 |
Interview with William Allaire
|
[ 0 comments ] (flat) (expanded)
|
|
Reduce gray-listing pain by seeding white-list with SPF records.
|
Contributed by pitrh on Fri May 10 05:03:12 2013 (GMT)
from the my admin told me not to talk to strangers dept.
Longtime Undeadly contributor sean writes in with tips and tools for improving your spamd(8) experience:
I have been using gray-listing to thwart spamming for what feels like a very long time. I started using it around the release of OpenBSD 3.5. It was an amazing change from a constant storm of spam and just enabling it got rid of 80% of the spam almost immediately. That amazing improvement didn't come without a cost. Some mail services and servers don't work so well with it. Especially large mailing systems that pass around messages and don't necessarily guarantee the next delivery attempt will come from the same IP or network. Microsoft Exchange was also known to be 'usually' configured in such a way to not work with gray-listing as well.
Read more...
|
![[topicmail]](images/topicmail.gif)
|
[ 8 comments 10d11:03 ago ] (flat) (expanded)
|
|
You've Installed It. Now What? -stable packages!
|
Contributed by pitrh on Tue May 7 21:57:09 2013 (GMT)
from the even-puffier-packages dept.
Jasper Lievisse Adriaanse writes in about his (and M:tier's) -stable packaging work:
Introduction
A short while ago an article was published on here on
Undeadly,
which explained how to use the ports and packages framework. While it
was a good read, it focused on -current.
This article will show how to keep your -stable system up to date,
without building anything yourself!
Up to date packages....on -stable?
OpenBSD is continuously working on providing snapshots for all
architectures and to provide the packages that go with
it.
Read more...
|
![[topicopenbsd]](images/topicopenbsd.gif)
|
[ 7 comments 4d11:34 ago ] (flat) (expanded)
|
|
Introducing ports.su — ports-readmes mirror and ports search
|
Contributed by pitrh on Thu May 2 21:04:59 2013 (GMT)
from the In Soviet Russia, system packages you! dept.
Constantine Murenin writes in about his new ports database site, ports.su
Taking on espie's dated call on doing something cool with
databases/sqlports port, and with his own initial work through
databases/ports-readmes port, I've decided to fork ports-readmes,
and create some very simple web-site to mirror the content generated.
Introducing
http://ports.su/ .
The web-site is completely static, and all the pages get regenerated
daily by downloading a fresh copy of the sqlports package from the
snapshots, and running the forked ports-readmes.
Read more...
|
|
[ 10 comments 13d2:45 ago ] (flat) (expanded)
|
|
OpenBSD 5.3 Released!
|
Contributed by pitrh on Wed May 1 17:14:18 2013 (GMT)
from the do-androids-dream-of-electric-pufferfish dept.
May 1st 2013, Calgary, AB, CA and elsewhere:
The OpenBSD project today formally released OpenBSD 5.3, the project's 34th release on the steady six monthly release cycle.
Notable news in the present release include the a production ready release of OpenSMTPD, a much-renovated dhclient(8), a slew of new drivers for various hardware, OpenSSH release 6.2 as well as numerous improvements in all parts of the system. The OpenBSD 5.3 release page has more information, with further details given at the changelog page.
The new release is available as an inexpensive CD set and as a free download from mirror sites in several countries worldwide.
|
|
[ 4 comments 15d18:57 ago ] (flat) (expanded)
|
|
You've Installed It. Now What? Packages!
|
Contributed by pitrh on Mon Apr 22 14:27:16 2013 (GMT)
from the good things come in small packages dept.
Once you've installed your OpenBSD system, packages are there to make your life easier. A works for me/life is good guide for your weekend reading.
Installing OpenBSD is easy, and takes you maybe 20 minutes. Most articles and guides you find out there will urge you to take a look at the files in /etc/ and explore the man pages to make the system do what you want. With a modern BSD, the base system is full featured enough that you can in fact get a lot done right away just by editing the relevant files and perhaps starting or restarting one or more services. If all you want to do is set up something like a gateway for your network with basic-to-advanced packet filtering, everything you need is already there in the basic install.
Then again, all the world is not a firewall, and it is likely you will want to use, for example, a web browser other than the venerable lynx or editing tools that are not vi or mg. That's where packages and package systems come in. I'll skip a little ahead of myself and make a confession: The machine I'm writing this piece on reports that it has some 381 packages installed.
Read more...
|
|
[ 3 comments 23d23:23 ago ] (flat) (expanded)
|
|
OpenBSD Foundation benefit Auction / Absolute OpenBSD 2nd Ed.
|
Contributed by pitrh on Wed Apr 17 11:36:38 2013 (GMT)
from the do-I-hear-one-billion-dollars dept.
Author Michael Lucas has kindly
donated
a signed copy of the very first production copy of
Absolute OpenBSD, 2nd Edition
to an auction benefitting the
OpenBSD Foundation:
OpenBSD Foundation benefit Auction:
http://cgi.ebay.com/ws/eBayISAPI.dll?ViewItem&item=200913454300
A special auction has been arranged with Michael Lucas and No Starch Press
to raise funds for the OpenBSD Foundation. See the link above.
This will be an auction of the guaranteed first copy off the press of
Michael Lucas's Absolute OpenBSD, 2nd edition, which is due before the end
of this month. This copy will be personally signed by the author, and
accompanied with a certificate of authenticity. A DRM free digital
version will also be made available to the winner.
The auction is handled by Computer Shop of Calgary. 100% of the proceeds
will be donated to the OpenBSD Foundation.
Auction says Credit Cards or PayPal is accepted, but I am sure we could
arrange alternate methods. Hey, the OpenBSD crowd is clever enough to
each have a stash of BitCoins, no? Cost you nothing, right? Just a tiny
handful would do wonders!
Enjoy the fun!
Austin Hook
OpenBSD project leader Theo de Raadt
added:
I would like to thank Michael for coming up with this idea.
For those who missed the fine print, this will go to the OpenBSD
Foundation. The donations the Foundation receives go exclusively
towards funding OpenBSD project costs.
This will join donations that fund approximately 90% of our hackathon
costs (where much of our development happens), and around 90% of our
network costs.
The other people who donate don't get an item like this (unless they
are bidding against you and win).
This is the perfect chance to grab a unique piece of OpenBSD history, and support the project while you're at it.
Update: The auction is over, and has raised $1,145.00 US for the OpenBSD Foundation! Congratulations to the winning bidder, and another round of thanks to Michael Lucas for making this happen.
|
|
[ 5 comments 34d22:13 ago ] (flat) (expanded)
|
|
BXR.SU, OpenGrok service for BSDs in publicly private (IPv6-only) beta
|
Contributed by pitrh on Thu Apr 4 05:20:02 2013 (GMT)
from the all-cross-indexed dept.
Constantine A. Murenin writes in about his new BSD source code search engine:
Publicly private beta? Instead of devising a new scheme on handing out invitations for a new and improved OpenGrok for the BSDs, why not require IPv6 for the beta?
Welcome BXR.SU — Super User's BSD Cross Reference, which is launched 2013-04-01 as an IPv6-only OpenGrok service for FreeBSD, OpenBSD, NetBSD and DragonFly BSD.
Read more...
|
|
[ 0 comments ] (flat) (expanded)
|
|
LOLCODE Scripting Added to OpenBSD Kernel
|
Contributed by tbert on Mon Apr 1 10:27:31 2013 (GMT)
from the in-ur-base-scripting-yr-kernel dept.
Given the need for constant feature implementation, and the difficulty normal users have altering their running kernels,
the OpenBSD project, after nearly a year of testing and rejecting candidates, is proud to announce the selection of
LOLCODE
as the in-kernel scripting language.
Example code implementing a basic firewall function is found below:
KAN HAZ INTERNETZ?
BTW Filter packets based on source address
HOW DUZ I SOURCEFILTER YR MBUF
I HAZ A IPHDR ITZ mtod(MBUF, (IPHDR *))
IZ IPHDR->srcip "192.168.1.1"?
YARLY
BTW Have matched a blacklisted address; drop packet
m_freem(MBUF)
NOWAI
BTW Just pass the packet
KTHX
IF U SAY SO
One of the factors driving the adoption of LOLCODE was the unparalleled ability for writing
interpreters
for other languages, meaning that your options for kernel hacking are virtually limitless.
LOLCODE scripts are loaded/unloaded through the new
lolctl(8)
command, which accesses the new
lol(4)
device.
This should be currently available in snapshots; as always, widespread testing is key to a quality release!
|
|
[ 9 comments 47d21:56 ago ] (flat) (expanded)
|
|
|
|
|
|
|
|
Features
|
|
We are constantly on the lookout for stories of how you put OpenBSD to work.
Please submit any informative articles on how OpenBSD is helping your company.
|
|
|
OpenBSD Errata
|
| 2013-03-15 | 001 RELIABILITY A rare condition during session startup may cause bgpd to replace an active session leading to unknown consequences. Bug found by inspection (we do not know how to reproduce it, consider that a challenge).
|
| 2013-05-05 | 002 RELIABILITY A flaw exists in the vr(4) driver that may cause it to not recover from some error conditions.
|
| 2013-05-17 | 003 RELIABILITY A problem exists in nginx(8) if proxy_pass is used with untrusted HTTP backend servers. The problem may lead to a denial of service or a disclosure of a worker process memory on a specially crafted response from an upstream proxied server. This issue was assigned CVE-2013-2070.
|
| 2013-05-17 | 004 RELIABILITY As discovered by Peter Philipp, it is possible for an unprivileged user process to trigger deleting the undeletable RNF_ROOT route, resulting in a kernel panic.
|
![[xml]](images/xml.gif)
|
|
|
|
XML/RSS/RDF
|
|
Users wishing RSS/RDF summary files of OpenBSD Journal,
can retrieve:
|
|
|
|
|
![[topiceditorial]](images/topiceditorial.gif)