FreeBSD includes software from the OpenSSL project. A flaw in the OpenSSL handling of OCSP response verification could be exploited,to cause a denial of service attack.

The original topic from Security Advisory can be checked here.

It explains the problem and how to fix the source code of your current installation.

I used the second solution which is “To update your vulnerable system via a source code patch:” a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.

1
2
3
4
5
6
7
8
9

[FreeBSD 8.3 and 9.0]
# fetch http://security.FreeBSD.org/patches/SA-13:03/openssl.patch
# fetch http://security.FreeBSD.org/patches/SA-13:03/openssl.patch.asc
# gpg --verify openssl.patch.asc

[FreeBSD 9.1]
# fetch http://security.FreeBSD.org/patches/SA-13:03/openssl-9.1.patch
# fetch http://security.FreeBSD.org/patches/SA-13:03/openssl-9.1.patch.asc
# gpg --verify openssl-9.1.patch.asc

I’m using RELEASE-9.0 at the time of this writing, so I used the first method.

If you don’t have PGP installed yet, you will have to get GNUPG using the following commands,

1
2
3
4
5
6

# portmaster security/gnupg


[not using portmaster?]
# cd /usr/ports/security/gnupg
# make install clean

You also need to download the Security Officer PGP Key and import it.

1
2

# fetch http://www.freebsd.org/security/so_public_key.asc
# gpg --import so_public_key.asc

Now you have the Security Advisor publick key installed, you can go ahead and verify the downloaded patch using the gpg —verify command,

You made it that far, now apply the patch (in my case it was located in my home directory), b) Execute the following commands as root:

1
2

# cd /usr/src
# patch < /home/draco/openssl.patch

Then buildworld and installworld (for more info consult the Handbook)

This will take a while, so go pray or read a book =)

1
2
3

# cd /usr/src
# make buildworld
# make installworld

Now you need to restart your machine,

1

# shutdown -r now

That’s all folks.

P.S Consult the original topic: http://www.freebsd.org/security/advisories/FreeBSD-SA-13:03.openssl.asc

Ever wondered how the surface area of an irregular polygon is calculated?

Perhaps you wanted to determine the area enclosed by specific coordinates on a Google Map or OSM?

We are going to write a python script using Green’s Theorem to calculate the area of an irregular polygon using coordinates of the points.

Green’s theorem is used in area surveying to determine the area and centroid of plane figures by integrating over the perimeter. The area can be computed using this formula:

where C is a closed contour or curve that defines the boundary of the region D, and A is the area of the region D.

We will discuss Green’s Theorem in a later article, but for now we are focusing on this specific application of Area.

SSH keys enable you to access a remote machine using ssh protocol using your public/private ssh keys combination.

You can choose not to apply a password, and thus access the machine directly, or you can add more security to the keys and apply a password.

The following command generates a pair of ssh authentication keys for your machine

1

% ssh-keygen -t rsa

The default keys will be created under your home directory in the .ssh directory, id_rsa and id_rsa.pub

id_rsa: This is your private key, keep it safe and never share it with anyone. It should not be readable by anyone.

id_rsa.pub: This is your public key, you share it with the server or service you want to authenticate against.

You will also need to apply the following permissions to the keys and the .ssh directory,

1
2

% chmod 700 ~/.ssh
% chmod 600 ~/.ssh/id_rsa

To add your keys to a remote server just copy the id_rsa.pub file to that server and add it to the authorized_keys file,

also don’t forget to fix the permissions.

1
2
3

[on remote server]
% cat id_rsa.pub >> ~/.ssh/authorized_keys
% chmod 700 ~/.ssh

It’s always a good practice to add a password to your keys.

Mind mapping is something robust, it helps in visualizing what’s in your mind on a piece of paper, you don’t need lots of papers and paragraphs to scroll down to infinity in order to describe a project or a task that is made up of multiple sub-tasks, this is where the mind map comes in.

Center your main topic, or project title in the middle of the paper and start branching up every simple detail of the other sub-tasks. However complex it’s made up of simple fragments right?

As a proud Linux user I got my self the Freeplane mind mapping software, it’s amazing. There are other ones out there but I like this one. it’s simple, robust, can export to multiple formats, and makes the whole process very easy.

Secure Shell (SSH) is a network protocol that allows data to be exchanged over a secure channel between two computers.

SSH is typically used to log into a remote machine and execute commands, it also supports tunneling and we can transfer files using the scp protocol.

Change the default port on which SSH listens for incoming connections.

I’ll be using port number 22644 for this example, so I’ll add the following lines to the /etc/rc.conf file

1
2

sshd_enable="YES"
sshd_flags="-p 22644"

Disable root user login, and use SSH Protocol 2.

Edit and uncomment (as necessary) the following lines in the /etc/ssh/sshd_config file

1
2
3

Port 22644
Protocol 2
PermitRootLogin no

Now we have to restart the OpenSSH server,

1

# /etc/rc.d/sshd restart

You might also want to activate SSH Public Key login, check this post.

Total Open Station (TOPS for friends) is a free software program for downloading and processing data from total station devices.

It’s a free software licensed under GNU GPLv3, based on Python and it’s a cross-platform solution.

Works on FreeBSD, Linux, and even Windoze.

There is also a wide variety of supported devices: Lecia, Nikon, and Zeiss.

I’d like to give a simple introduction on using FTDI chips in bitbang mode based on this post on Hack a Day.

For the hardware we will be using the “Breakout Board for FT232RL USB to Serial” from Sparkfun, of course you can use any flavor of FTDI ICs.