BSD Newswire

BSD Newswire

Comprehensive Real-Time News Feed for BSD.

Results 1 - 14 of 14 in BSD

  1. Suhosin: How to harden your PHP web applicationRead the original story w/Photo

    May 22, 2015 | Network World

    PHP is a hugely popular programming language but poor coding can make your server as secure as a wet paper bag ... Suhosin is the solution The number of Internet servers that run the PHP language is incredible: According to Netcraft , as of January, 2012, something around 244,000,000 web sites were running PHP and according to a May, 2015, survey by W3Techs "PHP is used by 81.9% of all websites whose server-side programming language we know." Bottom line: PHP rules.

    Comment?

  2. OpenBSD 5.7 CD 2 Incorrectly PressedRead the original story

    May 15, 2015 | OpenBSD Journal

    Contributed by jj on Fri May 15 15:37:00 2015 from the the-dj-scratched-my-disk dept. OpenBSD project leader Theo de Raadt outlined some issues with the CD plant, which led to an incorrectly-finished CD 2, some of which were, unfortunately, shipped prior to the issue being found.

    Comment?

  3. FreeBSD Unix Find Out Which Programs Are Listing On a Given Port NumberRead the original story

    Mar 7, 2015 | NixCraft

    ... are learning about it. # cd /usr/ports/sysutils/lsof/ && make install clean Some people who have migrated from Linux to BSD like lsof command. It isn't standard like netstat and sockstat. You will have to install it. At this time there is no ...

    Comment?

  4. s2k15 Hackathon Report: krw@ on improvements in dhclient(8), fdisk(8) and moreRead the original story

    Feb 21, 2015 | OpenBSD Journal

    Contributed by pitrh on Sat Feb 21 22:22:26 2015 from the do dropbears dream of IP addresses dept. I arrived in Brisbane with Theo in tow and was quickly whisked away by dlg@ to the lovely surroundings of St. Leo's college.

    Comment?

  5. FreeBSD-Current Random Number Generator BrokenRead the original story w/Photo

    Feb 18, 2015 | Slashdot

    First time accepted submitter bobo the hobo writes The FreeBSD random number has been discovered to be generating possibly predictable SSH keys and SSL certificates for months . Time to regenerate your keys and certs if using FreeBSD-Current.

    Comment?

  6. s2k15 Hackathon Report: mpi@ on network stack SMPRead the original story

    Feb 18, 2015 | OpenBSD Journal

    I arrived a bit earlier to be able to finally meet and discuss with David , our host, in order to define a strategy to continue moving some bits and pieces of the network stack out of the big lock. And that's what we did.

    Comment?

  7. s2k15: Authenticated TLS 'constraints' in ntpdRead the original story

    Feb 10, 2015 | OpenBSD Journal

    Contributed by tbert on Tue Feb 10 10:34:10 2015 from the stuck-with-the-MitM-with-you dept. Theo, Henning, and me developed an idea to utilize TLS in some way for authenticated time in ntpd .

    Comment?

  8. OpenBSD's Kernel Gets W^X Treatment On Amd64Read the original story w/Photo

    Jan 14, 2015 | Slashdot

    New submitter brynet tips this news from Theo de Raadt: Over the last two months Mike Larkin modified the amd64 kernel to follow the W^X principles . It started as a humble exercise to fix the .rodata segment, and kind of went crazy.

    Comment?

  9. OpenBSD Releases a Portable Version of OpenNTPDRead the original story w/Photo

    Jan 9, 2015 | Slashdot

    Noryungi writes Theo De Raadt roundly criticized NTP due to its recent security advisories, and pointed out that OpenBSD OpenNTPD was not vulnerable. However, it also had not been made portable to other OS in a long time.

    Comment?

  10. Code Is LawRead the original story w/Photo

    Jan 9, 2015 | Slate Magazine

    In late July 2014, the information security world was on edge. Researchers from Carnegie Mellon University - who work "closely with the Department of Homeland Security" - were scheduled to give a talk at the Black Hat USA information security conference on a simple method to "de-anonymize" Tor users .

    Comment?

  11. Running FreeBSD on Hyper-vRead the original story

    Dec 25, 2014 | MSDN Blogs

    Hyper-V supports both emulated and Hyper-V-specific devices for Linux and FreeBSD virtual machines. When running with emulated devices, no additional software is required to be installed.

    Comment?

  12. Four Flaws Expose Critical Network Time-Keeping Servers to AttackRead the original story w/Photo

    Dec 22, 2014 | CNet News

    Flaws in a popular program implementing the Network Time Protocol, the software used to synchronize servers across the Internet, has administrators scrambling. Four security vulnerabilities in a popular program for synchronizing time on Internet-connected computers could be used to compromise tens of thousands - and possibly millions - of servers, according to security experts.

    Comment?

  13. Reviewing 2014, Penguin Porn, and Dropping DistrosRead the original story

    Dec 16, 2014 | OStatic

    Today in Linux news are several reviews of the events of 2014. Elsewhere Linux.conf.au lost its hashtag to an adult entertainment awards and another Linux security flaw is making the news rounds.

    Comment?

  14. Are LibreSSL and BoringSSL safe OpenSSL alternatives?Read the original story

    Dec 1, 2014 | TechTarget

    Since the revelation of the Heartbleed flaw, OpenSSL security has been put into question. Expert Michael Cobb discusses whether LibreSSL and BoringSSL could serve as OpenSSL alternatives.

    Comment?