Piero Bosio Social Web Site Personale

Social Forum federato con il resto del mondo. Non contano le istanze, contano le persone

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

The FreeBSD platform was merged into the OCI runtime spec!

Uncategorized

1 Posts 1 Posters 11 Views

undefined This user is from outside of this forum
undefined This user is from outside of this forum
david_chisnall@infosec.exchange

wrote on last edited by

#1

The FreeBSD platform was merged into the OCI runtime spec!
FreeBSD is now an official target for OCI containers (it’s been working in Podman as an unofficial target for a while).
#FreeBSD #OCI
1 Reply Last reply

0
undefined stefano@mastodon.bsd.cafe shared this topic on

Feed RSS

The FreeBSD platform was merged into the OCI runtime spec!

Gli ultimi otto messaggi ricevuti dalla Federazione

undefined
livelakesuperior@mastodon.social

Current* conditions near Grand Marais, MI:

read more
undefined
livelakehuron@mastodon.social

Current* conditions near St. Ignace, MI:

read more
undefined
maudel@mastodon.uno

L’Anticristo e la domanda: che uomini siamo?
https://ilmanifesto.it/lanticristo-e-la-domanda-che-uomini-siamo

read more
undefined
livelakesuperior@mastodon.social

Current* conditions near Two Harbors, MN:

read more
undefined
pekkavaa@mastodon.gamedev.place

@aeva Ah you took that course too

read more
undefined
exilsarahl@chaos.social

@ObsidianUrbex ohmygod is that beautiful

read more
undefined
humanhorseshoes@mastodon.world

@ObsidianUrbex there is some Guinness related house in Dublin people do this in

read more
undefined
livelakemichigan@mastodon.social

Current* conditions near Chicago, IL:

read more

@pierobosio@soc.bosio.info

Post suggeriti

undefined

New blog post: GeoIP-Aware Firewalling with PF on FreeBSD
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized freebsd infosec sysadmin devops
1

0 Votes

1 Posts

12 Views

undefined

New blog post: GeoIP-Aware Firewalling with PF on FreeBSDRunning a mail server means constant brute-force attempts. My solution: geographic filtering. SMTP stays open for global mail delivery, but client ports (IMAP, Submission, webmail) are restricted to Central European IP ranges only.Result: ~90% reduction in attack logs, cleaner signal-to-noise ratio, smaller attack surface.Using MaxMind GeoLite2 + PF tables with ~273k CIDR blocks.https://blog.hofstede.it/geoip-aware-firewalling-with-pf-on-freebsd/#FreeBSD #InfoSec #SysAdmin #pf #DevOps
undefined

New blog post: Managing FreeBSD Jails with Ansible.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized freebsd ansible devops sysadmin jails automation
1

0 Votes

1 Posts

7 Views

undefined

New blog post: Managing FreeBSD Jails with Ansible.I wrote jailexec - an Ansible connection plugin that lets you manage FreeBSD jails without running SSH inside each one. It connects to the jail host via SSH and uses jexec to run commands, just like you would manually. Features: • Single Python file, easy install • Supports doas and sudo • Secure two-stage file transfers • Works with any jail managerBlog: https://blog.hofstede.it/managing-freebsd-jails-with-ansible-the-jailexec-connection-plugin/Code: https://github.com/chofstede/ansible_jailexec#FreeBSD #Ansible #DevOps #SysAdmin #Jails #Automation
undefined

Today I learned that uname
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized freebsd
1

0 Votes

1 Posts

7 Views

undefined

Today I learned that uname.c on #FreeBSD is a light wrapper around sysctl nodes. For example, uname -r is equal to kern.osrelease.https://github.com/freebsd/freebsd-src/blob/main/usr.bin/uname/uname.c
undefined

Hot take: pf's built-in connection tracking beats fail2ban/sshguard hands down.
Watching Ignoring Scheduled Pinned Locked Moved Uncategorized bsd freebsd runbsd firewall sysadmin
1

0 Votes

1 Posts

8 Views

undefined

Hot take: pf's built-in connection tracking beats fail2ban/sshguard hands down.One simple ruleset gives you automatic brute-force protection with ZERO userland daemons. No log parsing, no reaction delays, no additional attack surface.table <bruteforce> persistpass in proto tcp to port 22 flags S/SA (max-src-conn 5, max-src-conn-rate 3/30, overload <bruteforce> flush global)Kernel-level enforcement, instant blocking, survives reboots with persist.Why spawn Python processes when your firewall already knows?#bsd #freebsd #runbsd #firewall #pf #sysadmin

Piero Bosio Social Web Site Personale

The FreeBSD platform was merged into the OCI runtime spec!

Feed RSS

Gli ultimi otto messaggi ricevuti dalla Federazione

Post suggeriti

New blog post: GeoIP-Aware Firewalling with PF on FreeBSD

New blog post: Managing FreeBSD Jails with Ansible.

Today I learned that uname

Hot take: pf's built-in connection tracking beats fail2ban/sshguard hands down.