The pkgng is the package management system in FreeBSD. It is used to install applications, and specific modules, libraries, etc. Nowadays you can select in between more than 25.000 thousand. Yes, twenty five thousand. The syntax to use is very intuitive and simple. As you may be already aware software comes in two forms. Source […]
How to install software in FreeBSD with pkgng
List of Speculative Execution Vulnerabilities
Vulnerability CVE Exploit name Public vulnerability name Firmware changes Spectre 2017-5753 Variant 1 Bounds Check Bypass (BCB) No Spectre 2017-5715 Variant 2 Branch Target Injection (BTI) Yes Meltdown 2017-5754 Variant 3 Rogue Data Cache Load (RDCL) No Spectre-NG 2018-3640 Variant 3a Rogue System Register Read (RSRE) Yes Spectre-NG 2018-3639 Variant 4 Speculative Store Bypass (SSB) […]
How to mitigate Spectre and Meltdown on an HP Proliant server with FreeBSD
As recently announced in a previous article I wanted to write a couple of guides on how to mitigate Spectre and Meltdown vulnerabilities in GNU/Linux and UNIX environments. It is always a good and I hope a standard practice to have your systems patched and if they aren’t for whatever the reason (that legacy thing […]
Exploiting CVE-2019-0708 Remote Desktop Protocol on Windows
The CVE-2019-0708 is the number assigned to a very dangerous vulnerability found in the RDP protocol in Windows sytems. This is also known as the ‘Blue Keep’ vulnerability. The issue was so critical that Microsoft did even release patches to unsupported operating systems such as Windows XP or Server 2003. To this day there are […]
A word on Spectre and Meltdown
As professionals and many aficionados know, early this year some widespread vulnerabilities were found on Intel CPU’s as well as on AMD’s. It was a bit later discovered the flaws also affected some RISC architectures such as Power and ARM. Everybody went nuts and the world seemed to be tumbling because of two CPU vulnerabilities […]
A few useful network commands
Troubleshooting network issues with simple commands is not a very difficult topic once there is a little toolbox to pull from. Needless to say networking topics can be very complicated and any specialist on the field will tell you how cumbersome it can really get. However with a few set of commands one can get […]
How to replace a disk on a ZFS mirror pool
It’s happened to me, it’s happened to you, it’s happened more than one million times and it will still happen in the future. You run out of disk space or a disk fails. Nowadays you are using ZFS, and instead of having a fancy RAIDZ, because you still don’t need it, you are using a […]
How to install RKHunter on FreeBSD
In this post you will find simple instructions to install rkhunter on FreeBSD which is a root kit “hunter” so your system/s will have some security in place for that kind of unwanted software. But for those who do not know what a rootkit is, let’s give it a simple definition (which you can get […]
How to enable SSL on Apache on FreeBSD
On this guide you will read about a simple way to enable Apache’s TLS connections on your web server. Aside from useful it secures the connection from the client to the server and prevents unwanted tinkering. Anyone on the need of SSL (nowadays TLS) will benefit from this article but particularly will do those in […]
How to mitigate DoS attacks with mod_evasive on FreeBSD
Denial of Service attacks or the distributed version of them (DDoS) have been growing throughout the years with their ups and downs. In my view the only thing that will happen to them is even bigger growth. With the advent of IoT devices the next decade will see an increase in these kind of attacks. […]