FreeBSD – Page 2 – WindowsTechs.com

Is native OpenZFS (on FreeBSD) block-level encryption secure?

Posted on December 22, 2020 by Ivanov

I am considering using OpenZFS on FreeBSD. I am not quite sure how secure native OpenZFS encryption is? If somebody steals my server and the disks, is he able to decrypt the files?
In a Discord room I found a possible answer:

Native ZFS e… Continue reading Is native OpenZFS (on FreeBSD) block-level encryption secure?→

LFI to RCE through User-Agent

Posted on June 24, 2020 by mat80n2012 cerqueira

I’m doing a pentest on a FreeBSD machine running CuppaCMS. Already managed to login into the CMS with admin privilege, but it only takes me to a manager menu, with some options to change some tables and stuff like that, no RCE visible esca… Continue reading LFI to RCE through User-Agent→

New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows

Posted on May 28, 2020 by Zeljka Zorz

With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating systems. “USBFuzz discovered a total of 26 new bugs, including 16 memo… Continue reading New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows→

What challenges will I face if I install Pfsense on my home router?

Posted on May 7, 2020 by Dequavis

In my cybersecurity course, we installed a lab in VirtualBox with Pfsense (Bridged Adapter) and several other VMs (Connected to Pfsense’s internal network adapters). It was a success.

My question is, what challenges will I face if I do th… Continue reading What challenges will I face if I install Pfsense on my home router?→

Do BSD jails protect against some vulnerability class that LXC doesn’t?

Posted on April 14, 2020 by viraptor

You can find many claims online regarding BSD jails being “better” in some way than Linux namespaces for containment, but they typically lack technical details.
From what I understand, the attack surface is pretty much equivalent (shared … Continue reading Do BSD jails protect against some vulnerability class that LXC doesn’t?→

Severe Auth Bypass and Priv-Esc Vulnerabilities Disclosed in OpenBSD

Posted on December 5, 2019 by Unknown

OpenBSD, an open-source operating system built with security in mind, has been found vulnerable to four new high-severity security vulnerabilities, one of which is an old-school type authentication bypass vulnerability in BSD Auth framework.

The other… Continue reading Severe Auth Bypass and Priv-Esc Vulnerabilities Disclosed in OpenBSD→

Linux users warned to update libarchive to beat flaw

Posted on November 7, 2019 by John E Dunn

The bug is identified as CVE-2019-18408, a high-priority ‘use-after-free’ bug when dealing with a failed archive. Continue reading Linux users warned to update libarchive to beat flaw→

Tightly locking down a FreeBSD jail

Posted on October 22, 2019 by Stilez

Suppose one is running a single internet-facing daemon, as a service in a FreeBSD jail, and expects targeted hostile attacks targeting open WAN ports and services.

Like many services, the service and indeed its jail don’t ne… Continue reading Tightly locking down a FreeBSD jail→

UNIX Co-Founder Ken Thompson’s BSD Password Has Finally Been Cracked

Posted on October 11, 2019 by Unknown

A 39-year-old password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that belongs to a BSD-based system, one of the original versions of UNIX, which was back then used by various computer science pioneers…. Continue reading UNIX Co-Founder Ken Thompson’s BSD Password Has Finally Been Cracked→

Netflix researcher spots TCP SACK flaws in Linux and FreeBSD

Posted on June 19, 2019 by John E Dunn

Three vulnerabilities in the FreeBSD and Linux kernels could allow attackers to induce a denial-of-service by clogging networking I/O. Continue reading Netflix researcher spots TCP SACK flaws in Linux and FreeBSD→