spectre-meltdown-checker
vm-bhyve
Our great sponsors
spectre-meltdown-checker | vm-bhyve | |
---|---|---|
14 | 19 | |
3,809 | 773 | |
- | - | |
7.4 | 2.8 | |
2 months ago | about 2 months ago | |
Shell | Shell | |
- | BSD 2-clause "Simplified" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
spectre-meltdown-checker
- Linux Mint: It use mitigation of intel cpu bug?
- Package to Notify/check for Kernel Vulns?
-
Spectre Meltdown Checker gives summary of 1 red in Debian but 0 red in Fedora 36.
I tried the latest SMC from https://github.com/speed47/spectre-meltdown-checker and all were in green. :-)
-
AutoPWN Suite | I've created a python script you can use to scan your systems for vulnerabilities.
How is this project different spectre-meltdown-checker?
-
Can a laptop from 2012 be a viable home server?
OpenBSD will disable all but the first thread on any Intel processor by default. I'm assuming that these models are too old to have microcode updates addressing the Spectre exploits (Meltdown, Foreshadow, Fallout, Zombieload, RIDL etc.), and disabling SMT/HT might be the most secure thing to do by default.
This script produces a good assessment of Spectre problems for a wide variety of CPUs. I know that they are difficult to exploit, and the mitigations are disabled by many because of their performance impact.
https://github.com/speed47/spectre-meltdown-checker
-
Intel Finds Bug in AMD's Spectre Mitigation, AMD Issues Fix
You can confirm the status of the mitigations using InSpectre for Windows, or Spectre & Meltdown Checker if you're on a unix based system.
-
What kernel parameters do you use?
You can run https://github.com/speed47/spectre-meltdown-checker
-
Any opinion about NUC as home server?
He's probably referring to the class of vulnerabilities checked by this script: https://github.com/speed47/spectre-meltdown-checker. It's not just Intel CPUs that were affected, AMD and ARM also have some vulnerabilities (I just ran it on an ARM v7 to see) although maybe not as many.
-
How can secure the host from the guest using virt manager?
utilise microcode updates (should be by default, check)
- Spectre and Meltdown Checker
vm-bhyve
-
FreeBSD 14.0 has reached – RELEASE
https://github.com/churchers/vm-bhyve/wiki/UEFI-Graphics-(VN...
-
FreeBSD Bhyve Virtualization
Other than that, I use bhyve on my laptop daily since around 2015-2016. It was somewhat painful at first. I had to bake a CD key into Windows ISO for headless install but now VNC support exists and it's easy to output any graphical installer via VNC.
bhyve doesn't offer API and has not the most user-friendly interface (vm-bhyve[1] for the rescue!) but overall, I couldn't be happier with its - typical for FreeBSD - _set-and-forget_ stability.
[1] https://github.com/churchers/vm-bhyve
-
What Access Point (L2 VLAN support) could I use to connect/extend a network
I am using FreeBSD in the workstation, I have both intel and realtek, and the main network uses the LAN interface, but I need the VLAN 20 to assign IPs from that range to some VMs (https://github.com/churchers/vm-bhyve/wiki/Virtual-Switches)
-
how to create a gif/gre tunnel to access a DHCP server in a VLAN from a wifi only host
I want to assign IPs from VLAN 20 172.16.1.0/24 to VMs (https://github.com/churchers/vm-bhyve/wiki/Virtual-Switches) running on a host where main IP 192.168.1.10 is on the LAN network (no VLAN 20) this is the setup:
-
Podman vs. Docker: Comparing the Two Containerization Tools – Linode
Sample config: https://github.com/churchers/vm-bhyve/blob/master/sample-tem...
I use Jails to run applications like Postgres, Redis, Python api in an isolated environment. Jails is native FreeBSD, but isolated.
-
Anyone have gpu passthrough working with FreeBSD as the host OS?
Of what is properly supported, works beautifully and I have to say vm-bhyve is a joy to use. Everything is very cohesive and solid as a whole; I recommend it for servers but for GPU passthrough, only if you like a challenge.
-
Linux+KVM moving to FreeBSD+Bhyve
I recommend to look into some third-party tooling to manage VMs. I prefer vm-bhyve, https://github.com/churchers/vm-bhyve
-
Using i5 Fanless mini-pc as router and plex transcoding server
I was thinking opnsense + https://github.com/churchers/vm-bhyve to run a debian instance, which can then run everything in docker containers. It's inception but better utilization of all the services.
- BSD based solutions virtualisation/clustering of resources for VMs
-
FreeBSD Jails for Fun and Profit
Perhaps it would! But the userbase is definitely what finally got me into FreeBSD. The fact that hobbyists were contributing such excellent cli tools as `iocage` [0] and `vm-bhyve` [1] really is what got me over my fears.
[0] https://iocage.io/
[1] https://github.com/churchers/vm-bhyve
What are some alternatives?
intel-undervolt - Intel CPU undervolting and throttling configuration tool
cbsd - Yet one more wrapper around jail, bhyve, QEMU and XEN
awesome-unix - All the UNIX and UNIX-Like: Linux, BSD, macOS, Illumos, 9front, and more.
unifi-pfsense - A script that installs the UniFi Controller software on pfSense and other FreeBSD systems
Brace - Toolkit compatible with multiple Linux distros that allows for installation of handpicked applications, along with corresponding configs that have been tuned for reasonable privacy and security.
ipfw-rules - Ruleset for protecting a single FreeBSD host using IPFW
systemd - The systemd System and Service Manager
iRedMail - Full-featured, open source mail server solution for mainstream Linux/BSD distributions.
KTweak - A no-nonsense kernel tweak script for Linux and Android systems, backed by evidence.
exodus - Painless relocation of Linux binaries–and all of their dependencies–without containers.
mg - Micro (GNU) Emacs-like text editor ❤️ public-domain
runj - runj is an experimental, proof-of-concept OCI-compatible runtime for FreeBSD jails.