FreeBSD

I already written about howto remove a password from all PDF files under Ubuntu or any other Linux distribution in a batch mode. However, many user want a simple command to recover password from pdf files. This is useful if you forgotten your password for pdf file. It is also useful for data-archaeologists, computer forensics professionals, people who want to test their password-strength (pdf files generated by webpass) and many more.
[continue reading…]

Man pages are written by sys-admin and developers for IT techs, and are intended more as a reference than as a how to. Man pages are very useful for people who are already familiar with Linux, Unix, and BSD operating systems. Use man pages when you just need to know the syntax for particular commands or configuration file, but they are not helpful for new Linux users. Man pages are not good for learning something new for the first time. Here are thirty best documentation sites on the web for learning Linux and Unix like operating systems.
[continue reading…]

The FreeBSD Project is one of the oldest and successful project. FreeBSD is well known for its reliability, robustness, and performance.

A new version of the FreeBSD 8 is scheduled for release this week. A RC3 was made available for download few weeks ago for final round of testing before the official launch. nixCraft takes you for an in-depth look at the new features and major architectural changes in FreeBSD v8.0.
[continue reading…]

BIND 9 is an implementation of the Domain Name System (DNS) protocols. named daemon is an Internet Domain Name Server for UNIX like operating systems. Dynamic update messages may be used to update records in a master zone on a nameserver. When named receives a specially crafted dynamic update message an internal assertion check is triggered which causes named to exit. An attacker which can send DNS requests to a nameserver can cause it to exit, thus creating a Denial of Service situation. configuring named to ignore dynamic updates is NOT sufficient to protect it from this vulnerability. This exploit is public. Please upgrade immediately.
[continue reading…]

If you do not control or throttle end users, your server may run out of resources. Spammers, abuser and badly written bots can eat up all your bandwidth. A webserver must keep an eye on connections and limit connections per second. This is serving 101. The default is no limit. Lighttpd can limit the throughput for each single connection (per IP) or for all connections. You also need to a use firewall to limit connections per second. In this article I will cover firewall and lighttpd web server settings to throttle end users. The firewall settings can be applied to other web servers such as Apache / Nginx and IIS server behind PF / netfilter based firewall.
[continue reading…]

FreeBSD is just plain old good UNIX with rock solid networking stack. It is quite popular amongst hosting companies, ISPs, portals (such as Yahoo) and a few large financial institutions because of its reliability, robustness and performance.

A new version of the FreeBSD is scheduled for release next week (4-May-2009). A beta 2 was made available for download few weeks ago for final round of testing before the official launch.
[continue reading…]

Geolocation software is used to get the geographic location of visitor using IP address. You can determine country, organization and guess visitors location. This is useful for

a] Fraud detection

b] Geo marketing and ad serving

c] Target content

d] Spam fighting

e] And much more.

mod_geoip is a Lighttpd module for fast ip/location lookups. In this tutorial you will learn about mod_geoip installation and php server side examples to determine visitors country.
[continue reading…]

MAC Filtering (layer 2 address filtering) refers to a security access control methodology whereby the 48-bit address assigned to each network card is used to determine access to the network. Iptables, pf, and IPFW can block a certain MAC address on a network, just like an IP. One can deny or allow from MAC address like 00:1e:2a:47:42:8d using open source firewalls. MAC address filtering is often used to secure LAN or wireless network / devices. Is this technique effective?
[continue reading…]

The tail command is one of the best tool to view log files in a real time using tail -f /path/to/log.file syntax on a Unix-like systems. The program MultiTail lets you view one or multiple files like the original tail program. The difference is that it creates multiple windows on your console (with ncurses). This is one of those dream come true program for UNIX sys admin job. You can browse through several log files at once and do various operations like search for errors and more.
[continue reading…]

The second of two planned Release Candidates for the FreeBSD 7.2-RELEASE cycle is now available. ISO images for Tier-1 architectures are now available on most of the FreeBSD mirror sites.

The freebsd-update(8) utility supports binary upgrades of i386 and amd64
systems running earlier FreeBSD releases. Systems running 7.0-RELEASE,
7.1-RELEASE, 7.2-BETA1, or 7.2-RC1 can upgrade as follows:

# freebsd-update upgrade -r 7.2-RC2

During this process, FreeBSD Update may ask the user to help by merging
some configuration files or by confirming that the automatically performed
merging was done correctly.

# freebsd-update install

The system must be rebooted with the newly installed kernel before continuing.
# shutdown -r now

After rebooting, freebsd-update needs to be run again to install the new
userland components, and the system needs to be rebooted again:

# freebsd-update install
# shutdown -r now