BSD Security Upgrade Your SkillsRelease Date: 2012-06
Free Issue to Download! BSD 6/2012
In order to download the magazine you need to sign up to our newsletter. After clicking the “Download” button, you will be asked to provide your email address. You need to verify your email address using the link from the activation email you will receive. If you already subscribed to our list, you will be asked to provide your email address each time you download the magazine. No activation email will be sent and you should see the link for download.
1. After the activation of your subscription you need to click the “download” button once again to start downloading the PDF.
2. In case you do not get the activation email please check your spam folder. If it is not there, please use different email address.
DNSSEC: Threats to DNS Transactions Part 2
The threats to a DNS transaction depend on the type of transaction. Name resolution queries and responses (DNS query/response) between DNS clients (stub resolver or resolving name server) and DNS servers (caching/resolving name server or authoritative name server) could involve any nodes in the Internet. Paul, in his article, looks at protocol-based threats to the operation and administration of DNS.
Anatomy of a FreeBSD Compromise Part 6
While it is impossible to secure a server against every possible form of attack that the dark side may muster, by taking defensive steps the system administrator can make life exceedingly difficult for the hacker and can delay if not totally avoid a successful attack. Rob claims that while many of the suggestions are probably second nature to most admins, it cannot be stressed enough with busy schedules and tight deadlines the importance of preventative maintenance which has a tendency to slip down the priority list. Rob also examines some techniques that can assist in identifying and delaying attacks.
Using Qjail to set up the basejail
FreeBSD’s jail system offers process isolation within a separate environment in order to secure the host system. In case of a compromised service, only the jail running that service is affected. In a similar fashion, ZFS allows the creation of a separate filesystem for each jail. Benedict, in his article, explains how jails can be quickly instantiated using a third party wrapper script called Qjail.
PostgreSQL: Server-Side Programming Part 2
Luca claims that one great advantage of PostgreSQL is that it can run functions written in several foreign languages other than pure SQL and its extension plpgsql or the standard C. There are extensions that allow developers to write procedures using Java, Perl, Python and even Bash-like scripting! In this article Perl will be used as a language for both triggers and procedures showing how PostgreSQL can be flexible for server-side programming.
Synchronization Problems or: How I Learned to Stop Worrying and Love the Sleep Mutex
When two or more threads executing on different processors simultaneously manipulate the same data structure, that structure can be corrupted. Fortunately, FreeBSD contains multiple solutions to this problem. Joseph addresses his article to the problem of data and state corruption caused by concurrent threads.
ZFS Madness with BEADM - How To
Some time ago Slawomir found a good, reliable way of using and installing FreeBSD and described it in my Modern FreeBSD Install 1 2 HOWTO. Now, more then a year later he come back with his experiences about that setup and a proposal of newer and a lot better way of doing it.