FreeBSD Multimedia Resources List
Links on this page refer to multimedia resources (podcast, vodcast, audio recordings, video recordings, photos) related to FreeBSD or of interest for FreeBSD users.
If you know any resources not listed here, or notice any dead links, please send details to Edwin Groothuis so that it can be included or updated.
NYCBSDCon Update with Isaac Levy and Steven Kreuzer
Added: 19 August 2008
Tags: bsdtalk, interview, nycbug, nycbsdcon, nycbsdcon2008, isaac levy, steven kreuzer
Ogg version (15 minutes), MP3 version (7 Mb, 15 minutes)
An update on NYCBSDCon 2008 with Isaac Levy and Steven Kreuzer. More information on the conference can be found at http://www.nycbsdcon.org/
BSD Hacker Isaac "Ike" Levy
Added: 16 July 2007
Tags: bsdtalk, interview, nycbug, isaac levy
Ogg version (26 minutes), MP3 version (13 Mb, 26 minutes)
Interview with BSD Hacker Isaac "Ike" Levy. To hear more of Ike and other NYCBUG audio, visit http://www.fetissov.org/public/nycbug/
What's your biggest Time Management problem?
Tom Limoncelli is a FreeBSD user and the author of the O'Reilly book,"Time Management for System Administrators". He`ll be giving a brief presentation with highlights from his book then will take questions from the audience. Whether you are a system administrator, a developer (or even a Linux user) this presentation will help you with something more precious a quad-processor AMD box.
Money can buy you bandwidth, but latency is forever!
John Mashey, MIPS
Victor will cover an array of issues connected to Postfix performance tuning, including:
- Latency, concurrency and throughput
- Postfix input processing
- Queue file format rationale
- Input processing bottlenecks
- Pre-queue filters, milters, content filters
- Tuning for fast (enough) input
- Postfix on-disk queues, requirements and architecture
- What is a "transport"?
- Postfix "nqmgr" scheduler algorithm
- Per-destination in memory queues
- Per-destination scheduler controls
- SMTP delivery
- Understanding delay logging
- Transport process limits, concurrency limits
- Scaling to thousands of output processes
- Connection caching, TLS session caching, feedback controls
Victor Duchovni trained in mathematics, switched tracks to CS in 1980s leaving Princeton with a master`s degree in mathematics and newly acquired skills in Unix system administration and system programming. In 1990 moved to Lehman Brothers, worked on system management tooling, and network engineering. Ported "Moira" from MIT to Lehman, built efficient build systems that predated (and partly inspired) Jumpstart. In 1994 joined ESM to market "CMDB" tools to enterprise users, but this did not pan out, in the mean time learned Tcl, and contributed bunch of patches to the 7.x early 8.x TCL releases. In 1997 returned to New York, working in IT Security at Morgan Stanley since late 1999. At Morgan Stanley, developed a hobby in perimeter email security, becoming an active Postfix user and very soon contributor in May of 2001. In addition to many smaller feature improvements, contributed initial implementation of SMTP connection caching, overhauled and currently maintain LDAP and TLS support. Made significant design contributions to queue manager in collaboration with Wietse and Patrik Raq. In 2.6 contributing support for TLS EC ciphers and multi-instance management tooling, ideally also TLS SNI if time permits.
What it is and how can it make system administration less painful
About the speaker:
Larry Ludwig - Principal Consultant/Founder of Empowering Media. Empowering Media is a consulting firm and managed hosting provider. Larry Ludwig has been in the industry for over 15 years as a system administration and system programmer. He`s had previous experience working for many Fortune 500 corporations and holds a BS in CS from Clemson University. Larry, along with Eric E. Moore and Brian Gupta are founding members of the NYC Puppet usergroup.
Many modern CPUs provide on chip counters for performance events such as retiring instructions and cache misses. The hwpmc driver and libraries in FreeBSD give systems administrators and programmers access to APIs which make it possible to measure performance without modifying source code and with minimal intrusion into application execution. This talk will be a brief introduction to HWPMC, and how to use it.
Bio: George Neville-Neil is the co-author with Kirk McKusick of The Design and Implementation of the FreeBSD Operating System. He works on networking an operating systems for fun and profit.
Two tools which have become the norm in Linux- and Unix-based environments are SSH for secure communications, and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this talk, I describe a flaw in their interaction, and then present our solution called public-key sudo.
Public-key sudo is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. I describe our implementation of a generic SSH authentication module and the sudo modifications required to use this module.
Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His research interests are in network anonymity, trust management, and enterprise-scale policy enforcement.
Configuration Management with Cfengine
Cfengine is a policy-based configuration management system. Its primary function is to provide automated configuration and maintenance of computers, from a policy specification.
The cfengine project was started in 1993 as a reaction to the complexity and non-portability of shell scripting for Unix configuration management, and continues today. The aim was to absorb frequently used coding paradigms into a declarative, domain-specific language that would offer self-documenting configuration.
about the speaker:
Steven Kreuzer has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.
This talk is the result of an after-meeting discussion with a few folks, when it became apparent that there is some confusion as to how to deal with OpenBSD in small and large environments. The topic of installation and upgrading came up again. This talk is aimed to hopefully dispel many of the rumors, provide a thorough description and walk through of the various stages of running OpenBSD in any size environment, and some of the features and tools at the administrator`s disposal.
Okan Demirmen has been working with UNIX-like systems for as long as he can remember and has found OpenBSD to match some of the same philosophies in which he believes, namely simplicity and correctness, and reap the benefits of such.
Building a High-Performance Computing Cluster Using FreeBSD
Source: New York City *BSD User Group
Added: 22 March 2008
Tags: nycbug, presentation, high performance computing, freebsd, brooks davis
MP3 version (9 Mb, 80 minutes)
Special NYC*BUG meeting with FreeBSD developer Brooks Davis
Since late 2000 we have developed and maintained a general purpose technical and scientific computing cluster running the FreeBSD operating system. In that time we have grown from a cluster of 8 dual Intel Pentium III systems to our current mix of 64 dual, quad-core Intel Xeon and 289 dual AMD Opteron systems.
In this talk we reflect on the system architecture as documented in our BSDCon 2003 paper "Building a High-performance Computing Cluster Using FreeBSD" and our changes since that time. After a brief overview of the current cluster we revisit the architectural decisions in that paper and reflect on their long term success. We then discuss lessons learned in the process. Finally, we conclude with thoughts on future cluster expansion and designs.
Brooks Davis is an Engineering Specialist in the High Performance Computing Section of the Computer Systems Research Department at The Aerospace Corporation. He has been a FreeBSD user since 1994, a FreeBSD committer since 2001, and a core team member since 2006. He earned a Bachelors Degree in Computer Science from Harvey Mudd College in 1998.
His computing interests include high performance computing, networking, security, mobility, and, of course, finding ways to use FreeBSD in all these areas. When not computing, he enjoys reading, cooking, brewing and pounding on red-hot iron in his garage blacksmith shop.
"User Interfaces and How People Think" will introduce concepts of designing software for different users by observing how they think about and do what they do. While much of design today focuses on the front-end of computer systems, there is opportunity to innovate in every area where a human interacts with software.
Bio: Jeffery Mau is a user experience designer with the leading business and technology consulting firm Sapient. He has helped clients create great customer experiences in the financial services, education, entertainment and telecommunications industries. With a passion for connecting people with technology, Jeff specializes in Information Architecture and Business Strategy. Jeff holds a Masters in Design from the IIT Institute of Design in Chicago, Illinois.
Open Meeting on OpenSSH
Febrary's NYCBUG meeting is a broad look at OpenSSH, the de facto method for remote administration and more. OpenSSH celebrated its 8th anniversary this past September, and we thought this would be a great opportunity to discuss OpenSSH, and for others to contribute their hacks and interesting applications.
SSARES: Secure Searchable Automated Remote Email Storage - A usable, secure email system on a remote untrusted server
The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefit of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confidentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search.
To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient. However, the system also incurs significant costs, primarily in terms of expanded storage requirements. We view our work as a starting point toward creating privacy-friendly hosted services.
Angelos Keromytis is an Associate Professor with the Department of Computer Science at Columbia University, and director of the Network Security Laboratory. He received his B.Sc. in Computer Science from the University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer and Information Science (CIS) Department, University of Pennsylvania. He is the author and co-author of more than 100 papers on refereed conferences and journals, and has served on over 40 conference program committees. He is an associate editor of the ACM Transactions on Information and Systems Security (TISSEC). He recently co-authored a book on using graphics cards for security, and is a co-founder of StackSafe Inc. His current research interests revolve around systems and network security, and cryptography.
This talk will be on some of the basics of IPv6 including addressing, subnetting, and tools to test connectivity. There will be a lab (network permitting), and setups for an as of yet undisclosed flavor of BSD as well as some of the well known daemons (Apache 2, SSHD) will be demonstrated. Setting up a BSD OS as an IPv6 router and tunneling system will also be covered.
Gene Cronk, CISSP-ISSAP, NSA-IAM is a freelance network security consultant, specializing in *NIX solutions. He has been working with computers for well over 20 years, electronics for over 15, and IPv6 specifically for 4 years. He has given talks on IPv6 and a multitude of other topics at DefCon, ShmooCon and other "underground" venues.
Gene is from Jacksonville, FL. When not involved in matters concerning IPv6, he can be found gaming (Anarchy Online), helping out with the Jacksonville Linux User`s Group, being one of the benevolent dictators of the Hacker Pimps Security Think Tank, or fixing up his house.
Using Cryptography to Improve Web Application Performance and Security
Source: New York City *BSD User Group
Added: 12 September 2007
Tags: nycbug, presentation, cryptography, nick galbreath
MP3 version (18Mb)
Cryptography has a reputation of slowing down applications. However if done correctly, it can actually be used to improve performance by storing high-value/high-cost results "in public." In addition the same techniques can solve common security problems such as authorization, parameter scanning, and parameter rewriting.
All are welcome - no previous experience with cryptography is required, and the techniques will be presented in a programming-language neutral format.
Nick Galbreath have been working on high performance servers and web security at various high profile startups since 1994 (most recently Right Media). He holds a Master degree of Mathematics from Boston University, and published a book on cryptography. He currently lives in the Lower East Side.
Nagios is a platform for monitoring services and the hosts they reside on. It provides a reasonable tool for monitoring your network and you can not beat the price.
We plan on covering the following topics:
- what it is
- how it works
- where to get it
- how to install it
- how to configure it
- how to customize it for your environment
- where the data is stored
- how to write a basic plug-in
About the Speaker
Marc Spitzer started as a VAX/VMS operator who taught himself some basic scripting in DCL to help me remember how to do procedures that did not come up enough to actually remember all the steps, this was in 1990. Since then he has worked with HPUX, Solaris, Windows, Linux, and the BSDs, FreeBSD being his favorite. He has held a variety of positions, admin and engineering, where he has been able to introduce BSD into his work place. He currently works for Columbia University as a Systems Administrator.
He is a founding member of NYCBUG and LispNYC and on the board of UNIGroup.
Most of his career has been building tools to solve operational problems, with extra effort going to the ones that irritated him personally. He takes a great deal of pride in not needing a budget to solve most problems.
"The Real Unix Tradition"
UNIX hackers, all standing on the shoulders of giants.
"...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972
"Well, it was all Open Source, before anybody really called it that". - Brian Redman, 2003
UNIX is the oldest active and growing computing culture alive today. From it`s humble roots in the back room at Bell Laboratories, to today`s global internet infrastructure- UNIX has consistently been at the core of major advances in computing. Today, the BSD legacy is the most direct continuation of the most successful principles in UNIX, and continues to lead major advances in computing.
Why? What`s so great about UNIX?
This lecture aims to prove that UNIX history is surprisingly useful (and fun)- for developers, sysadmins, and anyone working with BSD systems.
About the speaker
Isaac Levy, (ike) is a freelance BSD hadker based in NYC. He runs Diversaform Inc. as an engine to make his hacking feed itself, (and ike). Diversaform specializes in *BSD based solutions, providing `IT special weapons and tatics` for various sized business clients, as well as running a small high-availability datacenter operation from lower Manhattan. With regard to FreeBSD jail(8), ike was a partner in the first jail (8)-based web hosting ISP in America, iMeme, and has been developing internet applications in and out of jails since 1999. Isaac is a proud member of NYC*BUG (the New York City *BSD Users Group), and a long time member of LESMUUG, (the Lower East Side Mac Unix Users Group).
Protecting your servers, workstations and networks can only go so far. Attacks which consume your available Internet-facing bandwidth, or overpower your CPU, can still take you offline. His presentation will discuss techniques for mitigating the effects of such attacks on servers designed to provide network intensive services such as HTTP or routing.
About the speaker
Steven Kreuzer is currently employed by Right Media as a Systems Administrator focusing on building and managing high transaction infrastructures around the globe. He has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.
The fourth annual pkgsrcCon is April 27-29 in Barcelona. As might be expected when brains congregate, pkgsrcCon traditionally results in a flurry of activity toward new directions and initiatives. Mere hours after returning to New York, Amitai will give us a recap of the proceedings, including his presentation, "Packaging djbware."
Amitai Schlair is a pkgsrc developer who has worked in such diverse areas as Mac OS X platform support and packages of software by Dan Bernstein. His full-time undergraduate studies at Columbia are another contributing factor to his impending insanity. He consults in software and IT.
This presentation was inspired by the recent Subversion presentation. It will talk about the origins of OpenRCS and OpenCVS, its real-world usage in the OpenBSD project, and why OpenBSD will continue to use CVS.
Ray is an OpenBSD developer who uses Subversion by day, CVS by night. Taking the phrase "complexity is the enemy of security" to heart, he believes that the beauty of UNIX`s security is in its simplicity.
The presentation will discuss Subversion from both client and server points of view. It will show how to create repositories and how to make them accessible over the network using different access schemes like http://, file:// or svn://. Pointers are given on securing the repositories and on authenticating and authorizing the clients. Next, the presentation shows how an user interacts with the repository and describes some of the important Subversion client commands. Finally, it deals with administrating the repository using "hook scripts".
Ivan Ivanov is generally interested in Version Control Systems since his student years in Sofia University, Bulgaria, where he set up and maintained a CVS server for an academic project. When Subversion became a fact and proved to be "a better CVS" he researched it and last year deployed it for his NYC-based employer Ariel Partners (http://www.arielpartners.com/). He intergrated the Subversion repositories with Apache Web Server over https to enable a reliable and secure way to access them from any point.
Okan Demirmen on PF
Source: New York City *BSD User Group
Added: 07 January 2007
Tags: nycbug, presentation, openbsd, pf, okan demirmen
We have had lots of meetings that have peripherally discussed OpenBSD`s wildly popular PF firewall... but finally we will have a meeting focused on it.
New York City BSD Con 2006: BSD is Dying - A Cautionary Tale of Sex and Greed
Source: New York City *BSD User Group
Added: 02 November 2006
Tags: nycbug, presentation, humor, bsd is dying, jason dixon
MP4 (31Mb), QuickTime (19Mb), iPod (36Mb)
BSD is Dying
A Cautionary Tale of Sex and Greed
October 28, 2006
First and foremost, I would like to thank the unique presentation styles of Dick Hardt and Lawrence Lessig for inspiring me to create this presentation.
The following videos were created by exporting the original Keynote presentation slides into QuickTime video, then manually synchronizing them using iMovie HD with the audio recordings captured by Nikolai Fetissov. They were then exported into QuickTime, mpeg4 (H.264/AAC), and iPod movie formats. If you are having difficulties with the MP4 copy, and are unable to view QuickTime movies, please contact me and I'll try to assist.
New York City BSD Con 2006
Source: New York City *BSD User Group
Added: 01 November 2006
Tags: nycbug, nycbsdcon, nycbsdcon2006, presentation
Russell Sutherland: BSD on the Edge of the Enterprise. (12 Mb), Bob Beck: spamd - spam deferral daemon. (16 Mb), Bjorn Nelson: A Build System for FreeBSD (9 Mb), Jason Dixon: BSD Is Dying. (5 Mb), Kristaps Johnson: BSD Virtualisation with sysjail. (15 Mb), Bob Beck: PF, it is not just for firewalls anymore. (15 Mb), Jason Wright: OpenBSD on sparc64. (9 Mb), Brian A. Seklecki: A Framework for NetBSD Network Appliances. (10 Mb), Johnny C. Lam: The "hidden dependency" problem. (13 Mb), Corey Benninger: Security with Ruby on Rails in BSD (14 Mb), Wietse Venema: Postfix as a Secure Programming Example. (16 Mb), Marco Peereboom: Bio & Sensors in OpenBSD. (11 Mb)
Audio recordings of presentations given at New York City BSD Conference 2006. Courtesy of nikolai at fetissov.org. The main page also has links to the slides.
Isaac `Ike` Levy on m0n0wall and PFSense (9 Mb)
Source: New York City *BSD User Group
Added: 09 September 2006
Tags: nycbug, presentation, monowall, pfsense, isaac levy
UNIX professionals are busy these days. Setting up routers and firewalls are fundamental to any network, but in environments where the focus is on various applications, (servers, workstations, and the software that runs on them), it`s difficult for a business not to choose off-the-shelf SOHO routers and networking gear. The web management gui`s are understandable by everyone, (even techs without UNIX knowledge), and the gear is cheap - this saves time and money.
In the meantime, the features of your average Linksys or Netgear router often leave MUCH to be desired, (https auth management, for one simple example).
Enter m0n0wall and PFSense, 2 BSD based packaged router/firewall solutions that are as solid and full featured as you`d expect from any BSD system- PLUS THEY HAVE HTML WEB INTERFACES FOR MANAGEMENT!
m0n0wall and PFSense become an easy sell in any small professional enviornment, any competent tech can manage the network within minutes... At home, in every hackers home network, they free the hacker to have trusted tools available, but are as time-saving as using any Linksys router.
m0n0wall and PFSense are both light and clean, designed to run on embedded systems- (Soekris, WRAP), but are monsters when unleashed on even legacy PC`s around the office. If you manage UNIX networks and systems all day, do you really want to manage the router for your DSL when you get home? But then doesn`t it bug you to use a chincey Linksys box?
Ike has been a member of NYC*BUG since we first launched in January 2004. He is a long-time member of the Lower East Side Mac Unix User Group. He has spoken frequently on a number of topics at various venues, particularly on the issue of FreeBSD`s jail (8).
Alfred Perlstein on Sendmail Hacks (11 Mb)
Source: New York City *BSD User Group
Added: 07 August 2006
Tags: nycbug, presentation, sendmail, alfred perlstein
Alfred will discuss the hacks used to turn Sendmail into a high performance solution for delivering millions of messages to OKCupid`s subscribers. Topics covered will be system tuning and sendmail hacks used in house to achieve massive throughput.
Alfred Perlstein is the CTO of OKcupid.com, the largest free online dating site. He has been a FreeBSD hacker for five years, he`s worked on NFS, VFS, pthreads, networking and general system maintenance during his tenure on both FreeBSD and OS X kernels.