RootBSD

Whether or not you are new to the world of VPS’s (perhaps you read our entry a few days ago, “Why VPS?”), you may be wondering what the advantages are of a FreeBSD-based VPS. There are great reasons why many experts in virtual hosting, like RootBSD, have made this choice.

FreeBSD is a free operating system descended from UNIX. Though it is not exactly like UNIX, it does have compliant internals and system API’s. FreeBSD is different than Linux in that all device drivers, userland utilities, the kernel, etc., are all contained in the same source code tracking tree, whereas with Linux they are all developed separately and packaged in various different ways. So what makes FreeBSD particularly good for a VPS?

(1) Software Flexibility. A standard installation of FreeBSD includes standard UNIX utilities and commands as well as the FreeBSD ports collection, which gives access to over 17,000 free software packages that have already been customized for the FreeBSD environment. FreeBSD users will have everything at their fingertips to run web, email, and database server environments. FreeBSD also has excellent third-party software support, so you will be able to pick the applications that suit your needs.

(2 Industry Standard. Over 30% of the Internet is powered by FreeBSD, including huge websites like Yahoo.com and Hotmail.com.

(3) Performance and Reliability. FreeBSD is a “rock solid” platform. You may recall from our previous article about the recent Firefox upgrade that one of Mozilla’s download mirrors was powered by FreeBSD with fantastic results.

(4) Looking Towards the Future. Because of the increasing success and widespread use of FreeBSD, many web hosts and software providers are scaling down their use of other operating systems and focusing on FreeBSD. It is likely that not far down the line there will be considerably more support and applications available than for other operating systems, especially in the world of VPS’s.

(5) Jails. With FreeBSD, you have the option of having a Jail VPS, which results in higher overall performance due to minimal overhead. With the jail feature, VPS’s can be created on the fly and are ideal for new users since they can be configured without complex firewall rules.

FreeBSD has long been considered the unknown giant among operating systems, but is becoming less and less unknown. As VPS’s become more popular and FreeBSD becomes the standard among VPS’s, you can expect to see it heading even farther out of obscurity.

We all know the Internet can be a dangerous place and in order to be truly safe a computer must not be connected to it. But that puts an immense dent in productivity and the flow of information, so it’s not an option. Of course the flow of information is the important thing and with the proper firewall you can make sure that the data only flows how you want and to whom you want.
Read the rest of this entry »

Whether or not you’re already familiar with FreeBSD, if you’re new to the world of VPS’s, you might be wondering why to go with a VPS provider like RootBSD rather than a dedicated, private server. If so, read on!

VPS is an acronym for “virtual private server,” which is a method of partitioning physical computer servers into multiple servers. Each partition virtually has the appearance and capabilities of a dedicated server without requiring the space and expense of a separate physical machine. Each VPS has its own operating system (in our case, FreeBSD), and programs run independently inside that system. So what are the advantages of such a system?

(1) Cost-Effective. Since multiple systems are in the same physical hardware, a VPS offers significant cost savings over a dedicated physical server.

(2) Total Access and Customization. As a VPS customer, you have root access to the system, and can therefore manipulate and configure all aspects of the server to your specifications. You can run the applications of your choosing!

(3) Enhanced Security. With traditional shared webhosting, all users share an operating system and have access to the same file system. Therefore, the potential exists for users to access each other’s information or affect the performance of another user’s system. With a VPS, there is an additional layer of security in that all users have their own separate operating systems and file systems even though they are sharing physical space on the machine.

Overall, a VPS can provide you with the freedom that comes with peace of mind, control, and knowing that you have freed up financial resources for use elsewhere. If you already have a busy website, a VPS is a great upgrade from traditional hosting without having to shell out the additional dough for a dedicated server. A VPS is also great for backing up data on your own off-site secure server. Whatever the use, a VPS is something to try–the functionality of having your own dedicated machine without the expense!

On June 18, the Mozilla Foundation broke the Guinness World Record for most software downloads in one day when over 8 million people downloaded Firefox 3, the latest version of the popular web browser. What many Firefox users may not have realized is that with the update they acquired a number of new technologies adopted from the FreeBSD project.

One notable improvement features the memory allocator “jemalloc,” developed by FreeBSD guru Jason Evans. Firefox version 2 was known as something of a memory hog, and the update improves upon this greatly with upgrades such as a new rendering engine, but Evans’ contribution proved particularly significant. According to Firefox developer Stuart Parmenter, their tests of the browser on Windows Vista showed a 22% drop in memory usage once they turned on “jemalloc.”

Another FreeBSD technology utilized in the Firefox upgrade was the “bsdiff” binary patch system, which allows for reduced software update sizes and faster downloads for end users. In addition, the delivery of the Firefox software relied on FreeBSD as well–Internet Systems Consortium operates one of Mozilla’s download mirrors, powered by FreeBSD 7. During Mozilla’s record-breaking 24 hours of downloading, the server withstood rates of a gigabit per second. ISC referred to FreeBSD as “a rock solid platform.”

Of course, FreeBSD has a long history of being used inside other open-source projects, and this is just one example of the improvements that it can make. And just think: “jemalloc” is already a part of FreeBSD 7. If it can improve the performance of a web browser so drastically, then imagine the potential effect on an entire operating system.

Virtual Private Networking (VPN) is a safe and secure way to transmit sensitive data between two networks or a remote computer and a private network that are connected by the publicly accessible Internet. It’s a great way for employees of a company to be able to access necessary information without having to actually be on the local, secure network. Windows 2000, XP, MacOS X and Vista are all able to utilize various VPN clients to connect to the private networks and some of these options will be presented. Of course FreeBSD can be both the client and the gateway server and that will be discussed as well.

Read the rest of this entry »

Dan Kaminsky, a security researcher has announced that he has found a major design flaw in DNS that could possibly lead to mass exploitation of caching DNS servers by allowing attackers to poison the DNS cache with their own entries. You can read his notes on his blog post.

There have already been hundreds of articles  from different media outlets over the last few days about this.  Dan has clearly said that he has found a new DNS flaw although some people speculate that he is re-hashing previous security findings about the weakness in non-random udp source ports and TXIDs.  It won’t be until August that Dan reveals the details of this exploit that people can try to debunk his claim.

Paul Vixie, the primary author of BIND, wrote this on a mailing list recently, supporting Dan’s claims:

this is not a decade old problem.  it’s either as old as dns, or four months
old, depending on how you count.  somebody reminded me that i was one of the
earliest to ring an alarm bell on this, in a very weak, terrible 1995 paper:

http://www.usenix.org/publications/library/proceedings/security95/full_papers/vixie.txt

in 2002 i also attempted to demystify BCP38 since we all know that without
IP source address repudiability, no noncrypto UDP based protocol is safe:

http://www.icann.org/committees/security/sac004.txt

so, patrick and others, let me assure you, having been here all along and
having done what i could to secure the DNS QID for ~1.5 decades, i am aware
of the details of dan kaminsky’s attack, and it will be news on august 6,
and it justifies every bit of pain and panic involved in randomizing all UDP
source ports on DNS transactions between recursive and authority servers.

and let me take another opportunity to thank dan bernstein for coming up
with the idea of UDP source port randomization for DNS transactions.  we
know it works and we’re pushing hard to get it universally deployed.  (while
i’d rather have Secure DNS, the community could not possibly deploy that
fast enough, so we’re doing what we can while we can.)

so, you should fix it NOW NOW NOW!

We have already updated our caching DNS servers with the new patched code.  You should check to make sure that your servers are using caching DNS servers that have been patched with these latest updates.

OpenCart is a freely available PHP-based shopping cart system for online merchants. By downloading and installing it you can be ready to sell through your website in no time at all. The program requires Apache, PHP 5 and a MySQL database, though there’s an older version available for those of you with PHP 4. Really though, everyone should be working on migrating to PHP 5 if they have not already since support for PHP4 has officially ended.

The installation is as simple as download, extract to your local drive, upload to a directory on your web server and check the permissions. Certain directories you’ll need to give write access to by your Apache user, chmod 777 on those directories is often the quickest way. You’ll need to create a database for it to use if you haven’t done so already as well as a user for the program to access the Db with. Once that’s complete you can browse to the install location and begin the web-based configuration. It’s a quick 4-step process and that’s it. When you’ve successfully completed that you can delete the /install directory within the program directory and you’re all set.

As with many PHP programs, OpenCart saves settings in a config.php file in the main installation directory in case you need to edit them from the command line. There is also another config.php in the admin directory for your backend settings.

OpenCart is still a young project, currently at version 0.7.7 which was released October 9, 2007.  The User Manual isn’t quite complete yet but it is enough to get you through the install and setup. Once that’s complete you can log into the Admin section and look at store statistics, the latest orders and the latest product reviews. There’s also a full input system for adding items to your catalog. The store uses templates so it can maintain the look and feel of your entire website. It has also been ported to over 20 languages, supports multiple shipping and payment methods and has additional add-ons for extended capabilities. OpenCart is designed to be a full-featured, search engine friendly, easy-to-use Ecommerce interface for buyers and sellers.

Find out more at OpenCart’s website (http://www.opencart.com/).

All of our FreeBSD VPS services come with the ports tree pre-installed. These are third-party applications that have been adapted to be used in FreeBSD. They cover an extremely diverse range of functions including accessibility, graphics, multimedia, networking operations, browsing, science and engineering and more.

This means that if you want to do something specific in FreeBSD you probably won’t need to do much work in order to get those functions and features. Depending on your level of familiarity with programming and FreeBSD you can choose how to install these programs. If you’re more tech-savvy and know your way around major programming languages then you might be interested in installing the source code for the programs, either from the ports tree or by installing it on your own separate from the ports tree.

When you install a port from the ports tree, you are basically running an ‘autorun’ type script that will download the source code of the program, compile, and install it locally. If you’re not familiar with a Makefile and compiling source code into binaries then you may be more interested in the Packages collection which allows you to directly install the binaries (executables) and not worry about doing the compiling and installation process. The collections allow you to directly install the applications from local media or directly from the network so you don’t need to worry about storing everything locally if you don’t need it.

The major benefits to installing from Packages include: smaller download, faster installation, no need to compile. The major benefits for installing from the Ports collections include: ability to tweak the performance and options of the applications and able to build-in specific functions that might not be activated in a pre-compiled binary.

Finally, both Ports and Packages are dependency aware which means they know what they need to function properly and can tell you or install the libraries as they need. This means that you should almost always be able to get up and running with the new applications in no time flat. Good Luck!

For more information see the FreeBSD Handbook:

• Chapter 4 Installing Applications: Packages and Ports

Unfortunately we had a programming problem on part of our website.  Messages sent through the ‘contact’ form have not been received.  This is now fixed.

If you have sent us a message and not received a response, please contact us again.  We apologize for the inconvenience and promise we weren’t just trying to ignore you.

Finally after a few delays, our new website is finally finished and online.  We’re pretty happy about this, as our original website design was functional but not very pretty (at all).  Sorry for any snafus during the transition as there may have been a few broken links while we were tying everything together on the new site.

For those that don’t remember, here is what our old site looked like.  It was a black and green color scheme, and the text wasn’t always easy to read.   The new site looks relatively modern and focuses on ease-of-use, instead of … looking kind of weird.  The old original ASCII logo wasn’t as catchy as it used to be in the 1990s.