Network Synapse Blog

Since the release of FreeBSD 7.0 many things have been changed to allow PostGres to run better than any other database under FreeBSD. To take advantage of this, I'll show how to setup PostGreSQL in FreeBSD jails. Of course, the same method is used to install on your main system as well.

Ever since I took in a roommate, and then started using a VoIP service, I have learned that even having a decent home broadband solution wasn't enough for my network. Many nights I would spend trying to talk to someone and realize they couldn't hear me, or I couldn't hear them. Other nights I would notice a strong bottleneck at the gateway of my network. After monitoring the obvious, the limitation of bandwidth just wasn't allowing me to continue to be lazy. It was time for limitation.

For Windows users, staying secure is a daunting task. Even when you get all the software you need to secure your system as best you can, sometimes the software becomes an even more difficult task, and later you disable it's services just to get on the internet. Today, I'll tell you what you do need, and what you really don't need.

Finally, with the release of FreeBSD 7.0, here's the updated version of the usual jail tutorial tailored to FreeBSD 7.0. Enjoy!

Like any other gamer, after switching all my computers to Apples, I had an itch to play some of games in my free time. With that in mind, I instantly setup Boot Camp on my iMac with my Leopard discs in hand, ready to install drivers. While it wasn't that complicated, there were a few hang-ups that came with the native install on Windows.

Since Apple released their latest release of MacOS X, changing the Terminal application's colors have once again become a pain. Even with the previous release, you could drag and drop colors from the color swatch to the color you wanted to change. This feature has thus been removed in Leopard. Thanks to Ciarán Walsh, of http://ciaranwal.sh, we now have a solution to this issue.

If you have ever had to deal with long hours coding large drop-down menus for various different reasons, then you know finding a better solution isn't far after those first 20 lines. When programming a scheduling application last year, I realized that I didn't want to rely on an employee to know the date format for the database, or even what the current day was. Instead of coding lines upon lines of "select" boxes, and hoping that people would soon learn these simple facts, I decided to create a PHP function to create a dummy-proof Date/Time drop-down menu. Feel free to use this all you want, just always remember where you obtained this code.

Later, I will update this page with the version that automatically reduces the day list depending on the month, and if it is a leap year. Stay tuned!

Back in 2003, aside from messing with wireless networks, I starting really working with IPv6 in its full form (Watch for NS in the IPv6 server list here soon). At the same time, I was studying for my CCNA, and decided that every piece of hardware in my house needed to be running IPv6. In the process, I came up with another tutorial that was on the old site, teaching how to setup IPv6 on a Cisco router.

After going through the archives of the old site, I decided to start posting the various tutorials that were there, and have yet to become obsolete. One is "More Fun With Wireless Hacking", which was published in 2600 Hacker's Quarterly in 2003. Since the practice of wireless hacking, and security has yet to change, I present you with the original article I wrote 5 years ago. Enjoy.

While torrent sharing grows more and more each day, it has started to become a great way to host large archives without sacrificing your bandwidth. Such a case is a remote server, that has a limit on the bandwidth, but you don't want to cripple your user base because of it. So, how do you go about this on a co-location server and such? Well, it's quite simple, you use Azureus. Most may have a weird look on their face, wondering what co-location server, hosting, and offering other services would really have X installed. Well, that's what we're about to talk about. The almost completely undocumented part of Azureus; the console ui.

For our 3rd part of the tutorial, we are going to cover one of the MAC policies. The first one is MAC BIBA. This policy controls the upward flow of information. In otherwords, it can restrict a subject (a user or process), from various abilities (We will explain this in more detail later).

As we continue on looking at the MAC modules, we will cover two more minor modules that will prove crucial to our learning of some of the more advanced modules that deal with policies. These two modules are mac_seeotheruids, and mac_partition. While they are very simple, they are still good modules to keep in mind for your final implementation.

This was also posted on Screaming Electron, so if you have questions or comments, please visit that post.

While I was planning to do a simple tutorial covering all types of MAC security, I decided that one tutorial for all would really depreciate the tutorial as a whole. Instead, I'll be doing a single tutorial on each feature, and later one to integrate them all together to better suit your needs. This was also posted on Screaming Electron, so if you have questions or comments, please visit that post.

The BSD Extended module helps us protect every aspect of the system's file system, and then some. We are able to set explicit permissions on what a user can do, see, and control. Not only that, we can set what uid/gid in a specific jail can do. Now that's secure! Of course, let us not get ahead of ourselves. First, we must get the feel of this, and a moderate understanding of how it works before we can really start using it.

After treading through many OS'es on my Powerbook G4, not one of them suited my needs completely. Even though OS X seems to fit a lot of my needs, there are Linux/UNIX applications and such that I'd much rather have. Many people have told me to try DarwinPorts and fink. Fink was just more of a pain then anything. It seemed to work out ok, but installing a ton of useless dependencies all over the place, and having to run X11 just to run them seems a little to "half-ass" for me. DarwinPorts had issues with being maintained, and didn't work half the time. Someone mentioned Redhat's Fedora Core 6 PPC port, and so thought I would give it a try.

One thing that always bothered me about OpenVPN was the work you had to do to get one client setup. It wasn't a hard process, but when configuring multiple clients, it was always a very monotonous job, and quite annoying. So, to resolve this issue, I wrote a script to create the keys, certificates, package the needed client files, and then put them in a directory specifically for client packages. This way, you can build the key, give the package to the client, and be done with it. To add, you can also revoke clients from the same script, just to make it complete.