OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
b2k13 hackathon report: Henning Brauer (henning@) on Lazy IP Checksumming
Contributed by weerd on Tue Nov 5 10:08:10 2013 (GMT)
from the the-sum-of-all-evil-packets dept.

Henning Brauer (henning@) just sent in his report from the b2k13 hackathon, but there's also a short interview with Henning over on which you might enjoy.

Berlin was a really convenient hackathon location for me, since getting there from Hamburg feels like a little longer S-Bahn ride. The fast ICE train makes it only a 90 minute trip. I arrived half a day later than intended due to work interfering, but I quickly got going.

[ 0 comments ] (flat) (expanded)

OSPF over IPsec
Contributed by tbert on Tue Nov 5 07:52:47 2013 (GMT)
from the shortest-path-measuring-contest dept.

Maxim Bourmistrov (maxim<at>unixconn<dot>com) wrote in to tell us about his Open Shortest Path First (OSPF) over IP Security Protocol (IPsec).

While looking for a solution for OSPF over IPsec, I found a lot of articles about how to do this over gre(4). The other possibility is to use gif(4) instead. I've tested both and was not quite happy with results. The gre(4) approach had some generic issues and the gif(4) approach had problems with multicast at times. Yet, I need to have "OSPF over IPsec" up and running.

Luckily, I remembered Theos' presentation about vether(4). While Theos' presentation was mostly written from developer perspective and not from administrators point of view, he left some clues about how this can be done.

The info below is how I do "OSPF over IPsec", or should I say "OSPF on top on vether on top of gif on top of IPsec".

[ 11 comments 192d12:59 ago ] (flat) (expanded)

BSDNow Interview With Henning Brauer (henning@)
Contributed by jcr on Sat Nov 2 00:05:57 2013 (GMT)
from the henning-loves-capitalism dept.

Allan, Kris, and TJ, the masterminds behind BSDNow, have released Episode 009 containing their interview of Henning Brauer (henning@) at EuroBSDCon 2013 in Malta. They also mention the recent work of Stefan Sperling (stsp@) on boot(8) support for keydisk-based softraid crypto volumes (undeadly will provide more in-depth coverage soon), the addition of XBox360 controller support by Jeremy Evans (jeremy@), and the previously covered addition of Unattended Installation support added by Uwe Stühler (uwe@).

[ 1 comment 1383d6:01 ago ] (flat) (expanded)

OpenBSD 5.4 Released!
Contributed by jcr on Fri Nov 1 14:43:12 2013 (GMT)
from the my-favorite-things dept.

November 1st 2013, Calgary, Alberta and elsewhere:

The OpenBSD project has announced the release of OpenBSD 5.4, the project's 35th release on a steady six month release cycle.

You can order a CDROM set to help support the project.

Notable advancements include new or extended platforms like octeon and beagle, moving VAX to ELF format, improved hardware support including Kernel Mode Setting (KMS), overhauled inteldrm(4), experimental support for fuse(4), reworked checksum handling for network protocols, OpenSMTPD 5.3.3, OpenSSH 6.3, over 7,800 ports, and many other improvements and additions.

[ 4 comments 1379d53m ago ] (flat) (expanded)

b2k13 hackathon report: Landry Breuil (landry@) on mozilla and other porting projects
Contributed by jcr on Fri Nov 1 11:05:52 2013 (GMT)
from the what-if-mozilla-was-one-of-us dept.

Next in line with his tale from the b2k13 hackathon in Berlin is Landry Breuil (landry@):

I had no plans for this hackathon (as usual, you never manage to do anything you planned anyway) and all in all it went pretty well.

[ 0 comments ] (flat) (expanded)

OpenBSD Adds Unattended Installation Support
Contributed by jcr on Mon Oct 28 13:39:06 2013 (GMT)
from the Unattended-Consequences dept.

Uwe Stühler (uwe@) has added preliminary support for unattended OpenBSD installation (think Kickstart or Cobbler) for OpenBSD.

[ 9 comments 192d11:50 ago ] (flat) (expanded)

Slow Brute Force Attacks On SSH
Contributed by jcr on Mon Oct 28 21:02:24 2013 (GMT)
from the port-knocking-on-heaven's-door dept.

Allan Jude, Kris Moore, and TJ of BSD Now have released Episode 007 where they throw James Bond down one of the internal shafts of the Death Star. Hopefully they won't start releasing prequels, but in this episode they also talk about the work of Peter N. M. Hansteen (pitrh@) using pf(4) to thwart slow, "low intensity," brute force attacks on sshd(8).

Peter gave a talk (with video) on the "The Hail Mary Cloud" brute force attacks at BSDCan 2013. He also gave a tutorial on pf(4) at EuroBSDCon 2013, and recently posted a summary of Lessons Learned from The Hail Mary Cloud on his blog. The blog post has a lot of great links to previous articles on slow brute force attacks on sshd(8) along with example datasets and logs.

[ 2 comments 192d11:16 ago ] (flat) (expanded)

b2k13 hackathon report: Florian Obser (florian@) on nginx.conf(5), slowcgi
Contributed by jcr on Fri Oct 25 08:50:36 2013 (GMT)
from the future-soon dept.

Our sixth b2k13 hackathon report comes from Florian Obser (florian@), who writes:

Some time ago Reyk Floeter (reyk@) mentioned that it would be really nice to have a nginx.conf(5) man page. I started looking into generating mdoc(7) from upstream's XML files (nginx XML docs) with XSLT and some heuristics in perl. Ingo Schwarze (schwarze@) was kind enough to look over an early draft of the first section ("Core Functionality") and giving me a lot of valuable input on all the things I was doing wrong.

[ 1 comment 1391d14:14 ago ] (flat) (expanded)

b2k13 hackathon report: Sebastian Reitenbach (sebastia@) on GNUstep sope sogo
Contributed by tbert on Fri Oct 25 07:15:26 2013 (GMT)
from the one-giant-step-for-softwarekind dept.

Our fifth b2k13 hackathon report comes from Sebastian Reitenbach (sebastia@), who writes:

Most of the time during the hackathon I spent working on the GNUstep related ports. My goal was to upgrade at least i386 and amd64 to compile with clang and enable the non fragile ABI, and upgrade libobjc2 to the latest release. Most of the bits were already prepared the months before. Two ports were still known to not compile, www/sope and www/sogo. After I got those problems sorted out, and the ports prepared for the libobjc2 upgrade, I was able to start upgrading the GNUstep ports step by step, upgrade gnustep-base, and libobjc2.

[ 0 comments ] (flat) (expanded)

Support OpenBSD!

Donate to OpenBSD

Buy OpenBSD products


We are constantly on the lookout for stories of how you put OpenBSD to work. Please submit any informative articles on how OpenBSD is helping your company.

Older Stuff
Thursday, October 24
12:37 AsiaBSDCon 2014 Announced (3)
07:32 b2k13 hackathon report: Mike Larkin (mlarkin@) on i386 and amd64 hibernation (0)
Wednesday, October 23
14:33 OpenBSD 5.4 preorders arriving in Europe (5)
06:51 b2k13 hackathon report: Miod Vallat (miod@) on UTF-8 wscons (90)
08:00 b2k13 hackathon report: Stefan Sperling (stsp@) on athn(4), softraid, ports (0)
Tuesday, October 22
07:31 b2k13 hackathon report: Joerg Jung (jung@) - ports, IPv6 spamd (1)
Thursday, October 17
18:38 New queueing system now in -current (3)
Tuesday, October 15
07:24 Doing It de Raadt Way (3)
Monday, October 14
12:26 Hardware Needed Badly in Calgary Basement (2)

Older Stuff...
Yesterday's Edition...

OpenBSD Errata

OpenBSD Resources

Users wishing RSS/RDF summary files of OpenBSD Journal, can retrieve: [xml]

[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. Some icons from used with permission from Kathleen. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]