FUG-BR / Grupo Brasileiro de Usuarios de FreeBSD - Todas Categorias
 
 
22.11  
Inicio arrow Todas Categorias
Principal
Inicio
Noticias
Artigos
Regras da Lista
Assinar a Lista
Histrico da Lista
Galeria de Imagens
Contador Usurios FUG
FUGs Estaduais
Downloads
Enquetes
FAQ
Resumo do Site
Links
Pesquisar
Contato
Sobre a FUG-BR
RSS
-
DOC-BR (FUG BR)
Introduo
Projeto DOC-BR
Handbook
FAQ Oficial
-
+ Noticias
Alertas de Seguranca
Alertas em Ports
BSD em Geral
DaemonNews (Ingles)
MyFreeBSD
Todas Categorias
-
Login
Nome de Usurio

Senha

Lembrar login
Esqueceu sua senha?
Sem conta? Crie uma


FUG-BR
Links Propagação de conteúdo da FUG-BR através de RSS, para você ficar por dentro das notícias da FUG e do histórico da lista de discussão utilizando seu sofware favorito para leitura RSS, como leitor de news, cliente de correio eletrônico ou o suporte builtin à RSS dos navegadores da família Mozilla.
Nome da Fonte # Artigos Link da Fonte
Histrico da Lista de FreeBSD na FUG-BR, por Threads 10 http://www.fug.com.br/fug_hist_rss.xml
RSS 2.0 (Web site FUG-BR) 10 http://www.fug.com.br/component/option,com_rss/feed,RSS2.0/no_html,1/
RSS 1.0 (Web site FUG-BR) 10 http://www.fug.com.br/component/option,com_rss/feed,RSS1.0/no_html,1/
RSS 0.91 (Web site FUG-BR) 10 http://www.fug.com.br/component/option,com_rss/feed,RSS0.91/no_html,1/
ATOM FEED (Web site FUG-BR) 10 http://www.fug.com.br/component/option,com_rss/feed,ATOM0.3/no_html,1/
OPML Share (Web site FUG-BR) 10 http://www.fug.com.br/component/option,com_rss/feed,OPML/no_html,1/
 
FUG-BR - Espalhando BSD
Dicas Rpidas:

No editor de textos vi(1), para remover os ^M de arquivos MS-DOS (Windows), use:

:g/^V^M/s//

 

 




Wallpapers
Fontes Externas
FreeBSD Multimedia Resources List FreeBSD Multimedia Resources
bsdtalk - Julian Elischer - MP3 version

Julian Elischer - MP3 version
From: bsdtalk
Tags: bsdtalk, interview, julian elischer, ironport, mp3
An interview with Julian Elischer at MeetBSD in California. We talk about his early days with BSD and his work using BSD at various companies. He is currently with IronPort, which was bought by Cisco.


bsdtalk - Julian Elischer - Ogg version

Julian Elischer - Ogg version
From: bsdtalk
Tags: bsdtalk, interview, julian elischer, ironport, ogg
An interview with Julian Elischer at MeetBSD in California. We talk about his early days with BSD and his work using BSD at various companies. He is currently with IronPort, which was bought by Cisco.


MeetBSD - MeetBSD 2008 in California - Presentation - FreeBSD Network Stack Performance - Optimizations for Modern Hardware by Robert Watson

MeetBSD 2008 in California - Presentation - FreeBSD Network Stack Performance - Optimizations for Modern Hardware by Robert Watson
From: MeetBSD
Tags: meetbsd, meetbsd2008, freebsd, presentations, robert watson, network stack performance, modern hardware, pdf
MeetBSD 2008 at the Googleplex in Mountain View, California to celebrate FreeBSD's 15th Anniversary!


MeetBSD - MeetBSD 2008 in California - Presentation - Isolating Cluster Jobs for Performance and Predictability by Brooks Davis

MeetBSD 2008 in California - Presentation - Isolating Cluster Jobs for Performance and Predictability by Brooks Davis
From: MeetBSD
Tags: meetbsd, meetbsd2008, freebsd, presentations, brooks davis, cluster, pdf
MeetBSD 2008 at the Googleplex in Mountain View, California to celebrate FreeBSD's 15th Anniversary!


MeetBSD - MeetBSD 2008 in California - Presentation - Embedding FreeBSD by M. Warner Losh

MeetBSD 2008 in California - Presentation - Embedding FreeBSD by M. Warner Losh
From: MeetBSD
Tags: meetbsd, meetbsd2008, freebsd, presentations, warner losh, embedding freebsd, pdf
MeetBSD 2008 at the Googleplex in Mountain View, California to celebrate FreeBSD's 15th Anniversary!


MeetBSD - MeetBSD 2008 in California - Presentation - BSD Certification by Dru Lavigne

MeetBSD 2008 in California - Presentation - BSD Certification by Dru Lavigne
From: MeetBSD
Tags: meetbsd, meetbsd2008, freebsd, presentations, dru lavigne, bsd certification, pdf
MeetBSD 2008 at the Googleplex in Mountain View, California to celebrate FreeBSD's 15th Anniversary!


MeetBSD - MeetBSD 2008 in California - Presentation - PC-BSD 7 - A Developer's Perspective by Kris Moore

MeetBSD 2008 in California - Presentation - PC-BSD 7 - A Developer's Perspective by Kris Moore
From: MeetBSD
Tags: meetbsd, meetbsd2008, freebsd, presentations, kris moore, pc-bsd, pdf
MeetBSD 2008 at the Googleplex in Mountain View, California to celebrate FreeBSD's 15th Anniversary!


MeetBSD - MeetBSD 2008 in California - Presentation - A closer look at the ZFS file system by Pawel Jakub Dawidek

MeetBSD 2008 in California - Presentation - A closer look at the ZFS file system by Pawel Jakub Dawidek
From: MeetBSD
Tags: meetbsd, meetbsd2008, freebsd, presentations, pawel jakub dawidek, zfs, pdf
MeetBSD 2008 at the Googleplex in Mountain View, California to celebrate FreeBSD's 15th Anniversary!


MeetBSD - MeetBSD 2008 in California - Presentation - FreeBSD Foundation Update & Recognition by Robert Watson

MeetBSD 2008 in California - Presentation - FreeBSD Foundation Update & Recognition by Robert Watson
From: MeetBSD
Tags: meetbsd, meetbsd2008, freebsd, presentations, robert watsom, freebsd foundation, pdf
MeetBSD 2008 at the Googleplex in Mountain View, California to celebrate FreeBSD's 15th Anniversary!


MeetBSD - MeetBSD 2008 in California - Presentation - Crypto Acceleration by Philip Paeps

MeetBSD 2008 in California - Presentation - Crypto Acceleration by Philip Paeps
From: MeetBSD
Tags: meetbsd, meetbsd2008, freebsd, presentations, philip paeps, crypto acecelaration, pdf
MeetBSD 2008 at the Googleplex in Mountain View, California to celebrate FreeBSD's 15th Anniversary!


TaoSecurity Richard Bejtlich's blog on digital security and the practices of network security monitoring, incident response, and forensics.
Managing Security in Economic Downturns

You don't need to read this blog for news on the global economic depression. However, several people have asked me what it means for security teams, especially when Schneier Agrees: Security ROI is "Mostly Bunk". No one can generate cash by running a security team; the best we can do is save money. If your security team generates cash, you're either a MSSP, a collection agency of some sort (these do exist, believe it or not!), in need of being spun-off, or not accounting for all of your true costs.

Putting the ROI debate aside, these are tough economic times. Assuming we can all stay employed, we might be able to work the situation to our advantage. Nothing motivates management like a financial argument. See if one or more of the following might work to your advantage, because of the downturn.

  1. Promote centralization and consolidation. The more large organizations I've joined, consulted for, or met, the more I see that successful ones have centralized, consolidated security teams. There's simply not enough skilled security personnel to protect us, and spreading the talent across large organizations leaves too many gaps. Think of the pockets of talent distributed across your own company, and how their skills could be applied organization-wide if properly positioned. If head counts are threatened, make a play for creating a single central group that helps the whole company and bring the best talent into that team.

  2. Convert business security leaders into local experts/consultants. If you work within a large company, your individual business leaders may not like seeing their local staff join a larger company-wide organization. However, those that remain in the business should now be free to focus on what is unique about their business, instead of the minutiae of managing anti-virus, firewalls, patches, and other "traditional" security measures that are absolutely vanilla functions which could be outsourced overseas in a heartbeat. What's more valuable, a security leader who can run an AV console, configure a firewall, and apply a patch, or one who can advise their business CEO on the risks, regulations, and realities of operating in their individual realm? Notice I said leader and not technician. Technicians do the routine tasks I mentioned and are ripe for outsourcing; don't cling to that role unless you wanted to be replaced by a Perl script.

  3. Advocate standardization where it makes sense. For example, is it really necessary to have more than one "gold image" for your common desktop/laptop user? Why develop your own image when the Federal government is doing all the work for you with the Federal Desktop Core Configuration? Turn the team that creates your own image into a much smaller one that tweaks the FDCC, and redeploy the personnel where you need them.

  4. Cut through bureaucracy and authority barriers with a financial knife. This one really bugs me. How many incident responders out there lose time, effectiveness, and data because 1) you don't know who owns a victim computer; 2) finding someone who owns the computer takes time; 3) getting permission to do something about the victim requires more time? You can probably make a case for reduced help desk costs, fewer support personnel, and faster/more accurate/cheaper incident response if you gain the authority to perform remote live response and/or forensics on any platform required, minus some accepted and reasonable exclusion list. This requires 1) good inventory management; 2) forensic agent pre-deployment or administrator credentials to deploy and agent or scripts as necessary; and 3) mature processes and trained people to execute.

  5. Simplify and build visibility in. An example comes from my post Feds Plan to Reduce, Then Monitor. What's cheaper than 1) identifying all your gateways; 2) devising a plan to reduce that number; and 3) building visibility in? Step 1 takes some effort, step 2 might strain your network architects, and step 3 could require new monitoring platforms. However, when done, you're spending less money on gateways, less time scoping intrusions, and less resources on scrambling during incident response because you know all the ways in and out of your organization -- and you can see what is happening. This is a no-brainer.

  6. Move data, not people. This is the principle I mentioned in Green Security. I'm sure your travel budget is being cut. Why fly a security person around the world when, if you achieve the goals in step 4, you can move the data instead? And, if you're building visibility in, you have more data available and don't need to scramble for it.

  7. Wrap everything in metrics. This one is probably the most painful, but it's definitely necessary. If you can't justify your security spending, you're more likely to be cut in a downturn. This doesn't mean "security ROI." What is does mean is showing why your approach is better than the alternatives, with "better" usually meaning (but not always) "cheaper." It can be difficult to capture finances in our field, but I have some ideas. One is intrusion debt. If you've recently hired any outside consultants to assist with security work, their invoices provide a ton of metrics opportunities. (You have a tangible cost that you wish to avoid by taking steps X, Y, and Z in the future.) Metrics can also justify team growth, which is the next step out of the downturn. Be ready!


If you have any ideas, please post them here. I think this is an important topic. Thank you.


Richard Bejtlich is teaching new classes in DC and Europe in 2009. Register by 1 Jan and 1 Feb, respectively, for the best rates.

Tips for PSIRTs

If your company sells software, you probably need to have a Product Security Incident Response Team (PSIRT). The PSIRT should act as the single point of contact for any user of your product to report and coordinate security problems with your software product.

Examples of PSIRTs include:

I think you can tell how serious a company takes security by the way they promote their PSIRT, obscure its existence, or not even operate one. Try comparing Oracle to Cisco, for example.

If you're looking to start a PSIRT, Chad Dougherty's Recommendations to vendors for communicating product security information post on the CERT blog is a great start.


Richard Bejtlich is teaching new classes in DC and Europe in 2009. Register by 1 Jan and 1 Feb, respectively, for the best rates.

Snort Report 21 Posted

My 21st
Snort Report titled Understanding Snort's Unified2 output has been posted. From the article:

Welcome to the 21st edition of the Snort Report! In July 2007 I described Snort's Unified output, first released in July 2001 with Snort 1.8.0. Unified output allows Snort to write sets of data to a sensor's hard drive. Writing to the hard drive, instead of performing database inserts, allows Snort to operate faster and minimize packet loss.

Unified2 output first appeared in Snort 2.8.0, released in September 2007.


I came across this comparison of Unified and Unified2 format at SecurixLive.com but didn't get to include it in my article.

If you're worried about the Barnyard2 implementation at SecurixLive having licensing issues, the author is addressing those as we speak; he did not intend to cause any trouble. So, I am looking forward to seeing greater adoption of Unified2 formats once solutions like those in my article are tested.


Richard Bejtlich is teaching new classes in DC and Europe in 2009. Register by 1 Jan and 1 Feb, respectively, for the best rates.

Intellectual Property: Develop or Steal

I found the article
Internet thieves make big money stealing corporate info in USA Today to be very interesting.

In the past year, cybercriminals have begun to infiltrate corporate tech systems as never before. Knowing that some governments and companies will pay handsomely for industrial secrets, data thieves are harvesting as much corporate data as they can, in anticipation of rising demand...

Elite cybergangs can no longer make great money stealing and selling personal identity data. Thousands of small-time, copycat data thieves have oversaturated the market, driving prices to commodity levels. Credit card account numbers that once fetched $100 or more, for instance, can be had for $10 or less, says Gunter Ollmann, chief security strategist at IBM ISS, IBM's tech security division.

Who buys stolen business data? Brett Kingstone, founder of Super Vision International (now Nexxus Lighting), an Orlando-based industrial lighting manufacturer, knows the answer all too well. In 2000, an intruder breached Super Vision's public-facing website and probed deep enough to snatch secrets behind the company's patented fiber-optic technology.

That intelligence made its way into the hands of a Chinese entrepreneur, Samson Wu. In his book, The Real War Against America, Kingstone recounts how Wu obtained Super Vision's detailed business plans, built a new Chinese factory from scratch and began mass marketing low-priced counterfeit lighting fixtures, complete with warranties referring complaints to Super Vision.

"They had an entire clone of our manufacturing facility," says Kingstone, who won a civil judgment against Wu. "What took us $10 million and 10 years to develop, they were able to do for $1.4 million in six months..."

In the past nine months, data thieves have stepped up attacks against any corporation with weak Internet defenses. The goal: harvest wide swaths of data, with no specific buyer yet in mind, according to security firm Finjan...

"Cybercriminals are focusing on data that can be easily obtained, managed and controlled in order to get the maximum profit in a minimum amount of time," says Ben-Itzhak.

Researchers at RSA, the security division of tech systems supplier EMC, have been monitoring deals on criminal message boards. One recent solicitation came from a buyer offering $50 each for e-mail addresses for top executives at U.S. corporations...

Meanwhile, corporations make it all too easy, say tech security experts and law enforcement officials.
(emphasis added)

We know amateurs study cryptography; professionals study economics, and this explains why. $1.4 million over six months vs $10 million over 10 years makes theft the more attractive proposition for those outside the law.

I'm often asked how we should think about "winning" our current cyber conflicts. I like to consider two metrics.

  1. Information assurance is winning, in a broad sense, when the cost of stealing intellectual property via any means is more expensive than developing that intellectual property independently.

  2. Information assurance is winning, in a narrow sense, when the cost of stealing intellectual property via digital means is more expensive than stealing that data via nontechnical means (such as human agents placed inside the organization).


Number 1 is preferred when you consider your organization as a whole. Number 2 is preferred if you only care about making IP theft the problem of your physical security organization! Obviously I prefer number 1 if possible, but achieving number 2 is more achievable in the medium to long term.

This echoes the comment I made in Ten Themes from Recent Conferences:

We can not stop intruders, only raise their costs. Enterprises stay dirty because we can not stop intruders, but we can make their lives more difficult. I've heard of some organizations trying to raise the $ per MB that the adversary must spend in order to exfiltrate/degrade/deny information.

Laid-off Sys Admin Story Makes My Point

I read this great story by Sharon Gaudin titled
Laid-off sysadmin arrested for threatening company's servers:

A systems administrator was arrested in New Jersey today for allegedly trying to extort money and even good job references out of a New York-based mutual fund company that had just laid him off...

Viktor Savtyrev, of Old Bridge, N.J., was arrested at his home Monday morning. He faces two charges under the federal cyberextortion statute...

Late in the morning of Thursday, Nov. 6, Savtyrev allegedly used a Gmail account to e-mail the company's general counsel and three other employees, saying he was "not satisfied with the terms" of his severance, according to FBI Special Agent Gerald Cotellesse in the complaint. Savtyrev allegedly threatened to cause extensive damage to the company's computer servers if it would not increase his severance pay, extend his medical coverage and provide "excellent" job references.

The sysadmin also threatened to alert the media after attacking the server.


Now, I know many of you are saying "See! The insider threat is so terrible!" I look at this story and think the opposite. This story exemplifies the point I made in Of Course Insiders Cause Fewer Security Incidents. If the potential intruder in this case had been an adversary in East Slobovia, the victim company would have no recourse. The bad guy could take whatever action he wants because no on can touch him.

Because the potential intruder was an insider, the victim company knew who he was, where he lived, and could enlist law enforcement help to arrest him.

Like I also said in the previous post:

However, as I've said elsewhere, insiders will always be better informed and positioned to cause the most damage to their victims. They know where to hurt, how to hurt, and may already have all the access they need to hurt, their victim.

This is another strike against those who believe in vulnerability-centric security. No company has air-tight defenses, so even if you do a good job revoking access from ex-employees they still can strike back. At least when they are former insiders you have a chance of putting them out of commission by striking at the threat, not patching more holes.


Richard Bejtlich is teaching in DC and Europe in 2009. Register by 1 Jan and 1 Feb, respectively, for the best rates.

Marcus Ranum on Network Security

I liked this interview with Marcus Ranum titled Marcus Ranum on Network Security:

Q: In your opinion, what is the current weakest link in the network security chain that will need to be dealt with next year and beyond?

MJR: There are two huge problems: Software development and network awareness. The software development aspect is pretty straightforward. Very few people know how to write good code and even fewer know how to write secure code. Network awareness is more subtle. All through the 1990s until today, organizations were building massive networks and many of them have no idea whatsoever what's actually out there, which systems are crucial, which systems hold sensitive data, etc.

The 1990s were this period of irrational exuberance from a security standpoint - I think we are going to be paying the price for that, for a long time indeed. Not knowing what's on your network is going to continue to be the biggest problem for most security practitioners...

The real best practices have been the same since the 1970s: know where your data is, who has access to what, read your logs, guard your perimeter, minimize complexity, reduce access to "need only" and segment your networks. Those are the practices and techniques that result in real security.
(emphasis added)

One way to begin this process is to hire an Enterprise Visibility Architect with the authority to figure out what is happening inside the organization.


Richard Bejtlich is teaching in DC and Europe in 2009. Register by 1 Jan and 1 Feb, respectively, for the best rates.

BGPMon on BGP Table Leak by Companhia de Telecomunicacoes do Brasil Central

Last month I posted
BGPMon.net Watches BGP Announcements for Free. I said:

I created an account at BGPMon.net and decided to watch for route advertisements for Autonomous System (AS) 80, which corresponds to the 3.0.0.0/8 network my company operates. The idea is that if anyone decides to advertise more specific routes for portions of that net block, and the data provided to BGPMon.net by the Rseaux IP Europens (RIPE) Routing Information Service (RIS) notices the advertisements, I will get an email.

Well, that started happening last night:


You Receive this email because you are subscribed to BGPmon.net.
For more details about these updates please visit:
http://bgpmon.net/showupdates.php

====================
Possible Prefix Hijack (Code: 11)
1 number of peer(s) detected this updates for your prefix 3.0.0.0/8:
Update details: 2008-11-11 01:55 (UTC)
3.0.0.0/8
Announced by: AS16735 (Companhia de Telecomunicacoes do Brasil Central)
Transit AS: 27664 (CTBC Multimdia)
ASpath: 27664 16735

I got four more updates, the last at 2008-11-11 02:59 (UTC).

These alerts indicated that AS16735 (Companhia de Telecomunicacoes do Brasil Central) was advertising routes for my company's 3.0.0.0/8 netblock. That's not good.

When I saw that I initially assumed we were the only ones affected. Early today I read Prefix hijack by AS16735 on the BGPMon blog stating the following:

Between 01:55 UTC and 02:15 267947 distinct prefixes were originated from AS16735 (Companhia de Telecomunicacoes do Brasil Central), hence a full table

Bejtlich Teaching at Black Hat Europe 2009

Black Hat was kind enough to invite me back to teach a new 2-day course at Black Hat Europe 2009 Training on 14-15 April 2009 at the Mvenpick City Centre in Amsterdam, Netherlands. This class, completely new for 2009, is called TCP/IP Weapons School 2.0. This is my only scheduled class outside the United States in 2009.

The short description says:

This hands-on, lab-centric class by Richard Bejtlich focuses on collection, detection, escalation, and response for digital intrusions.

Is your network safe from intruders? Do you know how to find out? Do you know what to do when you learn the truth? If you need answers to these questions, TCP/IP Weapons School 2.0 (TWS2) is the Black Hat course for you. This vendor-neutral, open source software-friendly, reality-driven two-day event will teach students the investigative mindset not found in classes that focus solely on tools. TWS2 is hands-on, lab-centric, and grounded in the latest strategies and tactics that work against adversaries like organized criminals, opportunistic intruders, and advanced persistent threats.


Registration is now open. Black Hat set the four price points and deadlines for registration:

  1. Early: Ends Feb 1

  2. Regular: Ends Mar 1

  3. Late: Ends Apr 1

  4. Onsite: Apr 14


Please join me in Amsterdam next year for TCP/IP Weapons School 2.0. If you've attended previous classes, even TCP/IP Weapons School, the new class is brand new and you're definitely welcome back. This will be the same class as the one I teach in DC in February 2009, however. Thank you.

Bejtlich Teaching at Black Hat DC 2009 Training

Black Hat was kind enough to invite me back to teach a new 2-day course at Black Hat DC 2009 Training on 16-17 February 2009 at the Hyatt Regency Crystal City in Arlington, VA. This class, completely new for 2009, is called TCP/IP Weapons School 2.0. This is my only scheduled class on the east coast of the United States in 2009.

The short description says:

This hands-on, lab-centric class by Richard Bejtlich focuses on collection, detection, escalation, and response for digital intrusions.

Is your network safe from intruders? Do you know how to find out? Do you know what to do when you learn the truth? If you need answers to these questions, TCP/IP Weapons School 2.0 (TWS2) is the Black Hat course for you. This vendor-neutral, open source software-friendly, reality-driven two-day event will teach students the investigative mindset not found in classes that focus solely on tools. TWS2 is hands-on, lab-centric, and grounded in the latest strategies and tactics that work against adversaries like organized criminals, opportunistic intruders, and advanced persistent threats.


Registration is now open. Black Hat set the four price points and deadlines for registration:

  1. Early: Ends Jan 1

  2. Regular: Ends Feb 1

  3. Late: Ends Feb 11

  4. Onsite: Feb 16


Please join me in the DC area next year for TCP/IP Weapons School 2.0. If you've attended previous classes, even TCP/IP Weapons School, the new class is brand new and you're definitely welcome back. Thank you.

Securix-NSM 1.0 Released

Yesterday I read A successor is born... Securix-NSM 1.0. Securix-NSM is a Debian-based live CD that is the fastest way I've ever seen for a new user to try Sguil. All you have to do is download the 280 MB .iso, boot it, and follow the quick start documentation.

Those steps are basically:

  1. Open a terminal.

  2. Execute 'sudo nsm start'.

  3. Double-click on the Sguil client icon.

  4. Log into Sguil.



To test Sguil, I executed 'apt-get install lynx' then visited www.testmyids.com. In the screenshot you'll see the default Sguil installation generated two alerts. I was able to generate a transcript and launch Wireshark. However, SANCP session records did not appear to be inserted into the database although SANCP was running.

I suggest trying Securix-NSM if you'd like to try using Sguil but have no experience setting it up.

Daemonic Dispatches Musings from Colin Percival
Tarsnap public beta

Tarsnap is an implementation of my idea of a perfect online backup service. After many months in private beta testing, tarsnap is now publicly available for BSD, Linux, and other UNIX-like operating systems.



Wuala's improved security

Last year I wrote about the
poorsecurity of the Wuala online storage and file-sharing startup. Over the following eight months, the people at Wuala made significant improvements, and four months ago Dominik Grolimund asked me to update my blog concerning their now-improved security. Unfortunately bronchitis and and wrist pain delayed this substantially; but here's my belated reassessment of Wuala's security: Much better, but still lacking in some respects.



FreeBSD on EC2

FreeBSD doesn't run on Amazon's
Elastic Compute Cloud service right now. I want to change this. I need to talk to other wannabe FreeBSD-on-EC2 users. If this describes you, please contact me.

Hacking the Amazon S3 SLA

The
Simple Storage Service (S3) provided by Amazon comes with a Service Level Agreement: If the Monthly Uptime Percentage is between 99% and 99.9%, you get a 10% refund; if the Monthly Uptime Percentage is below 99%, you get a 25% refund. The Monthly Uptime Percentage is computed in a fairly straightforward manner: Divide the month into 5-minute intervals and compute the Error Rate (failed requests divided by total requests, treating 0/0 as 0) for each interval; compute the average Error Rate over all the 5-minute intervals in the month; and subtract this value from 100%.

If the probability of a request failing during the n th 5-minute interval is p(n), and the number of requests issued during the n th interval is determined solely by p(n), the expected value of the Monthly Uptime Percentage is 100% minus the average value of p(n) over all the intervals; put another way, you can't cheat by waiting for a high p(n) and then quickly running up the failure count by issuing lots and lots of requests. However, this uncheatability applies only if the number of requests issued is independent of the success or failure of individual requests; if we can see whether one request succeeded before issuing the next one, we can cheat the SLA -- quite extravagently, in fact.



Canadian election results trivia.

After the last Canadian federal election, I posted here with some
election results trivia; since Elections Canada has again helpfully provided the (preliminary) results in CSV format, I've now done the same for the 40th Canadian federal election:



Canadian Federal election polling

In December 2005, during the last Canadian federal election, I wrote about the discrepancies between polls and how they could be partly explained by
different notions of what the population of Quebec was. In the 2008 election, there are even larger polling discrepancies -- on October 6th, Nanos reported 6% support for the Green party while Harris-Decima reported 13% support; and once again, certain pollsters consistently disagree with their colleagues.



UBC Election Stock Market

On September 8th, I invested $25 into the
Election Stock Market being run by the University of British Columbia for the 2008 Canadian Federal election. When the market closed, at 10PM PDT on Monday evening, I had increased that to $88.70 (I decided to end up with a cash-only position).



Upcoming posts

I've had a lousy summer. First I got bronchitis; then as I was recovering from that, my wrists started hurting. Since I know several people who ended up effectively unable to work due to wrist pain, I took this as a sign that I should cut down on the amount of typing I did -- and posting here was one of the first things I cut. An ergonomic keyboard, two wrist braces, and many weeks later, I think my wrists are improving (but they might get worse again -- I thought they were improving last week, and the week before last, too), so I wanted to give a quick preview of some of the things I expect to be writing about in the next few weeks... wrists permitting, of course.



High performance single-threaded access to SimpleDB

Last month, Amazon published a
code sample which demonstrated the use of SimpleDB as a repository for S3 object metadata. This code sample would probably have gone almost completely unnoticed if it were not for one detail: Using a pool of 34 threads in Java, the code sample sustained 300 SimpleDB operations per second when running on a small EC2 instance. Only 300? We can do better than that...



Dissecting SimpleDB BoxUsage

Billing for usage of a database server which is shared between many customers is hard. You can't just measure the size of databases, since a heavily used 1 GB database is far more resource-intensive than a lightly used 100 GB database; you can't just count queries, since some queries require far more CPU time -- or disk accesses -- than others; and you can't even time how long queries take, since modern databases can handle several queries in parallel, overlapping one query's CPU time with another query's disk time. When Amazon launched their SimpleDB service, it looked like they had found a solution in BoxUsage: As the
website states,

Amazon SimpleDB measures the machine utilization of each request and charges based on the amount of machine capacity used to complete the particular request [...]
and reports back a BoxUsage value in every response returned by SimpleDB. Sadly, this "measurement" is fictitious: With the possible exception of Query requests, BoxUsage values returned by SimpleDB are entirely synthetic.



Historico FUG-BR Historico Lista FreeBSD, FUG-BR
[FUG-BR] Copiar arquivo do hospedeiro para uma jail

[FUG-BR] Copiar arquivo do hospedeiro para uma jail

Re: [FUG-BR] Copiar arquivo do hospedeiro para uma jail

Re: [FUG-BR] Copiar arquivo do hospedeiro para uma jail

[FUG-BR] problemas com SPAM

[FUG-BR] problemas com SPAM

Re: [FUG-BR] problemas com SPAM

Re: [FUG-BR] problemas com SPAM

Re: [FUG-BR] problemas com SPAM

Re: [FUG-BR] problemas com SPAM

[FUG-BR] Postfix: Manipular anexos grandes

[FUG-BR] Postfix: Manipular anexos grandes

Re: [FUG-BR] Postfix: Manipular anexos grandes

Re: [FUG-BR] Postfix: Manipular anexos grandes

Re: [FUG-BR] Postfix: Manipular anexos grandes

Re: [FUG-BR] Postfix: Manipular anexos grandes

[FUG-BR] Certificao BSD

[FUG-BR] Certificao BSD

Re: [FUG-BR] Certificao BSD

Re: [FUG-BR] Certificao BSD

Web site Grupo Brasileiro de Usuarios FreeBSD Noticias do Web site FUG-BR
Projeto FreeBSD lana Forums para suporte

O Projeto FreeBSD, finalmente após muito trabalho, tem a felicidade de anunciar a disponibilidade de um projeto FreeBSD baseado na web para discussão em forums. Temos como objetivo ampliar o suporte público aos usuários ao redor do mundo, na qual já contamos com nossas listas de discussões. Você pode se registrar e iniciar utilizando nosso serviço aqui: http://forums.FreeBSD.org (http://forums.FreeBSD.org) .

Flash 9 no Firefox 3 nativo do FreeBSD

Flash 9 para FreeBSD, finalmente! E não digo que seja necessário executar um navegador do Windows ou Linux - o Flash 9 nativo no Firefox 3. A camada de emulação do linux no FreeBSD é objeto de algumas atualizações recentes, e o FreeBSD 7.1 se tornou capaz de proporcionar suporte suficiente para funcionar com a versão 9 do Flash com Kernel Linux. Muito bom mesmo, e esperamos que ela se mantenha até a Adobe disponibilizar oficialmente suporte nativo ao FreeBSD (partindo do principio de que o boato que vem é verdadeiro). Uma pequena nota é de que isto só funcionará em plataformas AMD64 e i386.Aproveitem e leia na íntegra (http://crnl.org/blog/2008/11/01/flash-9-for-freebsd-71) com todas instruções!

Atualizando as regras do snort automaticamente.

Fernando B. Macedo nos traz mais uma boa contribuição, tratando de um dos softwares da área de segurança mais utilizados no mundo, o Snort. Saiba um pouco mais como gerenciar este poderoso software.

Fazendo backup com zfs send / zfs receive via ssh

Fiz um pequeno script pra otimizar o processo de backup e manutenção de snapshots em sistema de arquivos zfs, espero que seja útil.

PHP-Weathermap integrado no Centreon com FreeBSD

O Weathermap (http://www.network-weathermap.com/ (http://www.network-weathermap.com/) ) é uma ferramenta muito boa para melhorar a visualização do estado de uso e monitoramento de links em um ambiente onde são monitorados vários hosts e a comunicação entre eles. Neste texto simples eu dou uma mão na roda na hora de instalar o modulo do php-weathermap no Centreon.O modulo do php-weathermap foi otimizada para ser instalado em um SO Linux, então precisei efetuar algumas alterações nos scripts de instalação.Tudo isso esta no meu wiki que pode ser acessado nesse endereço: http://luizgustavo.pro.br/doku.php?id=artigos_centreon:instalacao_phpweathermap (http://luizgustavo.pro.br/doku.php?id=artigos_centreon:instalacao_phpweathermap%20)

FreeBSD 7.1-BETA2 j disponvel para testes

Como próximo passo para o ciclo da release do FreeBSD 7.1, o FreeBSD 7.1-BETA2 está agora disponível para testes. Uma nota foi publicada junto desta release para os usuários que contém drivers Intel NICs que tiveram 3 PCI IDs modificados de nome para igb(4),que pode ser visto na entrada 20080811 do src/UPDATING.Baixe já a ISO desta versão em:ftp://ftp.freebsd.org/pub/FreeBSD/releases/$/ISO-IMAGES/7.1/ (ftp://ftp.freebsd.org/pub/FreeBSD/releases/$%7Barch%7D/ISO-IMAGES/7.1/)Veja o anúncio oficial em:http://lists.freebsd.org/pipermail/freebsd-stable/2008-October/046037.html (http://lists.freebsd.org/pipermail/freebsd-stable/2008-October/046037.html)

Instalao Cacti + Plugins no FreeBSD 7.0

Neste artigo, Marcio Seiji tenta de forma objetiva nos mostrar a facilidade da implementacão do Cacti com alguns plugins adicionais, utilizando-se do ports do FreeBSD. Ao mesmo tempo que ele detalha todo o processo, ele reune vários pontos que poderiam ser dificuldades em uma implementacão padrão.

PCBSD 7.0.1 disponvel para download

Nesta terça-feira foi lançado o PCBSD 7.0.1 (fibonacci), e como grande novidade é sua versão também disponível para arquitetura 64-bits, abaixo mostro as principais novidades:Versão para amd64;Escrita em partições NTFS;Atualização para o KDE 4.1.2;Plugin Flash 9 (linux) como padrão;Melhoras no suporte WIFI;Bugs consertados no System Updater. Faça o download (http://www.pcbsd.org/content/view/21/11/), e não deixe de ver o Changelog (http://www.pcbsd.org/content/view/79/30/) .

Configurando o Nagios

Nagios (R) é um sistema de monitoramento de rede e de aplicação. Ele vigia hosts e serviços que você especificar, alertando você quando as coisas correm mal. Diego Queiroz nos contribui com um ótimo tutorial para configurar este serviço muito utilizado pelos administradores de redes.

Redundncia de Link com FreeBSD + carp + ifstated

Tiago Ribeiro nos trás um artigo de como preparar uma redundância de links, onde visa obter uma alta disponibilidade do link, em caso de algum problema com um ou mais links existentes. Utilizando uma das combinações mais conhecidas para esta ação, ele nos mostra de forma prática e rápida como fazer.

Web site Grupo Brasileiro de Usuarios FreeBSD Noticias do Web site FUG-BR
Projeto FreeBSD lana Forums para suporte

O Projeto FreeBSD, finalmente após muito trabalho, tem a felicidade de anunciar a disponibilidade de um projeto FreeBSD baseado na web para discussão em forums. Temos como objetivo ampliar o suporte público aos usuários ao redor do mundo, na qual já contamos com nossas listas de discussões. Você pode se registrar e iniciar utilizando nosso serviço aqui: http://forums.FreeBSD.org (http://forums.FreeBSD.org) .

Flash 9 no Firefox 3 nativo do FreeBSD

Flash 9 para FreeBSD, finalmente! E não digo que seja necessário executar um navegador do Windows ou Linux - o Flash 9 nativo no Firefox 3. A camada de emulação do linux no FreeBSD é objeto de algumas atualizações recentes, e o FreeBSD 7.1 se tornou capaz de proporcionar suporte suficiente para funcionar com a versão 9 do Flash com Kernel Linux. Muito bom mesmo, e esperamos que ela se mantenha até a Adobe disponibilizar oficialmente suporte nativo ao FreeBSD (partindo do principio de que o boato que vem é verdadeiro). Uma pequena nota é de que isto só funcionará em plataformas AMD64 e i386.Aproveitem e leia na íntegra (http://crnl.org/blog/2008/11/01/flash-9-for-freebsd-71) com todas instruções!

Atualizando as regras do snort automaticamente.

Fernando B. Macedo nos traz mais uma boa contribuição, tratando de um dos softwares da área de segurança mais utilizados no mundo, o Snort. Saiba um pouco mais como gerenciar este poderoso software.

Fazendo backup com zfs send / zfs receive via ssh

Fiz um pequeno script pra otimizar o processo de backup e manutenção de snapshots em sistema de arquivos zfs, espero que seja útil.

PHP-Weathermap integrado no Centreon com FreeBSD

O Weathermap (http://www.network-weathermap.com/ (http://www.network-weathermap.com/) ) é uma ferramenta muito boa para melhorar a visualização do estado de uso e monitoramento de links em um ambiente onde são monitorados vários hosts e a comunicação entre eles. Neste texto simples eu dou uma mão na roda na hora de instalar o modulo do php-weathermap no Centreon.O modulo do php-weathermap foi otimizada para ser instalado em um SO Linux, então precisei efetuar algumas alterações nos scripts de instalação.Tudo isso esta no meu wiki que pode ser acessado nesse endereço: http://luizgustavo.pro.br/doku.php?id=artigos_centreon:instalacao_phpweathermap (http://luizgustavo.pro.br/doku.php?id=artigos_centreon:instalacao_phpweathermap%20)

FreeBSD 7.1-BETA2 j disponvel para testes

Como próximo passo para o ciclo da release do FreeBSD 7.1, o FreeBSD 7.1-BETA2 está agora disponível para testes. Uma nota foi publicada junto desta release para os usuários que contém drivers Intel NICs que tiveram 3 PCI IDs modificados de nome para igb(4),que pode ser visto na entrada 20080811 do src/UPDATING.Baixe já a ISO desta versão em:ftp://ftp.freebsd.org/pub/FreeBSD/releases/$/ISO-IMAGES/7.1/ (ftp://ftp.freebsd.org/pub/FreeBSD/releases/$%7Barch%7D/ISO-IMAGES/7.1/)Veja o anúncio oficial em:http://lists.freebsd.org/pipermail/freebsd-stable/2008-October/046037.html (http://lists.freebsd.org/pipermail/freebsd-stable/2008-October/046037.html)

Instalao Cacti + Plugins no FreeBSD 7.0

Neste artigo, Marcio Seiji tenta de forma objetiva nos mostrar a facilidade da implementacão do Cacti com alguns plugins adicionais, utilizando-se do ports do FreeBSD. Ao mesmo tempo que ele detalha todo o processo, ele reune vários pontos que poderiam ser dificuldades em uma implementacão padrão.

PCBSD 7.0.1 disponvel para download

Nesta terça-feira foi lançado o PCBSD 7.0.1 (fibonacci), e como grande novidade é sua versão também disponível para arquitetura 64-bits, abaixo mostro as principais novidades:Versão para amd64;Escrita em partições NTFS;Atualização para o KDE 4.1.2;Plugin Flash 9 (linux) como padrão;Melhoras no suporte WIFI;Bugs consertados no System Updater. Faça o download (http://www.pcbsd.org/content/view/21/11/), e não deixe de ver o Changelog (http://www.pcbsd.org/content/view/79/30/) .

Configurando o Nagios

Nagios (R) é um sistema de monitoramento de rede e de aplicação. Ele vigia hosts e serviços que você especificar, alertando você quando as coisas correm mal. Diego Queiroz nos contribui com um ótimo tutorial para configurar este serviço muito utilizado pelos administradores de redes.

Redundncia de Link com FreeBSD + carp + ifstated

Tiago Ribeiro nos trás um artigo de como preparar uma redundância de links, onde visa obter uma alta disponibilidade do link, em caso de algum problema com um ou mais links existentes. Utilizando uma das combinações mais conhecidas para esta ação, ele nos mostra de forma prática e rápida como fazer.

Web site Grupo Brasileiro de Usuarios FreeBSD Noticias do Web site FUG-BR
Projeto FreeBSD lana Forums para suporte

O Projeto FreeBSD, finalmente após muito trabalho, tem a felicidade de anunciar a disponibilidade de um projeto FreeBSD baseado na web para discussão em forums. Temos como objetivo ampliar o suporte público aos usuários ao redor do mundo, na qual já contamos com nossas listas de discussões. Você pode se registrar e iniciar utilizando nosso serviço aqui: http://forums.FreeBSD.org (http://forums.FreeBSD.org) .

Flash 9 no Firefox 3 nativo do FreeBSD

Flash 9 para FreeBSD, finalmente! E não digo que seja necessário executar um navegador do Windows ou Linux - o Flash 9 nativo no Firefox 3. A camada de emulação do linux no FreeBSD é objeto de algumas atualizações recentes, e o FreeBSD 7.1 se tornou capaz de proporcionar suporte suficiente para funcionar com a versão 9 do Flash com Kernel Linux. Muito bom mesmo, e esperamos que ela se mantenha até a Adobe disponibilizar oficialmente suporte nativo ao FreeBSD (partindo do principio de que o boato que vem é verdadeiro). Uma pequena nota é de que isto só funcionará em plataformas AMD64 e i386.Aproveitem e leia na íntegra (http://crnl.org/blog/2008/11/01/flash-9-for-freebsd-71) com todas instruções!

Atualizando as regras do snort automaticamente.

Fernando B. Macedo nos traz mais uma boa contribuição, tratando de um dos softwares da área de segurança mais utilizados no mundo, o Snort. Saiba um pouco mais como gerenciar este poderoso software.

Fazendo backup com zfs send / zfs receive via ssh

Fiz um pequeno script pra otimizar o processo de backup e manutenção de snapshots em sistema de arquivos zfs, espero que seja útil.

PHP-Weathermap integrado no Centreon com FreeBSD

O Weathermap (http://www.network-weathermap.com/ (http://www.network-weathermap.com/) ) é uma ferramenta muito boa para melhorar a visualização do estado de uso e monitoramento de links em um ambiente onde são monitorados vários hosts e a comunicação entre eles. Neste texto simples eu dou uma mão na roda na hora de instalar o modulo do php-weathermap no Centreon.O modulo do php-weathermap foi otimizada para ser instalado em um SO Linux, então precisei efetuar algumas alterações nos scripts de instalação.Tudo isso esta no meu wiki que pode ser acessado nesse endereço: http://luizgustavo.pro.br/doku.php?id=artigos_centreon:instalacao_phpweathermap (http://luizgustavo.pro.br/doku.php?id=artigos_centreon:instalacao_phpweathermap%20)

FreeBSD 7.1-BETA2 j disponvel para testes

Como próximo passo para o ciclo da release do FreeBSD 7.1, o FreeBSD 7.1-BETA2 está agora disponível para testes. Uma nota foi publicada junto desta release para os usuários que contém drivers Intel NICs que tiveram 3 PCI IDs modificados de nome para igb(4),que pode ser visto na entrada 20080811 do src/UPDATING.Baixe já a ISO desta versão em:ftp://ftp.freebsd.org/pub/FreeBSD/releases/$/ISO-IMAGES/7.1/ (ftp://ftp.freebsd.org/pub/FreeBSD/releases/$%7Barch%7D/ISO-IMAGES/7.1/)Veja o anúncio oficial em:http://lists.freebsd.org/pipermail/freebsd-stable/2008-October/046037.html (http://lists.freebsd.org/pipermail/freebsd-stable/2008-October/046037.html)

Instalao Cacti + Plugins no FreeBSD 7.0

Neste artigo, Marcio Seiji tenta de forma objetiva nos mostrar a facilidade da implementacão do Cacti com alguns plugins adicionais, utilizando-se do ports do FreeBSD. Ao mesmo tempo que ele detalha todo o processo, ele reune vários pontos que poderiam ser dificuldades em uma implementacão padrão.

PCBSD 7.0.1 disponvel para download

Nesta terça-feira foi lançado o PCBSD 7.0.1 (fibonacci), e como grande novidade é sua versão também disponível para arquitetura 64-bits, abaixo mostro as principais novidades:Versão para amd64;Escrita em partições NTFS;Atualização para o KDE 4.1.2;Plugin Flash 9 (linux) como padrão;Melhoras no suporte WIFI;Bugs consertados no System Updater. Faça o download (http://www.pcbsd.org/content/view/21/11/), e não deixe de ver o Changelog (http://www.pcbsd.org/content/view/79/30/) .

Configurando o Nagios

Nagios (R) é um sistema de monitoramento de rede e de aplicação. Ele vigia hosts e serviços que você especificar, alertando você quando as coisas correm mal. Diego Queiroz nos contribui com um ótimo tutorial para configurar este serviço muito utilizado pelos administradores de redes.

Redundncia de Link com FreeBSD + carp + ifstated

Tiago Ribeiro nos trás um artigo de como preparar uma redundância de links, onde visa obter uma alta disponibilidade do link, em caso de algum problema com um ou mais links existentes. Utilizando uma das combinações mais conhecidas para esta ação, ele nos mostra de forma prática e rápida como fazer.

FreeBSD VuXML Documenting security issues in FreeBSD and the FreeBSD Ports Collection
dovecot -- ACL plugin bypass vulnerabilities



libxml2 -- multiple vulnerabilities



openfire -- multiple vulnerabilities



enscript -- arbitrary code execution vulnerability



syslog-ng2 -- startup directory leakage in the chroot environment



gnutls -- X.509 certificate chain validation vulnerability



net-snmp -- DoS for SNMP agent via crafted GETBULK request



FreeBSD Security Advisories Security advisories published from the FreeBSD Project
FreeBSD-SA-08:10.nd6



FreeBSD-SA-08:09.icmp6



FreeBSD-SA-08:08.nmount



FreeBSD-SA-08:07.amd64



FreeBSD-SA-08:06.bind



FreeBSD-SA-08:05.openssh



FreeBSD-SA-08:04.ipsec



FreeBSD-SA-08:03.sendfile



FreeBSD-SA-08:02.libc



FreeBSD-SA-08:01.pty



FreshPorts news The place for ports
www/dojo - 1.2.2

- Updated to 1.2.2

sysutils/spindown - 0.2a

SCSI / firewire harddrive spindown daemon This is a small program for handling automated spinning down of SCSI harddrives. With SCSI devices it is not as common to spindown for power management purposes as for ATA however it might be required to spin down a disk contained in a firewire enclosure for instance. WWW: http://www.noresult.net/freebsd/spindown/ PR: ports/128581 Submitted by: Arjan van der Velde

dns/rbldnsd - 0.996b

- Update to 0.996b PR: 128146 Submitted by: Anton Yuzhaninov Approved by: maintainer timeout

mail/p5-Mail-Ezmlm - 0.08.2

- Update to 0.08.2 - Pass maintainership to submitter PR: 128762 Submitted by: Dennis Herrmann

astro/viking - 0.9.7

- Update to 0.9.7 PR: 128511 Submitted by: maintainer

math/R - 2.7.2

- pass maintainership to submitter PR: 129025 Submitted by: bf

net-mgmt/nrpe2 - 2.12

- Update to 2.12 Included in this PR is reload support requested by ports/126476 in addition to a change in the location of the PID file. I have however opted to move this file to NAGIOSDIR to reduce the number of directories created by all Nagios related ports. PR: 128409 Submitted by: Jarrod Sayers (maintainer)

www/rubygem-sinatra - 0.3.0

Sinatra is a DSL for quickly creating web-applications in Ruby with minimal effort. It sits on top of Rack, a minimal standard interface for Ruby web frameworks. For templating, the choices include erb, haml, sass and Builder. WWW: http://github.com/bmizerany/sinatra PR: ports/128551 Submitted by: Daniel Roethlisberger

devel/trio - 1.13

- Update to 1.13 - Pass maintainership to submitter PR: 128756 Submitted by: Dennis Herrmann

graphics/mapnik - 0.5.1

Mapnik is a Free Toolkit for developing mapping applications. It's written in C++ and there are Python bindings to facilitate fast-paced agile development. It can comfortably be used for both desktop and web development, which was something wanted from the beginning. Mapnik is about making beautiful maps. It uses the AGG library and offers world class anti-aliasing rendering with subpixel accuracy for geographic data. It is written from scratch in modern C++ and doesn't suffer from design decisions made a decade ago. When it comes to handling common software tasks such as memory management, filesystem access, regular expressions, parsing and so on, Mapnik doesn't re-invent the wheel, but utilizes best of breed industry standard libraries from boost.org. WWW: http://www.mapnik.org/ PR: ports/128746 Submitted by: Wen Heping

sysutils/xfburn - 0.3.91

Xfburn is a simple CD/DVD burning tool based on libburnia libraries. It can blank CD/DVD-RWs, burn and create iso images, as well as burn personal compositions of data to either CD or DVD. It Is currently under heavy development. WWW: http://www.xfce.org/projects/xfburn/ PR: ports/128793 Submitted by: J.R. Oldroyd

java/phpeclipse - 1.2.1

- Update to 1.2.1 - Update maintainer mail adress PR: 128780 Submitted by: Dominic Fandrey

net/smb4k - 0.9.9

- Update to 0.9.9 (latest KDE3-compatible version update) PR: 128704 Submitted by: "Rashid N. \"Citycat\" Achilov" (maintainer)

devel/p5-Test-WWW-Mechanize-CGIApp - 0.05

Test::WWW::Mechanize is a subclass of WWW::Mechanize that incorporates features for web application testing. The Test::WWW::Mechanize::Catalyst module meshes the two to allow easy testing of Catalyst applications without starting up a web server. Testing web applications has always been a bit tricky, normally starting a web server for your application and making real HTTP requests to it. This module allows you to test Catalyst web applications but does not start a server or issue HTTP requests. Instead, it passes the HTTP request object directly to Catalyst. Thus you do not need to use a real hostname: "http://localhost/" will do. WWW: http://search.cpan.org/dist/Test-WWW-Mechanize-Catalyst/ PR: ports/129004 Submitted by: George Hartzell

Notícias RNP Últimas notícias da Rede Nacional de Ensino e Pesquisa
Sem ttulo



lanado o Projeto de Atualizao do Portal da Capes



Internet acadmica brasileira nos rumos da certificao digital

RNP lana as bases para a Infra-Estrutura de Chaves Pblicas para Ensino e Pesquisa

Intercmbio de contedo entre TVs pblicas est disponvel

Projeto RITVp comea 2 fase em maro de 2009, com mais 16 emissoras

Seminrio debate novas tecnologias na UAB



Alertas do CAIS
Resumo dos Boletins de Segurana Microsoft - Novembro 2008

Microsoft Security Bulletin Summary for November 2008

Vulnerabilidade Crtica no Microsoft Windows

Microsoft Security Bulletin MS08-067

Resumo dos Boletins de Segurana Microsoft - Outubro 2008

Microsoft Security Bulletin Summary for October 2008

CAIS Resumo - julho a setembro de 2008

Alertas, vulnerabilidades e incidentes de segurana 20081013

Alteraes de configurao necessrias para o Horrio de Vero 2008/2009

Alerta do CAIS 20081003

[www.MyFreeBSD.com.br] [www.MyFreeBSD.com.br]
Freebsd 7 Xen support

FreeBSD 7.0 ter suporte ao XEN3_DOMU.

Aberto treinamento de capacitao tcnica

A Comunidade Tecnocincia em conjunto com o Jornal QTC de tecnologia e radioamadorismo abriu inscries para o grupo de estudo sobre tecnologia.

Postagem de trabalhos acadmicos

A Comunidade Tecnocincia abriu postagem de trabalhos acadmicos para compartilhamento de informaes universitrias. Para publicar seu trabalho de concluso ou demais atividades envie para suporte@tecnociencia.jor.br

Palestra em Porto Alegre:

O Laboratrio de Pesquisa e Desenvolvimento de HP Brasil, em Porto Alegre, promover no dia 22 de junho, sexta-feira, a apresentao da palestra "HP and Free/Open Source Software". Essa palestra versar sobre a adoo de software livre pela empresa e sobre a contribuio da HP para com projetos de cdigo aberto, em mbito mundial.

FreeBSD 6.2 RELEASE

O grupo de Engenharia de Release orgulhosamente apresenta o FreeBSD 6.2-RELEASE. Nesta verso cotinua o desenvolvimento do ramo 6-STABLE proporcionando melhorias de performance e estabilidade, assim como diversas correes e algumas novidades.

Oportunidade para Administrador de Sendmail

Oportunidade de trabalho oferecida.

Fruns do MyFreeBSD agora com posts e respostas autenticadas

Estamos tendo muito trabalho com a manuteno dos fruns devido a posts de propaganda e spam em geral. Devemos ser mais populares do que antes, mas isso tambm tem seus inconvenientes para o dia-a-dia dos fruns.


Lanado o FreeBSD 6.1-RELEASE

Foi lanado entre domingo e segunda-feira passada a nova verso do FreeBSD, a 6.1-RELEASE, j com as imagens de CD disponveis para download. Veja o texto do anncio original traduzido.

I Encontro de Usurios de OpenBSD

o primeiro encontro de usurios de OpenBSD em So Paulo, o informe foi de Rafael Floriano Sousa Sales.

Review: Mailrep, uma ferramenta para anlise de logs de email no FreeBSD

Nosso amigo Araujo postou este review da ferramenta de relatrios para logs de email mailrep. Conforme menciona, em breve estar disponvel na rvore de ports do FreeBSD.

BR-Linux.org Linux levado a sério desde 1996
Entendendo os celulares Made in China, por Carlos Morimoto



Rhythmbox: o player simples do GNOME



E-book gratuito (em ingls) sobre CSS



Configurando o iPhone no Ubuntu



RMVB em cdigo aberto



Mozilla credita 91% de seu faturamento em 2007 a acordo com o Google

Outro nmero interessante que, apesar do crescimento do nmero de empregados, 40% do cdigo continuou vindo de pessoas que no trabalham para a Mozilla. O faturamento da fundao Mozilla subiu 13% em 2007 em comparao com o ano anterior. A receita da empresa foi de 75,1 milhes de dlares no ano passado, com a maior [...]

Soluo para Prefeituras ser Destaque no Free Software Rio 2008



Comandos para obter dados de hardware no Linux



R$ 51 milhes: Amazonas comea a ter Wi-Fi gratuito em 90 dias

Dentro de trs meses, o Estado do Amazonas comea a implementar um projeto que vai garantir acesso pblico gratuito internet sem fio em todos os municpios do interior. A fornecedora Hughes, que ganhou um contrato com a Prodam (Empresa de Processamento de Dados do Estado do Amazonas), vai implementar o acesso sem fio em quatro [...]

5 dicas para aperfeioar sua instalao do Mandriva 2009



Projeto Software Livre Brasil Projeto Software Livre Brasil
Metas da Mozilla para 2010

Nesta quinta-feira, dia 20 de novembro, s 21:00h no Auditrio ICM USP em So Carlos acontecer a sesso interativa Mozilla 2010 Goals. O objetivo da reunio contribuir para a definio das metas para os prximos 2 anos do projeto Mozilla, ou seja, at o fim de 2010. O ponto de partida desta iniciativa foi a seguinte pergunta colocada por Mitchell Baker em seu blog: O que a Mozilla deve fazer nos prximos dois anos com os seus

Gartner: Cdigo aberto em todas as empresas em no mximo 12 meses

Levantamento do instituto aponta que 85% das empresas j so usurias de software open source e os 15% restantes vo adotar em 2009. Uma nova pesquisa do Gartner mostrou o ritmo de adoo do software de cdigo aberto no ambiente empresarial. Segundo os dados do instituto, 85% das empresas esto usando cdigo aberto e os 15% restantes devem adotar a tecnologia em um ano.

(Des)conferncia pela colaborao

Como as novas mdias ajudaram no surgimento de formas colaborativas de produo de contedo e como a formao de rede de redes fortalece a articulao entres os midialivristas A quinta desconferncia - Mdias Colaborativas, Novas Mdias , do I Frum de Mdia Livre, realizada entre 14 e 15 de junho, comeou lotada em meio a uma profuso de idias. Sem uma linha muito clara do que se iria discutir ali, assuntos como TV pblica, licenas Creative Commons, Software Livre e produes

China: h vida por trs do Grande Firewall

Uma reportagem surpreendente sobre a censura internet revela: ela ao mesmo tempo onipresente e vulnervel e o consenso mais empregado que a represso, no controle da sociedade Que diferena faz o bom jornalismo. Em The connection has been reset (A conexo foi restabelecida, tambm disponvel em nosso clip), artigo publicado na edio de maro da revista norte americana TheAtlantic, o reprter James Fallows, apresenta uma interessante explanao a respeito do

Deu no BR-Linux:Delrios: Hans Reiser, assassino confesso, quer novo julgamento

Delrios: Hans Reiser, assassino confesso, quer novo julgamento - acusa advogado de defesa de conspirar contra ele, entre outras peculiaridades A Wired informa sobre a ltima de Hans Reiser, criador do ReiserFS recentemente condenado a 15 anos de priso pelo estrangulamento de sua esposa, aps fazer um acordo de reduo de pena em troca de levar os policiais ao local em que estava escondido o cadver da vtima do crime, a 1km de sua residncia, e confessar t-la estrangulado aps uma brig...

Veja as novidades no seu Gmail

* Incremente sua caixa de entrada com os Temas do Gmail Escolha entre mais de 30 opes, do cinza minimalista s paisagens dinmicas de montanhas, para personalizar a aparncia da sua conta do Gmail. Para comear, confira a guia Temas em Configuraes.

Brasil se torna o segundo pas em acesso a redes sociais

O Brasil ultrapassou o Reino Unido e se tornou neste ano o segundo pas em acessos a redes sociais no mundo. De acordo com dados da consultoria comScore, o Brasil fica atrs apenas do Canad, em termos percentuais, levando em conta os pases com mais de 10 milhes de usurios mensais de internet.

Open-source cada vez mais popular entre empresas

A grande maioria das empresas na sia, Europa e Amrica do Norte (85%) usa actualmente software livre e as poucas organizaes que ainda no recorrem ao open-source pensam faze-lo nos prximos 12 meses, revela uma anlise recente da Gartner. A pesquisa ouviu 274 organizaes de todos os portes na Europa, Amrica do Norte e sia/Pacfico.

Prefeitura Municipal de Vitria avana no uso do SL e lana VIX LINUX, desenvolvido pela Flux

No dia 27 de novembro, ser lanada oficialmente a distribuio VIX LINUX, mais que uma personalizao do sistema Debian Lenny, a nova distro rica em aplicativos educacionais e consolida o projeto do uso do computador como ferramenta educacional.

Aberta a Teia Braslia 2008

No sbado (15/11), SPM media roda de prosa sobre cultura, gnero, raa, etnia, orientao sexual na Tenda da Juventude Honestino Guimares, instalada no Complexo Cultural da Repblica Diferentes pontos de vista, diversidade de pensamentos e manifestaes culturais. Essa a tnica da Teia Braslia 2008, cuja abertura oficial ser hoje (13/11), s 19h, em Braslia. A ministra Nilca Freire, da Secretaria Especial de Polticas para as Mulheres (SPM), participa da solenidade,

FreeBSD Project News News from the FreeBSD Project
Commit bit restored: Peter Holm (src)



Official FreeBSD Forums Launched



July - September, 2008 Status Reports



New committer: Ren Ladan (doc-nl)



FreeBSD 6.4-RC2 Available



New committer: Konrad Jankowski (src) - SoC2008 alumnus.



FreeBSD 7.1-BETA2 Available



FreeBSD 6.4-RC1 Available



New committer: Lawrence Stewart (src)



Summer of Code Projects Completed



OpenBSD Journal The OpenBSD Community.
Damien Miller (djm@) Responds to Plaintext Recovery Attack Against SSH

Damien Miller (djm@) issued the following advisory regarding the recent attack against SSH:

OpenSSH Security Advisory: cbc.adv

Regarding the "Plaintext Recovery Attack Against SSH" reported as CPNI-957037:

The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary information, we are unable to properly assess its impact.

Read more...

Request for testing: Ethernet driver cleanup

Brad Smith (brad@) sent
a big diff to tech@ that needs testing:

The following diff is the next step of some further cleaning of the Ethernet ioctl handling code in the Ethernet drivers. This takes advantage of the addition of MTU and multicast handling to ether_ioctl() so some some duplicate code can be removed from the individual drivers and simplifies things a bit.

This needs testing with pretty much every NIC supported. Please send me a dmesg with whatever you are able to test.

This mainly affects multicast handling which is used by things such as IPv6, CARP and OSPF.

If you use networking, please test this diff! Yes, this means you!

Multi-channel multi stream improvements to aucat

Alexandre Ratchov and Jacob Meuser had an interesting e-mail exchange recently:
From: Jacob Meuser
Date: Sun, Nov 16, 2008 at 6:17 PM
Subject: Re: CVS: cvs.openbsd.org: src
To: source-changes@

On Sun, Nov 16, 2008 at 01:44:03PM -0700, Alexandre Ratchov wrote:
> CVSROOT: /cvs
> Module name: src
> Changes by: ratchov@ 2008/11/16 13:44:03
>
> Modified files:
> usr.bin/aucat : aucat.1 aucat.c listen.c sock.c
>
> Log message:
> allow aucat to listen on multiple sockets. Each socket carries its
> channel and volume settings allowing multiple configuration to
> coexist. Mostly useful for envy(4)-like devices, but can be used
> to force different apps to use different settings.

OMG! that's the coolest thing ever! thank you thank you thank you