Reverse Takeover | BSD Now 52

Reverse Takeover | BSD Now 52

Coming up this week, we’ll be chatting with Shawn Webb about his recent work with ASLR and PIE in FreeBSD.

After that, we’ll be showing you how you can create a reverse SSH tunnel to a system behind a firewall… how sneaky. Answers to your emails plus the latest news, on BSD Now, the place to B.. SD.

Thanks to:



Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –


FreeBSD foundation August update

  • The foundation has published a new PDF detailing some of their recent activities
  • It includes project development updates, the 10.1-RELEASE schedule and some of its new features
  • There is also a short interview with Dru Lavigne in the “voices from the community” section
  • If you’re into hardware, there’s another section about some new FreeBSD server equipment
  • In closing, there’s an update on funding too

NSD for an authoritative nameserver

  • With BIND having been removed from FreeBSD 10.0, you might be looking to replace your old DNS setup
  • This article shows how to use NSD for an authoritative DNS nameserver
  • It’s also got a link to a similar article on Unbound, the new favorite recursive and caching resolver (they work great together)
  • All the instructions are presented very neatly, with all the little details included
  • Less BIND means less vulnerabilities, everybody’s happy

BIND and Nginx removed from OpenBSD

  • While we’re on the topic of DNS servers, BIND was finally removed from OpenBSD as well
  • The base system contains both NSD and Unbound, so users can transition over between 5.6 (November of this year) and 5.7 (May of next year)
  • They’ve also removed nginx from the base system, in favor of the new custom HTTP daemon
  • BIND and Nginx are still available in ports if you don’t want to switch
  • We’re hoping to have Reyk Floeter on the show next week to talk about it, but scheduling might not work out, so it may be a little later on
  • With Apache gone in the upcoming 5.6, It’s also likely that sendmail will be removed before 5.7 – hooray for modern alternatives

NetBSD demo videos

  • A Japanese NetBSD developer has been uploading lots of interesting videos
  • Unsurprisingly, they’re all featuring NetBSD running on exotic and weird hardware
  • Most of them are demoing sound or running a modern Twitter client on an ancient computer
  • They’re from the same guy that did the conference wrap-up we mentioned recently

Interview – Shawn Webb – / @lattera

Address space layout randomization in FreeBSD


Reverse SSH tunneling

News Roundup

Puppet master-agent installation on FreeBSD

  • If you’ve got a lot of BSD boxes under your control, or if you’re just lazy, you’ve probably looked into Puppet before
  • The author claims a lack of BSD-specific Puppet documentation, so he decided to write up some notes of his own
  • He goes through some advantages of using this type of tool for deployments, even when you don’t have a huge number of systems
  • The rest of the post explains how to set up both the master and the agent configurations

Misc. pfSense items

  • We found a few miscellaneous pfSense articles this past week
  • The first one is about the hunt for the “ultimate” free open source firewall, where pfSense is obviously a strong contender
  • The second one shows how to log NAT firewall states
  • In the third, you can see how to automatically back up your configuration files
  • The fourth item shows how to set up PXE booting with pfSense, similar to one of our tutorials

Time Machine backups on ZFS

  • If you’ve got a Mac you need to keep backed up, a FreeBSD server with ZFS can take the place of an expensive “time capsule”
  • This post walks you through setting up netatalk and mDNS for a very versatile Time Machine backup system
  • With a single command on the OS X side, you can write to and read from the BSD box just like a regular external drive
  • Surprisingly simple to do, recommended for anyone with Macs on their network

Lumina desktop preview

  • Lumina, the BSD-exclusive desktop environment, seems to be coming along nicely
  • The main developer has posted an update on the PCBSD blog with some screenshots
  • Lots of new features have been added, many of which are documented in the post
  • There just might be a BSD Now episode about Lumina coming up.. (cough cough)


  • All the tutorials are posted in their entirety at
  • The stunnel tutorial – that’s right, our very first one – got some updates and fixes
  • Send all your BSD-related questions, comments, show ideas/topics, or stories you want mentioned on the show to
  • We’d really love to feature more articles from the viewers – be it about one of the main BSDs or something like pfSense/FreeNAS – send us anything cool you write (or find)
  • Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)
  • Next week is something special… we’ll just leave it at that

Question? Comments? Contact us here!