Slashdot Mirror

-is writes: "NetBSD-current IPsec (from KAME) now supports the rijndael algorithm for ESP encryption, thanks to the integration work of Jun-ichiro itojun Hagino. rijndael is the finalist of AES contest, and will be standardized in the FIPS standard suite, to replace DES. The implementation is known to be interoperable with others. Also, it is possible to negotiate rijndael IPsec SA by using the latest racoon IKE daemon (pkgsrc/security/racoon, be sure to get version 20001004a).

For more info see:

• http://www.nist.gov/aes/ (the algorithm itself)
• http://www.kame.net/ (KAME project where NetBSD IPsec comes from)
• http://www.netbsd.org/Documentation/network/ipsec/ (NetBSD IPsec FAQ)

• The change is now on the 1.5 branch, and will be available in the 1.5 release."

by by writes "O'Reillynet's OpenBSD Explained column recently explained how to setup IPv6 on OpenBSD. Interesting glimpse into the future of the Internet." True enough. It was my impression that the BSDs all got IPv6 at the same time though, courtesy of the work carried out by the KAME group. On a very much related note, Jim O'Gorman has written an IPv6 Behind a NAT article for this month's Daemon News, which also makes getting involved in IPv6 easier.

Duke of URL writes: "Boardwatch interviewed OpenBSD contributor Louis Bertrand. It's an excellent article about OpenBSD's niche and mission. They discussed the continued code audit, OpenSSH, and future version plans, including SMP development, ports rework, and continued integration of IPv6. Journalist Jeffrey Carl does a good job of pointing out OpenBSD's strengths and tradeoffs."

Claes Leufven was one of the first to write in with the news that FreeBSD 4.0 is now available for download. Features added to 4.0 since it diverged from 3.x include: IPv6 and IPSec support built in (courtesy of the KAME project), OpenSSL and OpenSSH are integrated in to the base system, jail(2) ("chroot(2) on steroids") to help build secure environments, many, many NFS bug fixes and performance improvements, bug fixes and performance improvements to the VM subsystem, netware file and client connection support, gcc upgraded to 2.95.2 as the base compiler, better support for laptops, a much more complete threads library. . . see the Alpha or i386 release notes for more details. And before you all rush off to upgrade your production servers, read on for a brief message from Jordan Hubbard, FreeBSD's Release Engineer, and to find out where to download the release from.

"As with all FreeBSD releases ending in .0, the project recommends that production environments wait at least one or two releases after it before moving mission-critical services over. These dot-zero releases are primarily aimed at the developers and early adopters who are willing to work on refining the technology until it's production-ready. The 4-stable branch will also not be created until just before 4.1 is released, the period following a .0 release being the best time to collect serious feedback before branching the tree."

For a static list of mirrors, see this section in the FreeBSD Handbook. Alternatively, try Gavin Cameron's automatically updating list of mirror sites.