhile for folks doing Google searches to at least get my opinion on this. So, given that, let’s go…
https://functionallyparanoid.com/2020/10/14/openbsd-laptop/
#hardware #desktop
Hi, I know it’s been a while. I recently had to nuke and re-pave my personal laptop and I thought it would be a nice thing to share with the community how I set up OpenBSD on it so that I have a useful, modern, secure environment for getting work done. I’m not going to say I’m the expert on this or that this is the BEST way to set up OpenBSD, but I thought it would be worthwhile for folks doing Google searches to at least get my opinion on this. So, given that, let’s go…
https://functionallyparanoid.com/2020/10/14/openbsd-laptop/
#hardware #desktop
Forwarded from NetBSD
YouTube
Break your BSD kernel Fuzzing BSD kernel
by Maciej Grochowski
At: FOSDEM 2020
https://video.fosdem.org/2020/AW1.121/fuzzing_bsd_kernel.webm
Fuzzing is an efficient technique to find bugs and vulnerabilities in the software.
Todays BSD based operating systems allows using such techniques to test…
At: FOSDEM 2020
https://video.fosdem.org/2020/AW1.121/fuzzing_bsd_kernel.webm
Fuzzing is an efficient technique to find bugs and vulnerabilities in the software.
Todays BSD based operating systems allows using such techniques to test…
How the OpenBSD -stable packages are built
In this long blog post, I will write about the technical details of the OpenBSD stable packages building infrastructure. I have setup the infrastructure with the help of Theo De Raadt who provided me the hardware in summer 2019, since then, OpenBSD users can upgrade their packages using pkg_add -u for critical updates that has been backported by the contributors. Many thanks to them, without their work there would be no packages to build. Thanks to pea@ who is my backup for operating this infrastructure in case something happens to me...
https://dataswamp.org/~solene/2020-10-29-official-openbsd-stable-architecture.html
#package
In this long blog post, I will write about the technical details of the OpenBSD stable packages building infrastructure. I have setup the infrastructure with the help of Theo De Raadt who provided me the hardware in summer 2019, since then, OpenBSD users can upgrade their packages using pkg_add -u for critical updates that has been backported by the contributors. Many thanks to them, without their work there would be no packages to build. Thanks to pea@ who is my backup for operating this infrastructure in case something happens to me...
https://dataswamp.org/~solene/2020-10-29-official-openbsd-stable-architecture.html
#package
How to build an amazing router and firewall with OpenBSD.
Part 1: Introduction.
Part 2: The network and DHCP.
Part 3: PF - The firewall.
#pf #firewall #network
Part 1: Introduction.
Part 2: The network and DHCP.
Part 3: PF - The firewall.
#pf #firewall #network
edgewalker.
An opinionated DIY VPN setup script based on OpenBSD, OpenIKEd, Wireguard and Let's Encrypt.
https://github.com/fazalmajid/edgewalker
#vpn #wireguard #network
An opinionated DIY VPN setup script based on OpenBSD, OpenIKEd, Wireguard and Let's Encrypt.
https://github.com/fazalmajid/edgewalker
#vpn #wireguard #network
How to deploy Vger gemini server on OpenBSD
In this article I will explain how to install and configure Vger, a server for the Gemini protocol. Short introduction about Gemini: it’s a very recent protocol that is being simplistic and limited. Keys features are: pages are written in markdown like, mandatory TLS, no header, UTF–8 encoding only.
https://dataswamp.org/~solene/2020-11-30-gemini-vger-server.html
#vger #gemini
In this article I will explain how to install and configure Vger, a server for the Gemini protocol. Short introduction about Gemini: it’s a very recent protocol that is being simplistic and limited. Keys features are: pages are written in markdown like, mandatory TLS, no header, UTF–8 encoding only.
https://dataswamp.org/~solene/2020-11-30-gemini-vger-server.html
#vger #gemini
A mesh VPN using OpenBSD and WireGuard
I own a few VPS (hello Vultr, hello OpenBSD.amsterdam) that tend to be connected through filtered public services and/or SSH tunnels. And that’s neither efficient nor easy to manage. Here comes the wg(4) era where all those peers will communicate with a bit more privacy and ease of management.
https://www.tumfatig.net/20201202/a-mesh-vpn-using-openbsd-and-wireguard/
#wireguard #vpn #network
I own a few VPS (hello Vultr, hello OpenBSD.amsterdam) that tend to be connected through filtered public services and/or SSH tunnels. And that’s neither efficient nor easy to manage. Here comes the wg(4) era where all those peers will communicate with a bit more privacy and ease of management.
https://www.tumfatig.net/20201202/a-mesh-vpn-using-openbsd-and-wireguard/
#wireguard #vpn #network
Wireguard Puffy to OPNsense.
WG Tunnel between OpenBSD and OPNsense. How to Setup an WG Tunnel between OpenBSD and OPNSense ? That’s quite simple…
https://puffy.nolink.ch/posts/wireguard_opnsense/
#wireguard #vpn #opnsense
WG Tunnel between OpenBSD and OPNsense. How to Setup an WG Tunnel between OpenBSD and OPNSense ? That’s quite simple…
https://puffy.nolink.ch/posts/wireguard_opnsense/
#wireguard #vpn #opnsense
Block abusive IP addresses with Pf-badhost in OpenBSD.
Pf-badhost is a very practical, robust, stable and lightweight security script for network servers. It prevents potentially-bad IP addresses that could possibly attack your servers (and waste your bandwidth and fill your logfiles), by blocking all those IPs contacting your server, and therefore it makes your server network/resources lighter and the logs of important services running on your server become simpler, more readable and efficient...
https://ozgur.kazancci.com/block-abusive-ip-addresses-with-pf-badhost-in-openbsd-a-must-have-security-tool/
https://www.geoghegan.ca/pfbadhost.html
#pf #firewall #feedback
Pf-badhost is a very practical, robust, stable and lightweight security script for network servers. It prevents potentially-bad IP addresses that could possibly attack your servers (and waste your bandwidth and fill your logfiles), by blocking all those IPs contacting your server, and therefore it makes your server network/resources lighter and the logs of important services running on your server become simpler, more readable and efficient...
https://ozgur.kazancci.com/block-abusive-ip-addresses-with-pf-badhost-in-openbsd-a-must-have-security-tool/
https://www.geoghegan.ca/pfbadhost.html
#pf #firewall #feedback
Self-host a password manager on OpenBSD
https://www.tumfatig.net/20210105/self-host-a-password-manager-on-openbsd/
#security #password
https://www.tumfatig.net/20210105/self-host-a-password-manager-on-openbsd/
#security #password
Secure WireGuard VPN server setup on OpenBSD (and configure Windows 10 clients to connect through it).
https://ozgur.kazancci.com/secure-fast-vpn-server-wireguard-setup-on-openbsd-and-configure-windows-10-clients-to-connect-through-it/
#wireguard #network
https://ozgur.kazancci.com/secure-fast-vpn-server-wireguard-setup-on-openbsd-and-configure-windows-10-clients-to-connect-through-it/
#wireguard #network