FreeBSD 7.2RC Released

Posted on in Categories FreeBSD, Hardware, Howto, Networking, News last updated January 25, 2009

The second of two planned Release Candidates for the FreeBSD 7.2-RELEASE cycle is now available. ISO images for Tier-1 architectures are now available on most of the FreeBSD mirror sites.

The freebsd-update(8) utility supports binary upgrades of i386 and amd64
systems running earlier FreeBSD releases. Systems running 7.0-RELEASE,
7.1-RELEASE, 7.2-BETA1, or 7.2-RC1 can upgrade as follows:

# freebsd-update upgrade -r 7.2-RC2

During this process, FreeBSD Update may ask the user to help by merging
some configuration files or by confirming that the automatically performed
merging was done correctly.

# freebsd-update install

The system must be rebooted with the newly installed kernel before continuing.
# shutdown -r now

After rebooting, freebsd-update needs to be run again to install the new
userland components, and the system needs to be rebooted again:

# freebsd-update install
# shutdown -r now

Important: Openssl Security Update [CVE-2008-5077]

Posted on in Categories CentOS, Debian Linux, fedora linux, FreeBSD, GNU/Open source, Howto, Linux, News, RedHat/Fedora Linux, Security Alert, Slackware, Suse Linux, Sys admin last updated January 8, 2009

Linux / BSD and UNIX like operating systems includes software from the OpenSSL Project. The OpenSSL is commercial-grade, industry-strength, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as general purpose cryptography library.

The Google security team discovered a flaw in the way OpenSSL checked the verification of certificates. An attacker in control of a malicious server, or able to effect a “man in the middle” attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client and bypass validation.

This update has been rated as having important security impact on FreeBSD, all version of Ubuntu / Debian, Red Hat (RHEL), CentOS, Fedora and other open source operating system that depends upon OpenSSL.

BIND Named: Set a Zone Transfer IP Address For Master DNS Server

Posted on in Categories BIND Dns, CentOS, data center, fedora linux, FreeBSD, High performance computing, Linux Scalability, RedHat/Fedora Linux, Troubleshooting last updated January 8, 2009

I’ve three nameserver load-balanced (LB) in three geo locations. Each LB has a front end public IP address and two backend IP address (one for BIND and another for zone transfer) are assigned to actual bind 9 server running Linux. So when a zone transfer initiates from slave server, all I get errors. A connection cannot be established, it tries again with the servers main ip or LB2 / LB3 ip. This is a problem because my servers are geo located and load balanced. However, there is a small workaround for this problem.

FreeBSD Turn On Process Accounting – Track System Resources Used By Users

Posted on in Categories FreeBSD, Howto, Monitoring, Security, Sys admin, Tips, Troubleshooting, Tuning last updated January 8, 2009

I’ve already written about Linux process accounting under Linux ( see how to keep a detailed audit trail of what’s being done on your Linux systems). You can easily setup process accounting under FreeBSD. This tutorial expalins how to enable and utilizing FreeBSD process accounting including many other useful options are explained to keep track of system resources used, and their allocation among users.

FreeBSD Kernel Critical Update: arc4random predictable sequence vulnerability

Posted on in Categories FreeBSD, Security, Security Alert last updated November 25, 2008

FreeBSD today released a core (kernel) patched to plug “arc4random predictable sequence vulnerability” security hole in its operating systems version 6.x and 7.x stable release. When the arc4random random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random; and it may take up to 5 minutes before arc4random is reseeded with secure entropy from the Yarrow random number generator. All security-related kernel subsystems that rely on a quality random number generator are subject to a wide range of possible attacks. This update has been rated as having important security impact.

Linux: Should You Use Twice the Amount of Ram as Swap Space?

Posted on in Categories data center, Debian Linux, fedora linux, File system, FreeBSD, Gentoo Linux, kernel, Linux, Linux desktop, Linux laptop, OpenBSD, RedHat/Fedora Linux, Solaris, Storage, Suse Linux, Tuning, Ubuntu Linux, UNIX last updated June 8, 2017

Linux and other Unix-like operating systems use the term “swap” to describe both the act of moving memory pages between RAM and disk and the region of a disk the pages are stored on. It is common to use a whole partition of a hard disk for swapping. However, with the 2.6 Linux kernel, swap files are just as fast as swap partitions. Now, many admins (both Windows and Linux/UNIX) follow an old rule of thumb that your swap partition should be twice the size of your main system RAM. Let us say I’ve 32GB RAM, should I set swap space to 64 GB? Is 64 GB of swap space required? How big should your Linux / UNIX swap space be?

FreeBSD Forums Launched

Posted on in Categories FreeBSD, Links, News last updated November 18, 2008

Excellent news, now you can get FreeBSD support directly from Freebsd community.

The FreeBSD project is finally, after much work, pleased to announce the availability of an official FreeBSD web based discussion forum. This forum will serve as a public support channel for FreeBSD users around the world and as a complement to fine mailing lists.

=> FreeBSD forum

RAID 5 vs RAID 10: Recommended RAID For Safety and Performance

Posted on in Categories File system, FreeBSD, Hardware, Linux, OpenBSD, RedHat/Fedora Linux, Storage, Suse Linux, UNIX, Windows server last updated October 22, 2008

A Redundant Array of Independent Drives (or Disks), also known as Redundant Array of Inexpensive Drives (or Disks) (RAID) is an term for data storage schemes that divide and/or replicate data among multiple hard drives. RAID can be designed to provide increased data reliability or increased I/O performance, though one goal may compromise the other. There are 10 RAID level. But which one is recommended for data safety and performance considering that hard drives are commodity priced?