Once again I am writting another “*FreeBSD*”:http://www.freebsd.org related post! _Great !_ 
Two weeks ago a small team of individuals (about 30 great ones), started writting a “*BSD Administration study guide*”:http://bsdwiki.reedmedia.net/wiki/.
Permalink Comments off
“Pawel Jakub Dawidek”:http://blogs.freebsdish.org/pjd/2007/01/28/zfs-progress/ says:
“…
The port is almost finished. Something like 98% functionality is implemented and work…”“…The remaining part I coded today was readdir functionality for GFS. GFS (Generic pseudo-FileSystem) is Solaris framework for virtual file systems. ZFS uses this framework to create .zfs/ directory where snapshots are placed…”
The development of new features it’s appening very fast!
This sounds really great 
.
Permalink Comments off
Well if you don’t know already, I am from Viana do Castelo!
Just chek this beautiful video about my city! Everything is just great and magnific, a place where people and nature comes first and then the commerce, industrial sector and of course, jobs offer 
. Well but apart that, I like very much my city.
actualy, right now I am living/working/studying in Lisbon since 2001.
Permalink Comments off
Chunk of random news about what technologies are being introduced in “FreeBSD”:http://www.FreeBSD.Org 7. Some of them very important, long waited and with high expectations!
* *New sendfile() implementation, improved sosend()*
“…”Andre Oppermann”:http://people.freebsd.org/~andre/; has optimized kernel’s internal networking support. The new sendfile() implementation sends larger chunks of data at once and improves performance upto 5x when used with TSO and other new enhancements…”
* *TCP socket buffers auto-sizing*
“…”Andre Oppermann”:http://people.freebsd.org/~andre/; With TCP send buffer auto scaling and the default values below it supports 20Mbit/s at 100ms and 10Mbit/s at 200ms. Both read and write buffer are auto-sized…”
* *Superpages*
“…”Alan Cox”:http://www.cs.rice.edu/~ssiyer/r/superpages/osdi02superpages/ ; Most general processors provide support for memory pages of large sizes, called superpages. Superpages enable each entry in the translation lookaside buffer (TLB) to map a large physical memory region into a virtual address space…”
* *DTrace*
“… “John Birrell”:http://people.freebsd.org/~jb/dtrace/; Sun’s advanced diagnostic tool and language for operating systems. It’s currently being ported to FreeBSD…”; “…useful to track down bugs and performance defficiencies, but can also be used (and in the same way) by advanced system administrators…”
* *ZFS*
“…”Pawel Jakub Dawidek”:http://lists.freebsd.org/pipermail/freebsd-current/2006-August/065306.html; Sun’s ZFS is in the process of being ported to FreeBSD, with the intention of offering most (or all) features found in the original implementation. It’s integrated with FreeBSD’s existing features like UFS and GEOM, thus offering the possibility of creating FreeBSD UFS file systems on ZFS volumes, and using GEOM providers to host ZFS file systems…”
* *gjournal*
“…”Pawel Jakub Dawidek”:http://bsdblogs.droso.org/pjd; Gjournal is a GEOM storage class that provides data journaling facilities to any providers (and consumers) the user needs. Since it takes special care to work well with disk drive hardware caches, it can be used to accelerate and provide reliability in many other uses, such as GELI and GBDE encrypted device providers…”
* *gvirstor*
“… “Ivan Voras”:http://wiki.freebsd.org/gvirstor; Gvirstor is a GEOM storage class that provides a storage device of arbitrary size in “overcommit” mode (i.e. larger than physically available storage).
* *SCHED_CORE*
“…David Xu; Since SCHED_ULE (the original version) was in general underperforming and not very stable, a new scheduler project was started, SCHED_CORE. This work is done by the author of libthr, so performance is an important goal…”
* *Security event auditing*
“…”Robert Watson & more”:http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/audit.html; Event auditing allows the reliable, fine-grained, and configurable logging of a variety of security-relevant system events, including logins, configuration changes, and file and network access. These log records can be invaluable for live system monitoring, intrusion detection, and postmortem analysis. FreeBSD implements Sun’s published BSM API and file format, and is interoperable with both Sun’s Solaris and Apple’s Mac OS X audit implementations….”
* *privilege separation capabilities*
“…”Robert Watson”:http://lists.freebsd.org/pipermail/freebsd-arch/2006-October/005705.html; This is an idea similar to RBAC (as seen in Solaris & others) which allow the root privilege to be separated into several fine grained capabilities such as “can access the network” or “can bypass file system quotas”.
all this sounds just great, let them cook
read “*FreshSource.org*”:http://www.freshsource.org/
Permalink Comments off
Yep I am securing my mac with BSD sysctls.
* *listing all available MIB’s*
% sysctl -a | more
* *log in vain* – will log any attempt to connects to ports without listeners.
% sysctl -w net.inet.tcp.log_in_vain=1
% sysctl -w net.inet.udp.log_in_vain=1
* *blackhole* – setting this MIB to a numeric value of one (1), the incoming SYN segment is dropped, and no RST is sent, making the system appear as a blackhole. Setting the MIB to two (2), any arriving on a closed port is dropped without returning a RST. (protection against stealth port scans)
% sysctl -w net.inet.tcp.blackhole=1
% sysctl -w net.inet.udp.blackhole=2
* to get this working after a reboot, just do this:
%touch /etc/sysctl.conf
and add the mibs like this:
net.inet.tcp.log_in_vain=”1″
and so on…
bye and nice hacks…
(offtopic memory note)
migrate from “typo”:http://www.typosphere.org/ to “mephisto”:http://mephistoblog.com/ as soon as possible)
Yep, it’s true, FreeBSD 6.2-RELEASE it’s out there!
…as espected -> “Release Process”:http://www.freebsd.org/releases/6.2R/schedule.html
* “freebsd-update(8)”:http://www.freebsd.org/cgi/man.cgi?query=freebsd-update&sektion=8&manpath=FreeBSD+6.2-RELEASE provides officially supported binary updates for security fixes and errata patches;
* Experimental support for CAPP security event auditing;
* “OpenBSM”:http://www.trustedbsd.org/openbsm.html audit command line tool suite and library;
* csup(1) integrated cvsup client now included;
* New amdsmb(4), enc(4) ipmi(4), nfsmb(4), stge(4) drivers
* IPFW(4) packet tagging
* Many driver updates including em(4), arcmsr(4), ath(4), bce(4), ata(4), and iwi(4)
and much more, take a look:
* Security event auditing is now supported in the FreeBSD kernel, and is enabled by the AUDIT kernel configuration option. “audit(4)”:http://www.freebsd.org/cgi/man.cgi?query=audit&sektion=4&manpath=FreeBSD+6.2-RELEASE
* “geli(8)”:http://www.freebsd.org/cgi/man.cgi?query=geli&sektion=8&manpath=FreeBSD+6.2-RELEASE is now able to perform data integrity verification (data authentication) of encrypted data stored on disk.
* “linsysfs(5)”:http://www.freebsd.org/cgi/man.cgi?query=linsysfs&sektion=5&manpath=FreeBSD+6.2-RELEASE pseudo-filesystem driver has been added. It provides a subset of the Linux sys filesystem, and is required for the correct operation of some Linux binaries (such as the LSI MegaRAID SAS utility).
* The “jail(8)”:http://www.freebsd.org/cgi/man.cgi?query=jail&sektion=8&manpath=FreeBSD+6.2-RELEASE program now supports a -s option to specify a jail’s securelevel. (GREAT!!)
detailled information: “Release Notes”:http://www.freebsd.org/releases/6.2R/relnotes-i386.html
Well, I’m gona make some updates 
bye
I have submited another Problem Report for Joomla CMS FreeBSD port.
If you use Joomla, take a look at “this.”:http://www.joomla.org/content/view/2446/1/
Problem Report: “ports/107889″:http://www.freebsd.org/cgi/query-pr.cgi?pr=107889
- 140+ General Bug Fixes
- Several low level security fixes
- A full security audit of SQL queries
- SSL switchover support
$ portupgrade joomla
Ok, I know this is a “_micro-post_” (!stupid) just because one day I will certainly read it here in my blog and not in TextMate manual!
$su %ln -s /Applications/TextMate.app/Contents/Resources/mate /usr/bin/mate
and now I can open a directory of some Ruby on Rails project in one simple step:
$mate SomeRailsProjectDirectory
done