Stamtræ og slægtsforskning
Opdatering fra 2026: Vores stamtræ ligger nu her: https://lasg.dk/familytree/ Både min hustru og jeg har overtaget nogle papirmapper med materiale om stamtræer og slægtsforskning fra begge vores forældresæt. Det har samlet støv i mange år, men for to år siden besluttede vi at få det digitaliseret. Uden at vide særlig meget om slægtsforskning, kastede vi os ud i det. Med lidt assistance fra især en logebror der virkelig dyrker slægtsforskning, lykkedes det at komme rigtig godt igang. Vi valgte platformen MyHeritage, men der er masser af andre fine muligheder online og offline, som web-/cloud-løsninger og som lokale applikationer. I skrivende stund har vi over 9000 personer i vores fælles stamtræ. Fra vikinge-biskopper…
Programming tools for C and Perl
Programming tools for C and Perl, which I normally run my programs through gcov, man gcov gprof, man gprof ------ Lint: -h Apply a number of heuristic tests to attempt to intuit bugs, improve style, and reduce waste. -p Attempt to check portability of code to other dialects of C. -s Strict ANSI C mode. lint -h -p -s filename ------ Splint: devel/splint -strict-lib Use strict version of the ANSI standard library. OR -posix-strict-lib Use the strict version of the POSIX standard library. ------ Rats, Rough Auditing Tool for Security For C, Perl, PHP, and Python security/rats --warning 3 Includes low severity vulnerabilities. --html Output in HTML ------ To document: either doxygen…
IPv6, DHCPd, OpenLDAP on FreeBSD
Just a few small misc notes from my old FreeBSD server setup. There is a chance these are completely obsolete. IPv6 setup Add to rc.conf: ipv6_enable="YES" ipv6_ifconfig_fxp0="FEEE::1" ipv6_defaultrouter="FEEE::1" rtadvd_enable="YES" rtadvd_interfaces="em1" Edit /etc/rtadvd.conf em1:\ :addrs#1:addr="FEEE::":prefixlen#64:tc=ether: DHCPd ISC dhcpd in FreeBSD 8.2 Install the port: net/isc-dhcp41-server Set in rc.conf dhcpd_enable="YES" OpenLDAP OpenLDAP 2.4 on FreeBSD 7.1 Lars Sommer, lasg@lasg.dk, 2009-01-18 DISCLAIMER: This is a personal note made for personal usage. It might not be easy usable nor explaining. Install this port: net/openldap2.4-server With the option SASL enabled Misc. base system notes Base system configuration Set root password # passwd Add a user for administration # adduser enable sshd and set interface adresses. Create resolv.conf…
FreeBSD gmirror raid 1 setup
After installing the system on disk ad0, and wanting it to be mirrored at disk ad1. Eventually see: http://www.freebsd.org/doc/en/books/handbook/geom-mirror.html sysctl kern.geom.debugflags=17 gmirror label -vb round-robin gm0 /dev/ad0 gmirror load echo 'geom_mirror_load="YES"' >> /boot/loader.conf cp /etc/fstab /etc/fstab.old # vi /etc/fstab Replace all old ad0 references with mirror/gm0 by typing :%s/ad/mirror\/gm/g. reboot gmirror insert gm0 /dev/ad1 gmirror status The mirror is being build, which takes a while. Check with gmirror status..
NTPd on FreeBSD 8.0
Lars Sommer, lasg@lasg.dk, 2009-10-06 DISCLAIMER: This is a personal note made for personal usage. It might not be easy usable nor explaining. I'm using NTP on all machines with internet connection, to keep their clock more accurate. Remember to run tzsetup to set up correct time zone, before NTP'ing. Do a manually sync if needed: ntpdate -v -b 0.us.pool.ntp.org Insert in /etc/rc.conf: ntpdate_enable="YES" ntpdate_hosts="0.us.pool.ntp.org" ntpd_enable="YES" #The following is confirmed in freebsd8.2 at 2011-04-19 #Note from 2009-01-07: As by FreeBSD 7.1 ntpd should be able to run without the following config file #ntpd will need a config file at /etc/ntp.conf, looking like: #server 0.us.pool.ntp.org #server 1.us.pool.ntp.org #server 2.us.pool.ntp.org #restrict 192.168.1.0 mask 255.255.255.0 nomodify…
Rootkit-detection in FreeBSD
Lars Sommer, lasg@lasg.dk, 2007-10-18DISCLAIMER: This is a personal note made for personal usage. It might not be easy usable nor explaining. Install these ports: security/chkrootkit security/rkhunter rkhunter install options: make options: WITH_LSOF=true WITH_NMAP=true --- chkrootkit usage: Run sometimes with: sudo chkrootkit -q Or add to /etc/crontab like weekly: 10 10 * * 2 root /usr/local/sbin/chkrootkit -q > /var/log/chkrootkit.log --- rkhunter usage: You should keep your rkhunter database up-to-date. This can be done automatically by putting this line to /etc/periodic.conf: daily_rkhunter_update_enable="YES" Also, you can run rkhunter as a part of the daily security check by putting this line to /etc/periodic.conf: daily_rkhunter_check_enable="YES" Add this "--quiet --createlogfile --no-verbose-logging" to: /usr/local/etc/periodic/security/415.rkhunter so relevant log is done
FreeBSD jails note
Lars Sommer, lasg@lasg.dk, 2009-05-20DISCLAIMER: This is a personal note made for personal usage. It might not be easy usable nor explaining. Install these ports: sysutils/jailutils sysutils/ezjail If "make buildworld" just has been done, then ezjail-admin update -i to install the recently build world is fine. Otherwise, do ezjail-admin update -b first, and wait some time for world building Fix a nice jail flavour: cd /usr/jails/flavours cp -Rv default teknix Uncomment the sshd in etc/rc.conf Copy the config files from backup into the flavour --- Create examples: ezjail-admin create -f teknix lasg-ws 192.168.1.54 ezjail-admin create -f teknix -i -s 5G -c eli tor 192.168.1.53 /usr/local/etc/rc.d/ezjail.sh start lasg-ws /usr/local/etc/rc.d/ezjail.sh start tor Automatic start of…
Denyhosts on FreeBSD 8
Lars Sommer, lasg@lasg.dk, 2011-06-20 Install the port security/denyhosts Add to /etc/rc.conf denyhosts_enable="YES" add syslogd_flags="-c" in /etc/hosts.allow add: sshd : /etc/hosts.deniedssh : deny sshd : ALL : allow Or, if anything should be denied from these hosts who fails ssh login; insert ALL instead of sshd. If done so, change the BLOCK_SERVICE line in denyhosts.conf from sshd to ALL as well. touch /etc/hosts.deniedssh /etc/rc.d/syslogd restart /usr/local/etc/rc.d/denyhosts start
Host Intrusion Detection System in FreeBSD
Also called Host IDS or just HIDSLars Sommer, lasg@lasg.dk, 2009-01-07DISCLAIMER: This is a personal note made for personal usage. It might not be easy usable nor explaining. In ports in security, there are several HIDS utilities: aide integrit osiris ossec-hids-local samhain But which should I use, and why? ------ aide Aide aims to be a Tripwire ripoff, and a bit more. It is _very_ easy to install and configure. Installation: pkg_add -r aide or build the port security/aide Configuration: cd /var/db/aide aide --init mv databases/aide.db.new databases/aide.db Take a look in the config file /usr/local/etc/aide.conf Usage: Run with "aide" Should be a cronjob e.g.: 10 20 * * 2 root /usr/local/bin/aide > /var/log/aide.log…
GELI encryption of full drive in FreeBSD
Lars Sommer, lasg@lasg.dk, 2010-01-27 Based on: http://www.freebsd.org/doc/handbook/disks-encrypting.html I am using harddrives two and two in RAID1 with geom_mirror. After creating a mirror, I encrypt it using GELI. Loading the GELI module for now: kldload geom_eli Insert into /boot/loader.conf: geom_eli_load="YES" In this example my geom_mirror is called gm2 and resides in /dev/mirror/gm2 Create the master key and attach it to the GELI provider. Then doing a new filesystem on it, and at last mounting it. dd if=/dev/random of=/root/gm2.key bs=64 count=1 geli init -s 4096 -K /root/gm2.key /dev/mirror/gm2 geli attach -k /root/gm2.key /dev/mirror/gm2 dd if=/dev/random of=/dev/mirror/gm2.eli bs=1m newfs /dev/mirror/gm2.eli mount /dev/mirror/gm2.eli /data/2 Consider moving the master key to somewhere safer. I use an USB…