This site is all about some of my humble tests and work with latest OpenBSD system tools & daemons, I’m getting as close as possible to base system only (6.4 at the time I am writing this down but 6.5 is coming soon) even if I’m gonna use a few packages (ldns-utils, dkimproxy, privoxy, tor, openvpn as far as I remember).
Yep, I got back deeper into that OS. I’ll only talk about my personal use & playground on this website, and even if most of the things could easily (and should?) be set in production or spooky service providers (imagine everyone uses DANE, SMTP/TLS, DNSSEC :-)) - but I may also put down some words about my previous LIR AS setup playing OpenBGPD, some open resolvers, …
And so, I recently set up two OpenBSD VMs for these tips to be written down. Configuration, information and topics would probably be done the way below. But calm down: I’m getting slower as I’m getting older, don’t expect too much too fast (my brain is kind of underclocked now). Well I’m gonna do my best to share some of these (pentest & CTF sections will come later):
Update: added another slave authoritative in most sections (not in openbsd.amsterdam scope, just in case ;))
nsd authoritative servers for my domain names:
mail relays for these domains:
httpd servers (like this one):
Tor bridges chained with privoxy.
Some of relayd stuff I have to play with:
All previous stuff fully v4 and v6 ;-)
moAr stuuf I’d like to play with:
“Sanitize all the things”
y33t! So ssg4 is pretty amazing as I’m testing it.
thanks Roman! (and the many people who contributed to it).
update: everything in 1 master / 2 slaves configuration rdist section typo fixed in my dnssec initialization script some s/entries/records/ corrected: vocabulary is important released the dane page updated sample zone file records, and TTLs put some words under privacy and agreement ;)