Links on this page refer to multimedia resources (podcast, vodcast,
audio recordings, video recordings, photos) related to OpenBSD or
of interest for OpenBSD users.
If you know any resources not listed here, or notice any dead links,
please send details to
Edwin Groothuis so that
it can be included or updated.
Marshall Kirk McKusick at DCBSDCon
Source: bsdtalk
Added: 21 February 2009
Tags: bsdtalk, presentation, bsd, history, kirk mckusick
Ogg version (55 minutes), MP3 version (26 Mb, 55 minutes)
A recording of Marshall Kirk McKusick's talk "A
Narrative History of BSD" at DCBSDCon this past
weekend.
You can get a much more complete history here:
http://www.mckusick.com/history/index.html
Using BSD in SchmooCon Labs
Source: YouTube bsdconferences channel
Added: 24 May 2009
Tags: youtube, presentation, dcbsdcon, dcbsdcon2009, bsd, schmoocon, ken caruso
Flash (35:08)
Using BSD in SchmooCon Labs
DCBSDCon 2009, Ken Caruso
clive URL: http://www.youtube.com/watch?v=9ZhfuP4jghY
Sleeping Beauty - NetBSD on Modern laptops
Source: YouTube bsdconferences channel
Added: 24 May 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, netbsd, laptops, jorg sonnenberger
Flash (1:20:56)
P9A: Sleeping Beauty - NetBSD on Modern Laptops
AsiaBSDCon 2008, Jorg Sonnenberger
clive URL: http://www.youtube.com/watch?v=v9ygBFjGR50
OpenBSD Network Stack Internals
Source: YouTube bsdconferences channel
Added: 24 May 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, openbsd, claudio jeker
Flash (53:41)
P8A: OpenBSD Network Stack Internals
AsiaBSDCon 2008, Claudio Jeker
clive URL: http://www.youtube.com/watch?v=V85It0dGUF4
P6A: A Portable iSCSI Initiator
Source: YouTube bsdconferences channel
Added: 24 May 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, iscsi, alistair crooks
Flash (40:57)
P3B: A Portable iSCSI Initiator
AsiaBSDCon 2008, Alistair Crooks
clive URL: http://www.youtube.com/watch?v=MiZY7PMu7Ic
P3B: BSD Implementations of XCAST6
Source: YouTube bsdconferences channel
Added: 27 March 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, xcast6, yuji imai
Flash (55:42)
P3B: BSD Implementations of XCAST6
AsiaBSDCon 2008, Yuji Imai
clive URL: http://www.youtube.com/watch?v=g1Ga48smqyI
P5A: Logical Resource Isolation in the NetBSD Kernel
Source: YouTube bsdconferences channel
Added: 27 March 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, netbsd, kristaps dzonsons
Flash (56:29)
P5A: Logical Resource Isolation in the NetBSD Kernel
AsiaBSDCon 2008, Kristaps Dzonsons
clive URL: http://www.youtube.com/watch?v=c63VneyQI-k
P4B: Send and Receive of File System Protocols: Userspace Approach With puffs
Source: YouTube bsdconferences channel
Added: 27 March 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, puffs, antti kantee
Flash (47:29)
P4B: Send and Receive of File System Protocols: Userspace Approach With puffs
AsiaBSDCon 2008, Antti Kantee
clive URL: http://www.youtube.com/watch?v=ziGeB8iRA0c
P1B: Tracking FreeBSD in a Commercial Setting
Source: YouTube bsdconferences channel
Added: 27 March 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, freebsd, warner losh
Flash (33:40)
P1B: Tracking FreeBSD in a Commercial Setting
AsiaBSDCon 2008, M. Warner Losh
clive URL: http://www.youtube.com/watch?v=VaZ9Ef04bJg
A Brief History of the BSD Fast Filesystem, Kirk McKusick
Source: YouTube bsdconferences channel
Added: 13 March 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, bsd fast filesystem, kirk mckusick
Flash (42:01)
A Brief History of the BSD Fast Filesystem, Kirk McKusick
AsiaBSDCon 2008, Dr. Kirk McKusick
clive URL: http://www.youtube.com/watch?v=tzieR5MM06M
PC-BSD, Matt Olander, AsiaBSDCon 2008
Source: YouTube bsdconferences channel
Added: 21 February 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, pc-bsd, matt olander
Flash (28:50)
PC-BSD, Matt Olander, AsiaBSDCon 2008
clive URL: http://www.youtube.com/watch?v=N0q37X-MJzY
Using FreeBSD to Promote Open Source Development Methods, Brooks Davis, AsiaBSDCon 2008
Source: YouTube bsdconferences channel
Added: 21 February 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, freebsd, promotion, open source development models, brooks davis
Flash (30:07)
Using FreeBSD to Promote Open Source Development
Methods, Brooks Davis, AsiaBSDCon 2008
clive URL: http://www.youtube.com/watch?v=4lcrinKBMas
GEOM - in Infrastructure We Trust, Pawel Jakub Dawidek, AsiaBSDCon 2008
Source: YouTube bsdconferences channel
Added: 21 February 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, geom, pawel jakub dawidek
Flash (46:38)
GEOM - in Infrastructure We Trust, Pawel Jakub
Dawidek, AsiaBSDCon 2008
clive URL: http://www.youtube.com/watch?v=xMpmOezBJZo
Reducing Lock Contention in a Multi-Core System, Randall Stewart, AsiaBSDCon 2008
Source: YouTube bsdconferences channel
Added: 21 February 2009
Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, multicore, lock contention, randall stewart
Flash (28:12)
Reducing Lock Contention in a Multi-Core System,
Randall Stewart, AsiaBSDCon 2008
clive URL: http://www.youtube.com/watch?v=OQOMva1SmbY
Lousy virtualization, Happy users: FreeBSD's jail(2) facility
Source: UKUUG
Added: 02 April 2007
Tags: ukuug, presentation, freebsd, jails, poul-henning kamp
Slides (2.7 Mb)
Lousy virtualization, Happy users: FreeBSD's jail(2) facility by Poul-Henning Kamp (phk@FreeBSD.org)
Poul-Henning Kamp - GBDE -- Spook strength disk encryption
Source: Swiss Unix Users Group Conference 2004
Added: 14 January 2007
Tags: suug, presentation, gbde, poul-henning kamp
Slides (113 Kb), Paper (104 Kb)
GBDE is a disk encryption facility designed with
both usability and strength as requirements and it
attempts to protect both the user and the data. The
talk is about avoiding self-deceiving analysis, how
to make real world usable cryptography and generally
protect yourself and your data. Required skill
level: Laptop user.
Hendrik Scholz - Performance bottleneck detection and removal
Source: Swiss Unix Users Group Conference 2004
Added: 14 January 2007
Tags: suug, presentation, performance, hendrik scholz
Slides (213 Kb)
Once a system is exposed to heavy load bottlenecks
need to be addressed to prevent single components
from slowing down a complex installation. Highlighting
various hotspots their detection and removal gets
discussed using real life examples.
Max Laier - PF - Extended Introduction
Source: Swiss Unix Users Group Conference 2004
Added: 14 January 2007
Tags: suug, presentation, pf, altq, max laier
Video/MPEG (94 Mb), Slides (1 Mb), Audio/MP3 (22 Mb)
The talk will introduce packet filter (pf) - a *BSD
firewall system - and summarize its history and
projected future. After providing a short overview
of pf's general functionality and some firewall
basics, it will concentrate on packet filter's
advanced feature-set from the administrator's point
of view. The talk will also cover the integration
of ALTQ, a mature framework for traffic shaping and
priorization. Finally it will provide a short
overview of the "Common Address Redundancy Protocol"
(CARP) and its integration in pf.
Poul-Henning Kamp - Old mistakes repeated (but you do get the source code now)
Source: Swiss Unix Users Group Conference 2004
Added: 14 January 2007
Tags: suug, presentation, unix, mistakes, poul-henning kamp
Slides (65 Kb)
UNIX is the best operating system ever designed so
everybody is running UNIX on their computer, right
? This presentation takes a partisan looks a why
UNIX never became a big success in the eighties,
failed to win the market in the nineties, and still
struggles in the market in the new millenium.
Poul-Henning will take a critical look at the
mistakes of the past and the mistakes of the present
and try to make it really clear what needs to happen
for UNIX to become a real success.
The presentation I gave at SUCON 04
(115 Kb)
Source: Andre Opperman
Added: 14 January 2007
Tags: sucon, presentation, freebsd, networking, andre opperman
The presentation I gave at SUCON 04 on 2nd September
2004 about enhancements/changes in FreeBSD 5.3
Networking Stack.
What's your biggest Time Management problem?
Source: New York City *BSD User Group
Added: 13 March 2009
Tags: nycbug, presentation, time management, tom limoncelli
MP3 version (11 Mb)
What's your biggest Time Management problem?
Tom Limoncelli is a FreeBSD user and the author of
the O'Reilly book,"Time Management for System
Administrators". He`ll be giving a brief presentation
with highlights from his book then will take questions
from the audience. Whether you are a system
administrator, a developer (or even a Linux user)
this presentation will help you with something more
precious a quad-processor AMD box.
Postfix Performance Tuning
Source: New York City *BSD User Group
Added: 21 February 2009
Tags: nycbug, presentation, postfix, john mashey
MP3 version (11 Mb)
Money can buy you bandwidth, but latency is forever!
John Mashey, MIPS
Victor will cover an array of issues connected to
Postfix performance tuning, including:
- Latency, concurrency and throughput
- Postfix input processing
- Queue file format rationale
- Input processing bottlenecks
- Pre-queue filters, milters, content filters
- Tuning for fast (enough) input
- Postfix on-disk queues, requirements and architecture
- What is a "transport"?
- Postfix "nqmgr" scheduler algorithm
- Per-destination in memory queues
- Per-destination scheduler controls
- SMTP delivery
- Understanding delay logging
- Transport process limits, concurrency limits
- Scaling to thousands of output processes
- Connection caching, TLS session caching, feedback controls
Speaker Bio
Victor Duchovni trained in mathematics, switched
tracks to CS in 1980s leaving Princeton with a
master`s degree in mathematics and newly acquired
skills in Unix system administration and system
programming. In 1990 moved to Lehman Brothers,
worked on system management tooling, and network
engineering. Ported "Moira" from MIT to Lehman,
built efficient build systems that predated (and
partly inspired) Jumpstart. In 1994 joined ESM to
market "CMDB" tools to enterprise users, but this
did not pan out, in the mean time learned Tcl, and
contributed bunch of patches to the 7.x early 8.x
TCL releases. In 1997 returned to New York, working
in IT Security at Morgan Stanley since late 1999.
At Morgan Stanley, developed a hobby in perimeter
email security, becoming an active Postfix user and
very soon contributor in May of 2001. In addition
to many smaller feature improvements, contributed
initial implementation of SMTP connection caching,
overhauled and currently maintain LDAP and TLS
support. Made significant design contributions to
queue manager in collaboration with Wietse and
Patrik Raq. In 2.6 contributing support for TLS EC
ciphers and multi-instance management tooling,
ideally also TLS SNI if time permits.
Introduction to Puppet
Source: New York City *BSD User Group
Added: 19 January 2009
Tags: nycbug, presentation, puppet, larry ludwig
MP3 version (11 Mb)
What it is and how can it make system administration
less painful
About the speaker:
Larry Ludwig - Principal Consultant/Founder of
Empowering Media. Empowering Media is a consulting
firm and managed hosting provider. Larry Ludwig
has been in the industry for over 15 years as a
system administration and system programmer. He`s
had previous experience working for many Fortune
500 corporations and holds a BS in CS from Clemson
University. Larry, along with Eric E. Moore and
Brian Gupta are founding members of the NYC Puppet
usergroup.
Hardware Performance Monitoring Counters
Source: New York City *BSD User Group
Added: 16 November 2008
Tags: nycbug, presentation, george neville-neil, counters
MP3 version (4 Mb)
Many modern CPUs provide on chip counters for
performance events such as retiring instructions
and cache misses. The hwpmc driver and libraries
in FreeBSD give systems administrators and programmers
access to APIs which make it possible to measure
performance without modifying source code and with
minimal intrusion into application execution. This
talk will be a brief introduction to HWPMC, and how
to use it.
Bio: George Neville-Neil is the co-author with Kirk
McKusick of The Design and Implementation of the
FreeBSD Operating System. He works on networking
an operating systems for fun and profit.
New York City BSD Con 2008: BSD v. GPL - a.k.a. not the sequel to "BSD is Dying"
Source: New York City *BSD User Group
Added: 14 October 2008
Tags: nycbsdcon, nycbsdcon2008, presentation, humor, bsd versus gpl, jason dixon
MP4 (15 Mb)
BSD vs GPL is a sweeping epic, focused on the
dichotomy between good and evil. It peers inside
the hearts and minds of the creators of these
movements and dissects their battle for world
domination. No common documentary will dare to
follow the path that BSD vs GPL blazes.
New York City BSD Con 2008
Source: New York City *BSD User Group
Added: 24 November 2008
Tags: nycbsdcon2008, nycbsdcon, presentation
Julio M. Merino Vidal: An introduction to the Automated Testing Framework (ATF) for NetBSD. (570 Kb, 18 pages), Mike Silbersack: Detecting TCP regressions with tcpdiff. (88 Kb, 28 pages), Metthew Dillon: The HAMMER File System. (820 Kb, 16 pages), Kurt Miller: OpenBSD's Position Independent Executables (PIE) Implementation. (21 pages), Adrian Chadd: High-throughput concurrent disk IO in FreeBSD. (197 Kb, 92 pages), Anders Magnusson: Design and Implementation of the Portable C Compiler. (123 Kb, 29 pages), Jason L Wright: When Hardware Is Wrong, or "They can Fix It In Software". (1.7 Mb, 22 pages)
Slides of presentations given at New York City BSD
Conference 2008.
New York City BSD Con 2008
Source: New York City *BSD User Group
Added: 13 October 2008
Tags: nycbsdcon2008, nycbsdcon, presentation
Jeremy C. Reed: Introduction to DNSSEC. (15 Mb), Michael Lucas: Network Refactoring, or doing an oil change at 80 MPH. (10 Mb), Anders Magnusson: Design and Implementation of the Portable C Compiler. (15 Mb), Jason Dixon: BSD versus GPL. (4 Mb), Kurt Miller: OpenBSD's Position Independent Executables (PIE) Implementation. (10 Mb), Metthew Dillon: The HAMMER File System. (14 Mb), Pawel Jakub Dawidek: A closer look at the ZFS file system. (16 Mb), Jason L Wright: When Hardware Is Wrong, or "They can Fix It In Software". (9 Mb), Michael Shalayeff: Porting PCC. (11 Mb), Adrian Chadd: High-throughput concurrent disk IO in FreeBSD. (14 Mb), Mike Silbersack: Detecting TCP regressions with tcpdiff. (11 Mb), Julio M. Merino Vidal: An introduction to the Automated Testing Framework (ATF) for NetBSD. (10 Mb)
Audio recordings of presentations given at New York
City BSD Conference 2008. Courtesy of nikolai at
fetissov.org. The main page also has links to the
slides.
Public Key sudo
Source: New York City *BSD User Group
Added: 19 August 2008
Tags: nycbug, presentation, sudo, public key, matthew burnside
MP3 version (2 Mb)
Two tools which have become the norm in Linux- and
Unix-based environments are SSH for secure
communications, and sudo for performing administrative
tasks. These are independent programs with substantially
different purposes, but they are often used in
conjunction. In this talk, I describe a flaw in
their interaction, and then present our solution
called public-key sudo.
Public-key sudo is an extension to the sudo
authentication mechanism which allows for public
key authentication using the SSH public key framework.
I describe our implementation of a generic SSH
authentication module and the sudo modifications
required to use this module.
Bio:
Matthew Burnside is a Ph.D. student in the Computer
Science department at Columbia University, in New
York. He works for Professor Angelos Keromytis in
the Network Security Lab. He received his B.A and
M.Eng from MIT in 2000, and 2002, respectively. His
research interests are in network anonymity, trust
management, and enterprise-scale policy enforcement.
Configuration Management with Cfengine
Source: New York City *BSD User Group
Added: 03 July 2008
Tags: nycbug, presentation, configuration management, cfengine
MP3 version (6 Mb, 58 minutes)
Configuration Management with Cfengine
Cfengine is a policy-based configuration management
system. Its primary function is to provide automated
configuration and maintenance of computers, from a
policy specification.
The cfengine project was started in 1993 as a
reaction to the complexity and non-portability of
shell scripting for Unix configuration management,
and continues today. The aim was to absorb frequently
used coding paradigms into a declarative, domain-specific
language that would offer self-documenting
configuration.
about the speaker:
Steven Kreuzer has been working with Open Source
technologies since as long as he can remember,
starting out with a 486 salvaged from a dumpster
behind his neighborhood computer store. In his spare
time he enjoys doing things with technology that
have absolutely no redeeming social value.
Managing OpenBSD Environments
Source: New York City *BSD User Group
Added: 12 May 2008
Tags: nycbug, presentation, openbsd, system management
MP3 version (11 Mb, 103 minutes)
This talk is the result of an after-meeting discussion
with a few folks, when it became apparent that there
is some confusion as to how to deal with OpenBSD
in small and large environments. The topic of
installation and upgrading came up again. This talk
is aimed to hopefully dispel many of the rumors,
provide a thorough description and walk through of
the various stages of running OpenBSD in any size
environment, and some of the features and tools at
the administrator`s disposal.
Okan Demirmen has been working with UNIX-like systems
for as long as he can remember and has found OpenBSD
to match some of the same philosophies in which he
believes, namely simplicity and correctness, and
reap the benefits of such.
Building a High-Performance Computing Cluster Using FreeBSD
Source: New York City *BSD User Group
Added: 22 March 2008
Tags: nycbug, presentation, high performance computing, freebsd, brooks davis
MP3 version (9 Mb, 80 minutes)
Special NYC*BUG meeting with FreeBSD developer Brooks Davis
Since late 2000 we have developed and maintained a
general purpose technical and scientific computing
cluster running the FreeBSD operating system. In
that time we have grown from a cluster of 8 dual
Intel Pentium III systems to our current mix of 64
dual, quad-core Intel Xeon and 289 dual AMD Opteron
systems.
In this talk we reflect on the system architecture
as documented in our BSDCon 2003 paper "Building a
High-performance Computing Cluster Using FreeBSD"
and our changes since that time. After a brief
overview of the current cluster we revisit the
architectural decisions in that paper and reflect
on their long term success. We then discuss lessons
learned in the process. Finally, we conclude with
thoughts on future cluster expansion and designs.
Bio
Brooks Davis is an Engineering Specialist in the
High Performance Computing Section of the Computer
Systems Research Department at The Aerospace
Corporation. He has been a FreeBSD user since 1994,
a FreeBSD committer since 2001, and a core team
member since 2006. He earned a Bachelors Degree in
Computer Science from Harvey Mudd College in 1998.
His computing interests include high performance
computing, networking, security, mobility, and, of
course, finding ways to use FreeBSD in all these
areas. When not computing, he enjoys reading,
cooking, brewing and pounding on red-hot iron in
his garage blacksmith shop.
User Interfaces and How People Think
Source: New York City *BSD User Group
Added: 10 March 2008
Tags: nycbug, presentation, user interfaces
Slides (2.7 Mb, 24 pages), MP3 version (9 Mb, 78 minutes)
"User Interfaces and How People Think" will introduce
concepts of designing software for different users
by observing how they think about and do what they
do. While much of design today focuses on the
front-end of computer systems, there is opportunity
to innovate in every area where a human interacts
with software.
Bio:
Jeffery Mau is a user experience designer with the
leading business and technology consulting firm
Sapient. He has helped clients create great customer
experiences in the financial services, education,
entertainment and telecommunications industries.
With a passion for connecting people with technology,
Jeff specializes in Information Architecture and
Business Strategy. Jeff holds a Masters in Design
from the IIT Institute of Design in Chicago, Illinois.
Open Meeting on OpenSSH
Source: New York City *BSD User Group
Added: 19 February 2008
Tags: nycbug, presentation, openssh
MP3 version (7 Mb, 63 minutes)
Open Meeting on OpenSSH
Febrary's NYCBUG meeting is a broad look at OpenSSH,
the de facto method for remote administration and
more. OpenSSH celebrated its 8th anniversary this
past September, and we thought this would be a great
opportunity to discuss OpenSSH, and for others to
contribute their hacks and interesting applications.
SSARES
Source: New York City *BSD User Group
Added: 11 January 2008
Tags: nycbug, presentation, ipv6, gene cronk
Paper (443 Kb, 10 pages), MP3 version (7 Mb, 67 minutes)
SSARES: Secure Searchable Automated Remote Email
Storage - A usable, secure email system on a remote
untrusted server
The increasing centralization of networked services
places user data at considerable risk. For example,
many users store email on remote servers rather
than on their local disk. Doing so allows users to
gain the benefit of regular backups and remote
access, but it also places a great deal of unwarranted
trust in the server. Since most email is stored in
plaintext, a compromise of the server implies the
loss of confidentiality and integrity of the email
stored therein. Although users could employ an
end-to-end encryption scheme (e.g., PGP), such
measures are not widely adopted, require action on
the sender side, only provide partial protection
(the email headers remain in the clear), and prevent
the users from performing some common operations,
such as server-side search.
To address this problem, we present Secure Searchable
Automated Remote Email Storage (SSARES), a novel
system that offers a practical approach to both
securing remotely stored email and allowing
privacy-preserving search of that email collection.
Our solution encrypts email (the headers, body, and
attachments) as it arrives on the server using
public-key encryption. SSARES uses a combination
of Identity Based Encryption and Bloom Filters to
create a searchable index. This index reveals little
information about search keywords and queries, even
against adversaries that compromise the server.
SSARES remains largely transparent to both the
sender and recipient. However, the system also
incurs significant costs, primarily in terms of
expanded storage requirements. We view our work as
a starting point toward creating privacy-friendly
hosted services.
Angelos Keromytis is an Associate Professor with
the Department of Computer Science at Columbia
University, and director of the Network Security
Laboratory. He received his B.Sc. in Computer Science
from the University of Crete, Greece, and his M.Sc.
and Ph.D. from the Computer and Information Science
(CIS) Department, University of Pennsylvania. He
is the author and co-author of more than 100 papers
on refereed conferences and journals, and has served
on over 40 conference program committees. He is an
associate editor of the ACM Transactions on Information
and Systems Security (TISSEC). He recently co-authored
a book on using graphics cards for security, and
is a co-founder of StackSafe Inc. His current
research interests revolve around systems and network
security, and cryptography.
Gene Cronk on Implementing IPv6
Source: New York City *BSD User Group
Added: 06 October 2007
Tags: nycbug, presentation, ipv6, gene cronk
MP3 version (14Mb, 60 minutes)
This talk will be on some of the basics of IPv6
including addressing, subnetting, and tools to test
connectivity. There will be a lab (network permitting),
and setups for an as of yet undisclosed flavor of
BSD as well as some of the well known daemons (Apache
2, SSHD) will be demonstrated. Setting up a BSD OS
as an IPv6 router and tunneling system will also
be covered.
Bio
Gene Cronk, CISSP-ISSAP, NSA-IAM is a freelance
network security consultant, specializing in *NIX
solutions. He has been working with computers for
well over 20 years, electronics for over 15, and
IPv6 specifically for 4 years. He has given talks
on IPv6 and a multitude of other topics at DefCon,
ShmooCon and other "underground" venues.
Gene is from Jacksonville, FL. When not involved
in matters concerning IPv6, he can be found gaming
(Anarchy Online), helping out with the Jacksonville Linux
User`s Group, being one of the benevolent
dictators of the Hacker Pimps
Security Think Tank, or fixing up his house.
Using Cryptography to Improve Web Application Performance and Security
Source: New York City *BSD User Group
Added: 12 September 2007
Tags: nycbug, presentation, cryptography, nick galbreath
MP3 version (18Mb)
Cryptography has a reputation of slowing down
applications. However if done correctly, it can
actually be used to improve performance by storing
high-value/high-cost results "in public." In addition
the same techniques can solve common security
problems such as authorization, parameter scanning,
and parameter rewriting.
All are welcome - no previous experience with
cryptography is required, and the techniques will
be presented in a programming-language neutral
format.
Nick Galbreath have been working on high performance
servers and web security at various high profile
startups since 1994 (most recently Right Media).
He holds a Master degree of Mathematics from Boston
University, and published a book on cryptography.
He currently lives in the Lower East Side.
Marc Spitzer on Nagios
Source: New York City *BSD User Group
Added: 01 August 2007
Tags: nycbug, presentation, nagios, marc spitzer
MP3 version (19Mb)
Nagios is a platform for monitoring services and
the hosts they reside on. It provides a reasonable
tool for monitoring your network and you can not
beat the price.
We plan on covering the following topics:
- what it is
- how it works
- where to get it
- how to install it
- how to configure it
- how to customize it for your environment
- where the data is stored
- how to write a basic plug-in
About the Speaker
Marc Spitzer started as a VAX/VMS operator who
taught himself some basic scripting in DCL to help
me remember how to do procedures that did not come
up enough to actually remember all the steps, this
was in 1990. Since then he has worked with HPUX,
Solaris, Windows, Linux, and the BSDs, FreeBSD being
his favorite. He has held a variety of positions,
admin and engineering, where he has been able to
introduce BSD into his work place. He currently
works for Columbia University as a Systems
Administrator.
He is a founding member of NYCBUG and LispNYC and
on the board of UNIGroup.
Most of his career has been building tools to solve
operational problems, with extra effort going to
the ones that irritated him personally. He takes a
great deal of pride in not needing a budget to solve
most problems.
Isaac `Ike` Levy on the Real Unix Tradition
Source: New York City *BSD User Group
Added: 08 July 2007
Tags: nycbug, presentation, unix tradition, isaac levy
MP3 version (10Mb)
"The Real Unix Tradition"
UNIX hackers, all standing on the shoulders of giants.
"...the number of UNIX installations has grown to
10, with more expected..." - Dennis Ritchie and Ken
Thompson, June 1972
"Well, it was all Open Source, before anybody really
called it that". - Brian Redman, 2003
UNIX is the oldest active and growing computing
culture alive today. From it`s humble roots in the
back room at Bell Laboratories, to today`s global
internet infrastructure- UNIX has consistently been
at the core of major advances in computing. Today,
the BSD legacy is the most direct continuation of
the most successful principles in UNIX, and continues
to lead major advances in computing.
Why? What`s so great about UNIX?
This lecture aims to prove that UNIX history is
surprisingly useful (and fun)- for developers,
sysadmins, and anyone working with BSD systems.
About the speaker
Isaac Levy, (ike) is a freelance BSD hadker based
in NYC. He runs Diversaform Inc. as an engine to
make his hacking feed itself, (and ike). Diversaform
specializes in *BSD based solutions, providing `IT
special weapons and tatics` for various sized
business clients, as well as running a small
high-availability datacenter operation from lower
Manhattan. With regard to FreeBSD jail(8), ike was
a partner in the first jail (8)-based web hosting
ISP in America, iMeme, and has been developing
internet applications in and out of jails since
1999. Isaac is a proud member of NYC*BUG (the New
York City *BSD Users Group), and a long time member
of LESMUUG, (the Lower East Side Mac Unix Users
Group).
Steven Kreuzer on Denial of Service Mitigation Techniques
Source: New York City *BSD User Group
Added: 08 June 2007
Tags: nycbug, presentation, denialofservice, steven kreuzer
MP3 version (10Mb)
Protecting your servers, workstations and networks
can only go so far. Attacks which consume your
available Internet-facing bandwidth, or overpower
your CPU, can still take you offline. His presentation
will discuss techniques for mitigating the effects
of such attacks on servers designed to provide
network intensive services such as HTTP or routing.
About the speaker
Steven Kreuzer is currently employed by Right Media
as a Systems Administrator focusing on building and
managing high transaction infrastructures around
the globe. He has been working with Open Source
technologies since as long as he can remember,
starting out with a 486 salvaged from a dumpster
behind his neighborhood computer store. In his spare
time he enjoys doing things with technology that
have absolutely no redeeming social value.
Amitai Schlair on pkgsrcCon.
Source: New York City *BSD User Group
Added: 04 May 2007
Tags: nycbug, presentation, pkgsrccon, netbsd, amitai schlair
MP3 version (21Mb)
The fourth annual pkgsrcCon is
April 27-29 in Barcelona. As might be expected when
brains congregate, pkgsrcCon traditionally results
in a flurry of activity toward new directions and
initiatives. Mere hours after returning to New
York, Amitai will give us a recap of the
proceedings, including his presentation,
"Packaging djbware."
Amitai Schlair
is a pkgsrc developer who has worked in such diverse
areas as Mac OS X platform support and packages of
software by Dan Bernstein. His full-time undergraduate
studies at Columbia are another contributing factor
to his impending insanity. He consults in software
and IT.
Ray Lai: on OpenCVS
Source: New York City *BSD User Group
Added: 06 April 2007
Tags: nycbug, presentation, cvs, openbsd, ray lai
MP3 version
This presentation was inspired by the recent
Subversion presentation. It will talk about the
origins of OpenRCS and OpenCVS, its real-world usage
in the OpenBSD project, and why OpenBSD will continue
to use CVS.
Ray is an OpenBSD developer who uses Subversion by
day, CVS by night. Taking the phrase "complexity
is the enemy of security" to heart, he believes
that the beauty of UNIX`s security is in its
simplicity.
Matthew Burnside: Integrated Enterprise Security Mgmt
Source: New York City *BSD User Group
Added: 09 March 2007
Tags: mp3, presentation, enterprise security, matthew burnside
MP3 version
Integrated Enterprise Security Management
Security policies are a key component in protecting
enterprise networks. But, while there are many
diverse defensive options available, current models
and mechanisms for mechanically-enforced security
policies are limited to traditional admission-based
access control. Defensive capabilities include among
others logging, firewalls, honeypots, rollback/recovery,
and intrusion detection systems, while policy
enforcement is essentially limited to one-off access
control. Furthermore, access-control mechanisms
operate independently on each service, which can
(and often does) lead to inconsistent or incorrect
application of the intended system-wide policy. We
propose a new scheme for global security policies.
Every policy decision is made with near-global
knowledge, and re-evaluated as global knowledge
changes. Using a variety of actuators, we make the
full array of defensive capabilities available to
the global policy. Our goal is a coherent,
enterprise-wide response to any network threat.
Biography
Matthew Burnside is a Ph.D. student in the Computer
Science department at Columbia University, in New
York. He works for Professor Angelos Keromytis in
the Network Security Lab. He received his B.A and
M.Eng from MIT in 2000, and 2002, respectively. His
main research interests are in computer security,
trust management, and network anonymity.
Ivan Ivanov on The Version Control System Subversion
Source: New York City *BSD User Group
Added: 09 February 2007
Tags: nycbug, presentation, subversion, ivan ivanov
MP3 version
The presentation will discuss Subversion from both
client and server points of view. It will show how
to create repositories and how to make them accessible
over the network using different access schemes
like http://, file:// or svn://. Pointers are given
on securing the repositories and on authenticating
and authorizing the clients. Next, the presentation
shows how an user interacts with the repository and
describes some of the important Subversion client
commands. Finally, it deals with administrating
the repository using "hook scripts".
Ivan Ivanov is generally interested in Version
Control Systems since his student years in Sofia
University, Bulgaria, where he set up and maintained
a CVS server for an academic project. When Subversion
became a fact and proved to be "a better CVS" he
researched it and last year deployed it for his
NYC-based employer Ariel Partners
(http://www.arielpartners.com/). He intergrated the
Subversion repositories with Apache Web Server over
https to enable a reliable and secure way to access
them from any point.
Okan Demirmen on PF
Source: New York City *BSD User Group
Added: 07 January 2007
Tags: nycbug, presentation, openbsd, pf, okan demirmen
MP3 version
We have had lots of meetings that have peripherally
discussed OpenBSD`s wildly popular PF firewall...
but finally we will have a meeting focused on it.
New York City BSD Con 2006: BSD is Dying - A Cautionary Tale of Sex and Greed
Source: New York City *BSD User Group
Added: 02 November 2006
Tags: nycbug, presentation, humor, bsd is dying, jason dixon
MP4 (31Mb), QuickTime (19Mb), iPod (36Mb)
BSD is Dying
A Cautionary Tale of Sex and Greed
Jason Dixon
October 28, 2006
First and foremost, I would like to thank the unique
presentation styles of Dick Hardt and Lawrence
Lessig for inspiring me to create this presentation.
The following videos were created by exporting the
original Keynote presentation slides into QuickTime
video, then manually synchronizing them using iMovie
HD with the audio recordings captured by Nikolai
Fetissov. They were then exported into QuickTime,
mpeg4 (H.264/AAC), and iPod movie formats. If you
are having difficulties with the MP4 copy, and are
unable to view QuickTime movies, please contact me
and I'll try to assist.
New York City BSD Con 2006
Source: New York City *BSD User Group
Added: 01 November 2006
Tags: nycbug, nycbsdcon, nycbsdcon2006, presentation
Russell Sutherland: BSD on the Edge of the Enterprise. (12 Mb), Bob Beck: spamd - spam deferral daemon. (16 Mb), Bjorn Nelson: A Build System for FreeBSD (9 Mb), Jason Dixon: BSD Is Dying. (5 Mb), Kristaps Johnson: BSD Virtualisation with sysjail. (15 Mb), Bob Beck: PF, it is not just for firewalls anymore. (15 Mb), Jason Wright: OpenBSD on sparc64. (9 Mb), Brian A. Seklecki: A Framework for NetBSD Network Appliances. (10 Mb), Johnny C. Lam: The "hidden dependency" problem. (13 Mb), Corey Benninger: Security with Ruby on Rails in BSD (14 Mb), Wietse Venema: Postfix as a Secure Programming Example. (16 Mb), Marco Peereboom: Bio & Sensors in OpenBSD. (11 Mb)
Audio recordings of presentations given at New York
City BSD Conference 2006. Courtesy of nikolai at
fetissov.org. The main page also has links to the
slides.
Isaac `Ike` Levy on m0n0wall and PFSense
(9 Mb)
Source: New York City *BSD User Group
Added: 09 September 2006
Tags: nycbug, presentation, monowall, pfsense, isaac levy
UNIX professionals are busy these days. Setting up
routers and firewalls are fundamental to any network,
but in environments where the focus is on various
applications, (servers, workstations, and the
software that runs on them), it`s difficult for a
business not to choose off-the-shelf SOHO routers
and networking gear. The web management gui`s are
understandable by everyone, (even techs without
UNIX knowledge), and the gear is cheap - this saves
time and money.
In the meantime, the features of your average Linksys
or Netgear router often leave MUCH to be desired,
(https auth management, for one simple example).
Enter m0n0wall and PFSense, 2 BSD based packaged
router/firewall solutions that are as solid and
full featured as you`d expect from any BSD system-
PLUS THEY HAVE HTML WEB INTERFACES FOR MANAGEMENT!
m0n0wall and PFSense become an easy sell in any
small professional enviornment, any competent tech
can manage the network within minutes... At home,
in every hackers home network, they free the hacker
to have trusted tools available, but are as time-saving
as using any Linksys router.
m0n0wall and PFSense are both light and clean,
designed to run on embedded systems- (Soekris,
WRAP), but are monsters when unleashed on even
legacy PC`s around the office. If you manage UNIX
networks and systems all day, do you really want
to manage the router for your DSL when you get home?
But then doesn`t it bug you to use a chincey Linksys
box?
Ike has been a member of NYC*BUG since we first
launched in January 2004. He is a long-time member
of the Lower East Side Mac Unix User Group. He has
spoken frequently on a number of topics at various
venues, particularly on the issue of FreeBSD`s jail
(8).
Alfred Perlstein on Sendmail Hacks
(11 Mb)
Source: New York City *BSD User Group
Added: 07 August 2006
Tags: nycbug, presentation, sendmail, alfred perlstein
Alfred will discuss the hacks used to turn Sendmail
into a high performance solution for delivering
millions of messages to OKCupid`s subscribers.
Topics covered will be system tuning and sendmail
hacks used in house to achieve massive throughput.
Alfred Perlstein is the CTO of OKcupid.com, the
largest free online dating site. He has been a
FreeBSD hacker for five years, he`s worked on NFS,
VFS, pthreads, networking and general system
maintenance during his tenure on both FreeBSD and
OS X kernels.
Nate Lawson on ACPI
(245 Mb)
Source: Bay Area FreeBSD Users Group
Added: 09 September 2006
Tags: bafug, presentation, freebsd, acpi, nate lawson
Our Topic:
FreeBSD's ACPI implementation: The details.
Our Speaker:
Nate Lawson, FreeBSD Committer.
Our Topic:
FreeBSD's ACPI implementation is based on code for ACPI released
by Intel. Nate and others wrote the glue code to make this code
work on FreeBSD. He explains how this was done, and why.
Network Protocol Development Tools and Techniques for FreeBSD
(211 Mb)
Source: Bay Area FreeBSD Users Group
Added: 10 August 2006
Tags: bafug, presentation, freebsd, packet construction set, george neville-neil
Our Topic:
Network Protocol Development Tools and Techniques for FreeBSD
Our Speaker:
George Neville-Neil, co-author of the "Design and
Implementation of the FreeBSD Operating System"
"daemon" book.
Our Topic:
While computers have gotten faster and more powerful
the tools we use to develop network protocols, such
as TCP, UDP, IPv4 and IPv6 have not. Most network
protocols are developed, in C, in the kernel, and
require a lot of work to test. Over the past year
or so I have been working with virtual machines, a
couple of pieces of open source software, and begun
developing a library for use in protocol testing.
This talk will cover three topics:
- Developing and testing kernel code with Virtual Machines
- Finding good tests for networking code
- Packet Construction Set (PCS) a new library for
writing protocol tests
Tim Kientzler on developing libarchive and tar
Source: Bay Area FreeBSD Users Group
Added: 13 July 2006
Tags: bafug, presentation, libarchive, tim kientzler
Part 2 (125 Mb), Part 1 (50 Mb), Part 3 (30 Mb)
libarchive..........Tim Kientzler on developing
libarchive and tar.
Manuel Trujillo - FreeBSD para usuarios de GNU/Linux
(32 Kb)
Source: BSDCon Spain
Added: 27 May 2008
Tags: bsdcon-barcelona, spanish, presentation, freebsd, linux, manuel trujillo
Charla sobre las diferencias que puede encontrar un usuario
de un sistema operativo GNU/Linux cuando accede a un sistema
operativo FreeBSD, y sugerencias superar la posible
desorientación.
Jordi Prats - Uso de OpenBSD en dispositivos empotrados
(1.8 Mb, 44 pages)
Source: BSDCon Spain
Added: 27 May 2008
Tags: bsdcon-barcelona, spanish, presentation, openbsd, embedded, jordi prats
Los sistemas empotrados gracias a un menor consumo
energético y unas dimensiones reducidas, a costa
de ciertas limitaciones del hardware, permiten su uso
en multitud de entornos. En esta presentación
veremos como usarlos con OpenBSD y sus posibles aplicaciones.
Jesús Rodriguez - SIP y VozIP con FreeBSD
(527 Kb, 40 pages)
Source: BSDCon Spain
Added: 27 May 2008
Tags: bsdcon-barcelona, spanish, presentation, asterisk, openser, freebsd, sip, voip, jesus rodriguez
Repaso a las diferentes aplicaciones y servicios
relacionados con SIP y VozIP que pueden usarse en
FreeBSD. Entre estas apliaciones destacan OpenSER y
Asterisk, ya que usados de forma conjunta pueden ofrecer
una larga lista de servicios de forma rápida,
segura y escalable.
Jordi Espasa Clofent - Sistema de cortafuegos redundantes con OpenBSD y Packet Filter en modo bridge
(1 Mb)
Source: BSDCon Spain
Added: 27 May 2008
Tags: bsdcon-barcelona, spanish, presentation, openbsd, firewall, pf, jordi espasa clofent
Se trataran los siguientes apartados: Porqué OpenBSD
y porqué PF. Eligiendo un buen hardware para el
cortafuegos. Redundancia en modo bridge: RSTP.
Implementación en si.
Julio M. Merino Vidal - ATF: Sistema de pruebas automatizado para NetBSD
(234 Kb)
Source: BSDCon Spain
Added: 27 May 2008
Tags: bsdcon-barcelona, spanish, presentation, atf, netbsd, julio m merino vidal
La presentación empezará describiendo la
necesidad de poder probar automáticamente la
validez del código del sistema operativo NetBSD
para así saber que se comporta correctamente en
cualquiera de las plataformas soportadas. Luego se
explicará cómo se estructura ATF, cómo
se integra con NetBSD y se daran ejemplos prácticos
de su uso tanto como programador o usuario.
ATF es un proyecto autocontenido que funciona en multitud
de plataformas (y no sólo BSD). Aún así,
está centrado en NetBSD y las pruebas automatizadas
para este sistema son específicas de él, no
del proyecto ATF en sí.
Robert Watson - How a large scale opensource project works
(81 Mb, 45 minutes)
Source: Free and Open Source Software Developers' European Meeting
Added: 27 May 2008
Tags: fosdem, fosdem2008, presentation, freebsd project, robert watson
The FreeBSD Project is one of the oldest and most
successful open source operating system projects,
seeing wide deployment across the IT industry. From
the root name servers, to top tier ISPs, to core
router operating systems, to firewalls, to embedded
appliances, you can't use a networked computer for
ten minutes without using FreeBSD dozens of times.
Part of FreeBSD's reputation for quality and
reliability comes from the nature of its development
organization -- driven by a hundreds of highly
skilled volunteers, from high school students to
university professors. And unlike most open source
projects, the FreeBSD Project has developers who
have been working on the same source base for over
twenty years.
But how does this organization work? Who pays the
bandwidth bills, runs the web servers, writes the
documentation, writes the code, and calls the shots?
And how can developers in a dozen time zones reach
agreement on the time of day, let alone a kernel
architecture?
This presentation will attempt to provide, in 45
minutes, a brief if entertaining snapshot into what
makes FreeBSD run.
COMPLETE Hard Disk Encryption with FreeBSD
Source: 22nd Chaos Communication Congress
Added: 23 August 2006
Tags: ccc, ccc2005, ccc22, presentation, freebsd, harddisk encryption, marc schiesser
Google Video (1:06:07), Slides (679Kb), Bittorrent link (37Kb)
COMPLETE Hard Disk Encryption with FreeBSD, by Marc Schiesser
Learn how to effectively protect not only your data
but also your applications.
Most technologies and techniques intended for
securing digital data focus on protection while the
machine is turned on mostly by defending against
remote attacks. An attacker with physical access
to the machine, however, can easily circumvent these
defenses by reading out the contents of the storage
medium on a different, fully accessible system or
even compromise program code on it in order to leak
encrypted information. Especially for mobile users,
that threat is real. And for those carrying around
sensitive data, the risk is most likely high. This
talk will introduce a method of mitigating that
particular risk by protecting not only the data
through encryption, but also the applications and
the operating system from being compromised while
the machine is turned off.
FreeBSD Security Officer funktionen
(210 Kb)
Source: BSD UNIX bruger gruppe i Danmark
Added: 15 January 2007
Tags: aauug, presentation, danish, freebsd, security officer, simon l nielsen
"FreeBSD Security Officer funktionen" at the BSD-DK,
26 August 2006 by Simon L. Nielsen (FreeBSD Deputy
Security Officer)
Google Tech Talks June 20, 2007: How the FreeBSD Project Works
Source: Google Tech Talks
Added: 04 July 2007
Tags: google, presentation, freebsd, freebsd project, robert watson
AVI (321 Mb, 51 minutes)
The FreeBSD Project is one of the oldest and most
successful open source operating system ... all
projects, seeing wide deployment across the IT
industry. From the root name servers, to top tier
ISPs, to core router operating systems, to firewalls,
to embedded appliances, you can't use a networked
computer for ten minutes without using FreeBSD
dozens of times. Part of FreeBSD's reputation for
quality and reliability comes from the nature of
its development organization--driven by a hundreds
of highly skilled volunteers, from high school
students to university professors. And unlike most
open source projects, the FreeBSD Project has
developers who have been working on the same source
base for over twenty years. But how does this
organization work? Who pays the bandwidth bills,
runs the web servers, writes the documentation,
writes the code, and calls the shots? And how can
developers in a dozen time zones reach agreement
on the time of day, let alone a kernel architecture?
This presentation will attempt to provide, in 45
minutes, a brief if entertaining snapshot into
what makes FreeBSD run.
Speaker: Robert Watson Robert Watson is a researcher
at the University of Cambridge Computer Laboratory
investinging operating system and network security.
Prior to joining the Computer Laboratory to work
on a PhD, he was a Senior Principal Scientist at
McAfee Research, now SPARTA ISSO, a leading security
research and development organization, where he
directed government and commercial research contracts
for customers that include DARPA, the US Navy, and
Apple Computer. His research interests include
operating system security, network stack structure
and performance, and windowing system structure.
He is also a member of the FreeBSD Core Team and
president of the FreeBSD Foundation.
Releaseparty, the Varnish HTTP accelerator
Source: Norwegian Unix Users Group
Added: 03 October 2006
Tags: nuug, presentation, varnish, poul-henning kamp
MP3 version (47.8 Mb), Video version (230 Mb)
VG sponsored the creation of a web-accellerator
called "Varnish" because Squid was too slow for
them. Varnish is being developed by Poul-Henning
Kamp and the Norwegian Linux consultancy Linpro.
This is the releaseparty for version 1.0.
The first half of the talk will introduce Varnish
and present some of the novel features it brings
to the business of web-serving.
The second half of the talk, using Varnish as the
example, will show ways to get the most performance
out of modern hardware and operating systems.
(The English text starts at about 5 minutes in the stream)
OpenFest 2005 Videos
Source: OpenFest
Added: 27 March 2008
Tags: openfest, openfest2005, presentation
Offical Bulgarian FreeBSD Mirror - Dimiter Vasilev (411 Mb), Embedding BSD - Ivo Vachkov (345 Mb), Route and firewall redundancy using CARP and pfsync - Atanas Bachvarov (153 Mb), FreeBSD Jails - Deyan Dyankov (13 Mb), QoS etc with OpenBSD pf (501 Mb), DIY FreeBSD Port (326 Mb)
Various videos of OpenFest 2005 (Bulgarian)
Dimitri Vasileva - Visualizing Security Threats with Social Networking Software
Source: OpenFest
Added: 27 March 2008
Tags: openfest, openfest2007, presentation, freebsd, security, social networking, dimitri vasileva
AVI (331 Mb)
Dimitri Vasileva - Visualizing Security Threats with Social Networking Software (Bulgarian)
Shcheryana Shopova - SNMP monitoring
Source: OpenFest
Added: 27 March 2008
Tags: openfest, openfest2007, presentation, freebsd, snmp, monitoring, shcheryana shopova
AVI (271 Mb)
Shcheryana Shopova - SNMP monitoring (Bulgarian)
Willow Vachkov - FreeBSD and the new network and transport protocols (IPv6 and SCTP)
Source: OpenFest
Added: 27 March 2008
Tags: openfest, openfest2007, presentation, freebsd, ipv6, sctp, willow vanchkov
AVI (251 Mb)
Willow Vachkov - FreeBSD and the new network and transport protocols (IPv6 and SCTP) (Bulgarian)
Atanas Bchvarov - Packet Filtering in FreeBSD
Source: OpenFest
Added: 27 March 2008
Tags: openfest, openfest2007, presentation, freebsd, atanas bchvarov
AVI (186 Mb)
Atanas Bchvarov - Packet Filtering in FreeBSD (Bulgarian)
Nikolai Denev - FreeBSD goes Zettabyte
Source: OpenFest
Added: 27 March 2008
Tags: openfest, openfest2007, presentation, freebsd, zettabyte, nikolai denev
AVI (358 Mb)
Nikolai Denev - FreeBSD goes Zettabyte (Bulgarian)
Vasil Dimov - The FreeBSD ports collection - tips and tricks
Source: OpenFest
Added: 27 March 2008
Tags: openfest, openfest2007, presentation, freebsd, ports collection, vasil dimov
AVI (341 Mb)
Vasil Dimov - The FreeBSD ports collection - tips and tricks (Bulgarian)
FreeBSD ports Erwin Lansing
Source: OpenFest
Added: 15 January 2007
Tags: openfest, openfest2006, presentation, freebsd, port manager, erwin lansing
PDF (128 Kb)
Case study : managing a worldwide open source project: FreeBSD port manager
Ham Radio on FreeBSD
(23 pages)
Source: Ottawa Amateur Radio Club
Added: 19 February 2007
Tags: oarc, presentation, radio, diane bruce
Last month I attended a meeting of the Ottawa Amateur
Radio Club (OARC)
as a member of my local BUG was giving a presentation
on Ham Radio on FreeBSD. Diane
Bruce, call sign VA3DB, has had her operator
license since 1969 and is well known in the BSD
community and for the development of ircd-hybrid.
In the past year she has assisted in the creation
of the Hamradio
category in the FreeBSD ports tree and has
become the maintainer of over 20 of the hamradio
ports. She also contributed to the FreeBSD
entry at Hampedia, the Wikipedia for ham
operators.
Her presentation slides are a great introduction
to the various ham utilities which are available,
including both descriptions and screenshots of the
utilities in action.
Chris Buechler and Scott Ullrich - pfSense: 2.0 and beyond
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, pfsense, chris buechler, scott ullrich
Slides (3.2 Mb, 36 pages)
pfSense: 2.0 and beyond
From firewall distribution to appliance building platform
pfSense is a BSD licensed customized distribution
of FreeBSD tailored for use as a firewall and router.
In addition to being a powerful, flexible firewalling
and routing platform, it includes a long list of
related features and a package system allowing
further expandability without adding bloat and
potential security vulnerabilities to the base
distribution.
This session will start with an introduction to the
project and its common uses, which have expanded
considerably beyond firewalling. We will cover much
of the new functionality coming in the 2.0 release,
which contains significant enhancements to nearly
every portion of the system as well as numerous new
features.
While the primary function of the project is a
firewalling and routing platform, with changes
coming in pfSense 2.0, it has also become an appliance
building framework enabling the creation of customized
special purpose appliances. The m0n0wall code where
pfSense originated has proved popular for this
purpose, with AskoziaPBX and FreeNAS also based
upon it, in addition to a number of commercial
solutions. The goal of this appliance building
framework is to enable creation of projects such
as these without having to fork and maintain another
code base. The existing appliances, including a DNS
server using TinyDNS, VoIP with FreeSWITCH, and
others will be discussed. For those interested in
creating appliances, an overview of the process
will be provided along with references for additional
information.
Luigi Rizzo - GEOM based disk schedulers for FreeBSD
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
Slides (430 Kb, 40 pages)
GEOM based disk schedulers for FreeBSD
The high cost of seek operations makes the throughput
of disk devices very sensitive to the offered
workload. A disk scheduler can then help reorder
requests to improve the overall throughput of the
device, or improve the service guarantees for
individual users, or both.
Research results in recent years have introduced,
and proven the effectiveness of, a technique called
"anticipatory scheduling". The basic idea behind
this technique is that, in some cases, requests
that cause a seek should not be served immediately;
instead, the scheduler should wait for a short
period of time in case other requests arrive that
do not require a seek to be served. With many common
workloads, dominated by sequential synchronous
requests, the potential loss of throughput caused
by the disk idling times is more than balanced by
the overall reduction of seeks.
While a fair amount of research on disk scheduling
has been conducted on FreeBSD, the results were
never integrated in the OS, perhaps because the
various prototype implementations were very
device-specific and operated within the device
drivers. Ironically, anticipatory schedulers are
instead a standard part of Linux kernels.
This talk has two major contributions:
First, we will show how, thanks to the flexibility
of the GEOM architecture, an anticipatory disk
scheduling framework has been implemented in FreeBSD
with little or no modification to a GENERIC kernel.
While these schedulers operate slightly above the
layer where one would naturally put a scheduler,
they can still achieve substantial performance
improvements over the standard disk scheduler; in
particular, even the simplest anticipatory schedulers
can prevent the complete trashing of the disk
performance that often occurs in presence of multiple
processes accessing the disk.
Secondly, we will discuss how the basic anticipatory
scheduling technique can be used not only to improve
the overall throughput of the disk, but also to
give service guarantees to individual disk clients,
a feature that is extremely important in practice
e.g., when serving applications with pseudo-real-time
constraints such as audio or video streaming ones.
A prototype implementation of the scheduler that
will be covered in the presentation is available
at http://info.iet.unipi.it/~luigi/FreeBSD/
Constantine A. Murenin - Quiet Computing with BSD
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, bsd, hardware monitors, canstantine murenin
Slides (264 Kb, 16 pages)
Quiet Computing with BSD
Programming system hardware monitors for quiet computing
In this talk, we will present a detailed overview
of the features and common problems of microprocessor
system hardware monitors as they relate to the topic
of silent computing. In a nutshell, the topic of
programmable fan control will be explored.
Silent computing is an important subject as its
practice reduces the amount of unnecessary stress
and improves the motivation of the workforce, at
home and in the office.
Attendees will gain knowledge on how to effectively
programme the chips to minimise fan noise and avoid
system failure or shutdown during temperature
fluctuations, as well as some basic principles
regarding quiet computing.
Shortly before the talk, a patch for programming
the most popular chips (like those from Winbond)
will be released for the OpenBSD operating system,
although the talk itself will be more specific to
the microprocessor system hardware monitors themselves,
as opposed to the interfacing with thereof in modern
operating systems like OpenBSD, NetBSD, DragonFly
BSD and FreeBSD.
Fernando Gont - Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, bsd, security assessment, fernado gont
Security Assessment of the Internet Protocol (660 Kb, 63 pages), Slides (473 Kb, 64 pages), Proposal (93 Kb, 3 pages), Security Assessment of the Transmission Control Protocol (TCP) (1.4 Mb, 130 pages)
Results of a Security Assessment of the TCP and IP
protocols and Common implementation Strategies
Fernando Gont will present the results of security
assessment of the TCP and IP protocols carried out
on behalf of the United Kingdom's Centre for the
Protection of National Infrastructure (Centre for
the Protection of National Infrastructure). His
presentation will provide an overview of the
aforementioned project, and will describe some of
the new insights that were gained as a result of
this project. Additionally, it will provide an
overview of the state of affairs of the different
TCP/IP implementations found in BSD operating systems
with respect to the aforementioned issues.
During the last twenty years, many vulnerabilities
have been identified in the TCP/IP stacks of a
number of systems. The discovery of these vulnerabilities
led in most cases to reports being published by a
number of CSIRTs and vendors, which helped to raise
awareness about the threats and the best possible
mitigations known at the time the reports were
published. For some reason, much of the effort of
the security community on the Internet protocols
did not result in official documents (RFCs) being
issued by the organization in charge of the
standardization of the communication protocols in
use by the Internet: the Internet Engineering Task
Force (IETF). This basically led to a situation in
which "known" security problems have not always
been addressed by all vendors. In addition, in many
cases vendors have implemented quick "fixes" to the
identified vulnerabilities without a careful analysis
of their effectiveness and their impact on
interoperability. As a result, producing a secure
TCP/IP implementation nowadays is a very difficult
task, in large part because of the hard task of
identifying relevant documentation and differentiating
between that which provides correct advisory, and
that which provides misleading advisory based on
inaccurate or wrong assumptions. During 2006, the
United Kingdom's Centre for the Protection of
National Infrastructure embarked itself in an
ambitious and arduous project: performing a security
assessment of the TCP and IP protocols. The project
did not limit itself to an analysis of the relevant
IETF specifications, but also included an analysis
of common implementation strategies found in the
most popular TCP and IP implementations. The result
of the project was a set of documents which identifies
possible threats for the TCP and IP protocols and,
where possible, proposes counter-measures to mitigate
the identified threats. This presentation will will
describe some of the new insights that were gained
as a result of this project. Additionally, it will
provide an overview of the state of affairs of the
different TCP/IP implementations found in BSD
operating systems.
Randi Harper - Automating FreeBSD Installations
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, pxe, sysinstall, randi harper
Slides (33 Kb, 14 pages)
Automating FreeBSD Installations
PXE Booting and install.cfg Demystified
This paper will provide an explanation of the tools
involved in performing an automated FreeBSD install
and a live demonstration of the process.
FreeBSD's sysinstall provides a powerful and flexible
mechanism for automated installs but doesn't get
used very often because of a lack of documentation.
Brooks Davis - Isolating Cluster Jobs for Performance and Predictability
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, cluster, brooks davis
Slides (1.4 Mb, 27 pages)
Isolating Cluster Jobs for Performance and Predictability
At The Aerospace Corporation, we run a large FreeBSD
based computing cluster to support engineering
applications. These applications come in all shapes,
sizes, and qualities of implementation. To support
them and our diverse userbase we have been searching
for ways to isolate jobs from one another in ways
that are more effective than Unix time sharing and
more fine grained than allocating whole nodes to
jobs.
In this talk we discuss the problem space and our
efforts so far. These efforts include implementation
of partial file systems virtualization and CPU
isolation using CPU sets.
John Baldwin - Multiple Passes of the FreeBSD Device Tree
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, device tree, john baldwin
Slides (60 Kb, 15 pages), Paper (103 Kb, 8 pages)
Multiple Passes of the FreeBSD Device Tree
The existing device driver framework in FreeBSD
works fairly well for many tasks. However, there
are a few problems that are not easily solved with
the current design. These problems include having
"real" device drivers for low-level hardware such
as clocks and interrupt controllers, proper resource
discovery and management, and allowing most drivers
to always probe and attach in an environment where
interrupts are enabled. I propose extending the
device driver framework to support multiple passes
over the device tree during boot. This would allow
certain classes of drivers to be attached earlier
and perform boot-time setup before other drivers
are probed and attached. This in turn can be used
to develop solutions to the earlier list of problems.
Colin Percival - scrypt: A new key derivation function
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, scrypt, colin percival
Slides (556 Kb, 21 pages), Paper (201 Kb, 16 pages)
scrypt: A new key derivation function
Doing our best to thwart TLAs armed with ASICs
Password-based key derivation functions are used
for two primary purposes: First, to hash passwords
so that an attacker who gains access to a password
file does not immediately possess the passwords
contained therewithin; and second, to generate
cryptographic keys to be used for encrypting or
authenticating data.
In both cases, if passwords do not have sufficient
entropy, an attacker with the relevant data can
perform a brute force attack, hashing potential
passwords repeatedly until the correct key is found.
While commonly used key derivation functions, such
as Kamp's iterated MD5, Provos and Mazieres' bcrypt,
and RSA Laboratories' PBKDF1 and PBKDF2 make an
attempt to increase the difficulty of brute-force
attacks, they all require very little memory, making
them ideally suited to attack by custom hardware.
In this talk, I will introduce the concepts of
memory-hard and sequential memory-hard functions,
and argue that key derivation functions should be
sequential memory-hard. I will present a key
derivation function which, subject to common
assumptions about cryptographic hash functions, is
provably sequential memory-hard, and a variation
which appears to be stronger (but not provably so).
Finally, I will provide some estimates of the cost
of performing brute force attacks on a variety of
password strengths and key derivation functions.
Stephen Borrill - Building products with NetBSD - thin-clients
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, netbsd, thin client, stephen borrill
Slides (499 Kb, 60 pages)
Building products with NetBSD - thin-clients
NetBSD: delivering the goods
This talk will discuss what thin-clients are, why
they are useful and why NetBSD is good choice to
build such a device.
This talk will provide information on some alternatives
and the strengths and weaknesses of NetBSD when
used in such a device.
It will discuss problems that needed to be addressed
such as how to get a device with rich functionality
running from a small amount of flash storage, as
well as recent developments in NetBSD that have
helped improve the product.
Cat Allman and Leslie Hawthorn - Getting Started in Free and Open Source
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, getting started, cat allman, leslie hawthorn
Slides (893 Kb, 25 pages)
Getting Started in Free and Open Source
Interested in getting involved? But don't really
know where or how to start?
The talk is called "Getting Started in Free and
Open Source". It's a talk for beginners who are
interested to getting involved but don't really
know where or how to start.
We cover the basics of: -why you might want to get
involved -what you can get out of participating
-more than coding is needed -how to chose a project
-how to get started -etiquette of lists and other
communication -dos and don't of joining a community
Warner Losh - Tracking FreeBSD in a commercial Environment
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, commercial environment, waner losh
Paper (624 Kb, 45 pages), Slides (104 Kb, 10 pages)
Tracking FreeBSD in a commercial Environment
How to stay current while staying sane
The FreeBSD project publishes two lines of source
code: current and stable. All changes must first
be committed to current and then are merged into
stable. Commercial organizations wishing to use
FreeBSD in their products must be aware of this
policy. Four different strategies have developed
for tracking FreeBSD over time. A company can choose
to run only unmodified release versions of FreeBSD.
A company may choose to import FreeBSD's sources
once and then never merge newer versions. A company
can choose to import each new stable branch as it
is created, adding its own changes to that branch,
as well as integrating new versions from FreeBSD
from time to time. A company can track FreeBSD's
current branch, adding to it their changes as well
as newer FreeBSD changes. Which method a company
chooses depends on the needs of the company. These
methods are explored in detail, and their advantages
and disadvantages are discussed. Tracking FreeBSD's
ports and packages is not discussed.
Companies building products based upon FreeBSD have
many choices in how to use the projects sources and
binaries. The choices range from using unmodified
binaries from FreeBSD's releases, to tracking modify
FreeBSD heavily and tracking FreeBSD's evolution
in a merged tree. Some companies may only need to
maintain a stable version of FreeBSD with more bug
fixes or customizations than the FreeBSD project
wishes to place in that branch. Some companies also
wish to contribute some subset of their changes
back to the FreeBSD project.
FreeBSD provides an excellent base technology with
which to base products. It is a proven leader in
performance, reliability and scalability. The
technology also offers a very business friendly
license that allows companies to pick and choose
which changes they wish to contribute to the community
rather than forcing all changes to be contributed
back, or attaching other undesirable license
conditions to the code.
However, the FreeBSD project does not focus on
integration of its technology into customized
commercial products. Instead, the project focuses
on producing a good, reliable, fast and scalable
operating system and associated packages. The project
maintains two lines of development. A current branch,
where the main development of the project takes
place, and a stable branch which is managed for
stability and reliability. While the project maintains
documentation on the system, including its development
model, relatively little guidance has been given
to companies in how to integrate FreeBSD into their
products with a minimum of trouble.
Developing a sensible strategy to deal with both
these portions of FreeBSD requires careful planning
and analysis. FreeBSD's lack of guidelines to
companies leaves it up to them to develop a strategy.
FreeBSD's development model differs from some of
the other Free and Open Source projects. People
familiar with those systems often discover that
methods that were well suited to them may not work
as well with FreeBSD's development model. These two
issues cause many companies to make poor decisions
without understanding the problems that lie in their
future.
Very little formal guidance exists for companies
wishing to integrate FreeBSD into their products.
Some email threads can be located via a Google
search that could help companies, but many of them
are full of contradictory information, and it is
very disorganized. While the information about the
FreeBSD development process is in the FreeBSD
handbook, the implications of that process for
companies integrating FreeBSD into their products
are not discussed.
Kris Moore - PC-BSD - Making FreeBSD on the desktop a reality
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, pc-bsd, freebsd, kris moore
Paper (351 Kb, 9 pages), Slides (512 Kb, 35 pages)
PC-BSD - Making FreeBSD on the desktop a reality
FreeBSD on the Desktop
While FreeBSD is a all-around great operating system,
it is greatly lagging behind in desktop appeal. Why
is this? In this talk, we will take a look at some
of the desktop drawbacks of FreeBSD, and how are
are attempting to fix them through PC-BSD.
FreeBSD has a reputation for its rock-solid
reliability, and top-notch performance in the server
world, but is noticeably absent when it comes to
the vast market of desktop computing. Why is this?
FreeBSD offers many, if not almost all of the same
open-source packages and software that can be found
in the more popular Linux desktop distributions,
yet even with the speed and reliability FreeBSD
offers, a relative few number of users are deploying
it on their desktops.
In this presentation we will take a look at some
of the reasons why FreeBSD has not been as widely
adopted in the desktop market as it has on the
server side. Several of the desktop weaknesses of
FreeBSD will be shown, along with how we are trying
to fix these short-comings through a desktop-centric
version of FreeBSD, known as PC-BSD. We will also
take a look at the package management system employed
by all open-source operating systems alike, and
some of the pitfalls it brings, which may hinder
widespread desktop adoption.
Sean Bruno - Implementation of TARGET_MODE applications
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, firewire, sean bruno
Slides (72 Kb, 22 pages)
Implementation of TARGET_MODE applications
How we used TARGET_MODE in the kernel to create and
interesting product
This presentation will cover a real world implementation
of the TARGET_MODE infrastructure in the kernel
(stable/6). Topics to include: drivers used (isp,
aic7xxx, firewire). scsi_target userland code vs
kernel drivers missing drivers (4/8G isp support,
iSCSI target)
Target Mode describes a feature within certain
drivers that allows a FreeBSD system to emulate a
Target in the SCSI sense of the word. By recompiling
your kernel with this feature enabled, it permits
one to turn a FreeBSD system into an external hard
disk. This feature of the FreeBSD kernel provides
many interesting implementations and is highly
desirable to many organizations whom run FreeBSD
as their platform.
I have been tasked with the maintenance of a
proprietary target driver that interfaces with the
FreeBSD kernel to do offsite data mirroring at the
block level. This talk will discuss the implementation
of that kernel mode driver and the process my
employer went through to implement a robust and
flexible appliance.
Since I took over the implementation, we have
implemented U160 SCSI(via aic7xxx), 2G Fibre
Channel(via isp) and Firewire 400 (via sbp_targ).
Each driver has it's own subtleties and requirements.
I personally enhanced the existing Firewire target
driver and was able to get some interesting results.
I hope to demonstrate a functional Firewire 400/800
target and show how useful this application can be
for the embedded space. Also, I wish to demonstrate
the need for iSCSI. USB and 4/8G Fibre Channel
target implementations that use the TARGET_MODE
infrastructure that is currently in place to allow
others to expand their various interface types.
The presentation should consist of a high level
overview, followed by detailed implementation
instructions with regards to the Firewire implementation
and finish up with a hands-on demonstration with a
FreeBSD PC flipped into TARGET_MODE and a Mac.
George Neville-Neil - Understanding and Tuning SCHED_ULE
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, sched_ule, george neville-neil
Slides (228 Kb, 29 pages)
Understanding and Tuning SCHED_ULE
With the advent of widespread SMP and multicore CPU
architectures it was necessary to implement a new
scheduler in the FreeBSD operating system. The
SCHEDULE scheduler was added for the 5 series of
FreeBSD releases and has now matured to the point
where it is the default scheduler in the 7.1 release.
While scheduling processes was a difficult enough
task in the uniprocessor world, moving to multiple
processors, and multiple cores, has significantly
increased the number of problems that await engineers
who wish to squeeze every last ounce of performance
out of their system. This talk will cover the basic
design of SCHEDULE and focus a great deal of attention
on how to tune the scheduler for different workloads,
using the sysctl interfaces that have been provided
for that purpose.
Understanding and tuning a scheduler used to be
done only by operating systems designers and perhaps
a small minority of engineers focusing on esoteric
high performance systems. With the advent of
widespread multi-processor and multi-core architectures
it has become necessary for more users and
administrators to decide how to tune their systems
for the best performance. The SCHEDULE scheduler
in FreeBSD provides a set of sysctl interfaces for
tuning the scheduler at run time, but in order to
use these interfaces effectively the scheduling
process must first be understood. This presentation
will give an overview of how SCHEDULE works and
then will show several examples of tuning the system
with the interfaces provided.
The goal of modifying the scheduler's parameters
is to change the overall performance of programs
on the system. One of the first problems presented
to the person who wants to tune the scheduler is
how to measure the effects of their changes. Simply
tweaking the parameters and hoping that that will
help is not going to lead to good results. In our
recent experiments we have used the top(1) program
to measure our results.
Lawrence Stewart - Improving the FreeBSD TCP Implementation
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, freebsd, tcp, lawrence stewart
Slides (2.1 Mb, 38 pages)
Improving the FreeBSD TCP Implementation.
An update on all things TCP in FreeBSD and how they
affect you.
My involvement in improving the FreeBSD TCP stack
has continued this past year, with much of the work
targeted at FreeBSD 8. This talk will cover what
these changes entail, why they are of interest to
the FreeBSD community and how they help to improve
our TCP implementation.
It has been a busy year since attending my inaugural
BSDCan in 2008, where I talked about some of my
work with TCP in FreeBSD.
I have continued the work on TCP analysis/debugging
tools and integrating modular congestion control
into FreeBSD as part of the NewTCP research project.
I will provide a progress update on this work.
Additionally, a grant win from the FreeBSD Foundation
to undertake a project titled "Improving the FreeBSD
TCP Implementation" at Swinburne University's Centre
for Advanced Internet Architectures has been
progressing well. The project focuses on bringing
TCP Appropriate Byte Counting (RFC 3465), reassembly
queue auto-tuning and integration of low-level
analysis/debugging tools to the base system, all
of which I will also discuss.
Joerg Sonnenberger - Journaling FFS with WAPBL
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, netbsd, wapbl, ffs, joerg sonnenberger
Slides (10 Kb, 24 pages)
Journaling FFS with WAPBL
NetBSD 5 is the first NetBSD release with a journaling
filesystem. This lecture introduces the structure
of the Fast File System, the modifications for WAPBL
and specific constraints of the implementation.
The Fast File System (FFS) has been used in the BSD
land for more than two decades. The original
implementation offered two operational modes:
- safe and slow (sync)
- unsafe and fast (async) One decade ago, Kirk
McKusick introduced the soft dependency mechanism
to offset the performance impact without risk of
mortal peril on the first crash. With the advent
of Terabyte hard disks, the need for a file system
check (fsck) after a crash becomes finally unacceptable.
Even a background fsck like supported on FreeBSD
consumes lots of CPU time and IO bandwidth.
Based on a donation from Wasabi Systems, Write Ahead
Physical Block Logging (WAPBL) provides journaling
for FFS with similar or better performance than
soft dependencies during normal operation. Recovery
time after crashes depends on the amount of outstanding
IO operations and normally takes a few seconds.
This lecture gives a short overview of FFS and the
consistency constraints for meta data updates. It
introduces the WAPBL changes, both in terms of the
on-disk format and the implementation in NetBSD.
Finally the implementation is compared to the design
of comparable file systems and specific issues of
and plans for the current implementation are
discussed.
Ivan Voras - Remote and mass management of systems with finstall
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
Slides (377 Kb, 24 pages)
Remote and mass management of systems with finstall
Automated management on a largish scale
An important part of the "finstall" project, created
as a graphical installer for FreeBSD, is a configuration
server that can be used to remotely administer and
configure arbitrary systems. It allows for remote
scripting of administration tasks and is flexible
enough to support complete reconfiguration of running
systems.
The finstall project has two major parts - the
front-end and the back-end. The front-end is just
a GUI allowing the users to install the system in
a convenient way. The back-end is a network-enabled
XML-RPC server that is used by the front-end to
perform its tasks. It can be used as a stand-alone
configuration daemon. This talk will describe a way
to make use of this property of finstall to remotely
manage large groups of systems.
Mike Silbersack - Detecting TCP regressions with tcpdiff
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, tcpdiff, freebsd, mike silbersack
Slides (89 Kb, 33 pages)
Detecting TCP regressions with tcpdiff
Determining if a TCP stack is working correctly is
hard. The tcpdiff project aims for a simpler goal:
To automatically detect differences in TCP behavior
between different versions of an operating system
and display those differences in an easy to understand
format. The value judgement of whether a certain
change between version X and Y of a TCP stack is
good or bad will be left to human eyes.
Determining if a TCP stack is working correctly is
hard. The tcpdiff project aims for a simpler goal:
To automatically detect differences in TCP behavior
between different versions of an operating system
and display those differences in an easy to understand
format. The value judgement of whether a certain
change between version X and Y of a TCP stack is
good or bad will be left to human eyes.
The initial version of tcpdiff presented at NYCBSDCon
2008 demonstrated that it could be used to detect
at least two major TCP bugs that were introduced
into FreeBSD in the past few years. The work from
that presentation can be viewed at
http://www.silby.com/nycbsdcon08/.
For BSDCan 2009, I hope to fix a number of bugs in
tcpdiff, make it easier to use, set up nightly tests
of FreeBSD, and improve it so that additional known
bugs can be detected. Additionally, I plan to run
it on OSes other than FreeBSD.
Philip Paeps - Crypto Acceleration on FreeBSD
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, crypto acceleration, freebsd, philip paeps
Slides (361 Kb, 28 pages)
Crypto Acceleration on FreeBSD
As more and more services on the internet become
cryptographically secured, the load of cryptography
on systems becomes heavier and heavier. Crypto
acceleration hardware is available in different
forms for different workloads. Embedded communications
processors from VIA and AMD have limited acceleration
facilities in silicon and various manufacturers
build hardware for accelerating secure web traffic
and IPSEC VPN tunnels.
This talk gives an overview of FreeBSD's crypto
framework in the kernel and how it can be used
together with OpenSSL to leverage acceleration
hardware. Some numbers will be presented to demonstrate
how acceleration can improve performance - and how
it can curiously bring a system to a grinding halt.
Philip originally started playing with crypto
acceleration when he saw the "crypto block" in one
of his Soekris boards. As usual, addiction was
instant and by the grace of the "you touch it, you
own it" principle, he has been fiddling the crypto
framework more than is good for him.
Sean Bruno - Firewire BoF Plugfest
Source: BSDCan - The Technical BSD Conference
Added: 25 May 2009
Tags: bsdcan, bsdcan2009, presentation, firewire, plugfest, sean bruno
Slides (37 Kb, 1 page)
Firewire BoF Plugfest
Debugging and testing of Firewire products with FreeBSD
Come one come all to a Firewire plugfest. Let's
debug and test together and see if we can't knock
out some features and bugs.
A hands-on testing and debugging session of the
Firewire stack in FreeBSD.
Everyone who wishes to attend should bring their
Firewire devices, ext Drives and Cameras, and their
Laptops. I will be debugging and capturing data
points to enhance and improve features in the
Firewire stack.
We should be able to knock out quite a bunch of
bugs if folks can bring their various Firewire
devices along with their various PCs.
Even if your Firewire device works perfectly, bring
it by so it can be documented as supported by the
Firewire team!
Daniel Braniss
Source: BSDCan - The Technical BSD Conference
Added: 28 May 2008
Tags: bsdcan, bsdcan2008, presentation, iscsi, daniel braniss
PDF file (1.4 Mb, 30 pages)
iSCSI
not an Apple appliance.
iSCSI is not an Apple appliance.
The i in iSCSI stands for internet, some say for
insecure, personally I like to think interesting.
I'll try to share the road followed from RFC-3720
to the actual working driver, the challenges, the
frustrations.
PmcTools talk at the Bangalore chapter of the ACM
Source: Joseph Koshy
Added: 24 May 2009
Tags: freebsd, presentation, freebsd, pmctools, joseph koshy
PDF version (550 Kb, 48 pages)
In April 2009 I was invited to speak on FreeBSD/PmcTools
by the Bangalore chapter of the ACM.
This was an overview talk. The talk briefly touched
upon: the motivations and goals of the project, the
programming APIs, some aspects of the implementation
and on possible future work.