Skip site navigation (1) Skip section navigation (2)

FreeBSD Multimedia

FreeBSD Multimedia Resources List

Links on this page refer to multimedia resources (podcast, vodcast, audio recordings, video recordings, photos) related to FreeBSD or of interest for FreeBSD users.

This list is available as chronological overview, as a tag cloud and via the sources.

This list is also available as RSS feed RSS Feed

If you know any resources not listed here, or notice any dead links, please send details to Edwin Groothuis so that it can be included or updated.

Tag: presentation

  • Marshall Kirk McKusick at DCBSDCon
    Source: bsdtalk
    Added: 21 February 2009
    Tags: bsdtalk, presentation, bsd, history, kirk mckusick
    Ogg version (55 minutes), MP3 version (26 Mb, 55 minutes)

    A recording of Marshall Kirk McKusick's talk "A Narrative History of BSD" at DCBSDCon this past weekend. You can get a much more complete history here: http://www.mckusick.com/history/index.html
  • Using BSD in SchmooCon Labs
    Source: YouTube bsdconferences channel
    Added: 24 May 2009
    Tags: youtube, presentation, dcbsdcon, dcbsdcon2009, bsd, schmoocon, ken caruso
    Flash (35:08)

    Using BSD in SchmooCon Labs DCBSDCon 2009, Ken Caruso clive URL: http://www.youtube.com/watch?v=9ZhfuP4jghY
  • Sleeping Beauty - NetBSD on Modern laptops
    Source: YouTube bsdconferences channel
    Added: 24 May 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, netbsd, laptops, jorg sonnenberger
    Flash (1:20:56)

    P9A: Sleeping Beauty - NetBSD on Modern Laptops AsiaBSDCon 2008, Jorg Sonnenberger clive URL: http://www.youtube.com/watch?v=v9ygBFjGR50
  • OpenBSD Network Stack Internals
    Source: YouTube bsdconferences channel
    Added: 24 May 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, openbsd, claudio jeker
    Flash (53:41)

    P8A: OpenBSD Network Stack Internals AsiaBSDCon 2008, Claudio Jeker clive URL: http://www.youtube.com/watch?v=V85It0dGUF4
  • P6A: A Portable iSCSI Initiator
    Source: YouTube bsdconferences channel
    Added: 24 May 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, iscsi, alistair crooks
    Flash (40:57)

    P3B: A Portable iSCSI Initiator AsiaBSDCon 2008, Alistair Crooks clive URL: http://www.youtube.com/watch?v=MiZY7PMu7Ic
  • P3B: BSD Implementations of XCAST6
    Source: YouTube bsdconferences channel
    Added: 27 March 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, xcast6, yuji imai
    Flash (55:42)

    P3B: BSD Implementations of XCAST6 AsiaBSDCon 2008, Yuji Imai clive URL: http://www.youtube.com/watch?v=g1Ga48smqyI
  • P5A: Logical Resource Isolation in the NetBSD Kernel
    Source: YouTube bsdconferences channel
    Added: 27 March 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, netbsd, kristaps dzonsons
    Flash (56:29)

    P5A: Logical Resource Isolation in the NetBSD Kernel AsiaBSDCon 2008, Kristaps Dzonsons clive URL: http://www.youtube.com/watch?v=c63VneyQI-k
  • P4B: Send and Receive of File System Protocols: Userspace Approach With puffs
    Source: YouTube bsdconferences channel
    Added: 27 March 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, puffs, antti kantee
    Flash (47:29)

    P4B: Send and Receive of File System Protocols: Userspace Approach With puffs AsiaBSDCon 2008, Antti Kantee clive URL: http://www.youtube.com/watch?v=ziGeB8iRA0c
  • P1B: Tracking FreeBSD in a Commercial Setting
    Source: YouTube bsdconferences channel
    Added: 27 March 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, freebsd, warner losh
    Flash (33:40)

    P1B: Tracking FreeBSD in a Commercial Setting AsiaBSDCon 2008, M. Warner Losh clive URL: http://www.youtube.com/watch?v=VaZ9Ef04bJg
  • A Brief History of the BSD Fast Filesystem, Kirk McKusick
    Source: YouTube bsdconferences channel
    Added: 13 March 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, bsd fast filesystem, kirk mckusick
    Flash (42:01)

    A Brief History of the BSD Fast Filesystem, Kirk McKusick AsiaBSDCon 2008, Dr. Kirk McKusick clive URL: http://www.youtube.com/watch?v=tzieR5MM06M
  • PC-BSD, Matt Olander, AsiaBSDCon 2008
    Source: YouTube bsdconferences channel
    Added: 21 February 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, pc-bsd, matt olander
    Flash (28:50)

    PC-BSD, Matt Olander, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=N0q37X-MJzY
  • Using FreeBSD to Promote Open Source Development Methods, Brooks Davis, AsiaBSDCon 2008
    Source: YouTube bsdconferences channel
    Added: 21 February 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, freebsd, promotion, open source development models, brooks davis
    Flash (30:07)

    Using FreeBSD to Promote Open Source Development Methods, Brooks Davis, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=4lcrinKBMas
  • GEOM - in Infrastructure We Trust, Pawel Jakub Dawidek, AsiaBSDCon 2008
    Source: YouTube bsdconferences channel
    Added: 21 February 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, geom, pawel jakub dawidek
    Flash (46:38)

    GEOM - in Infrastructure We Trust, Pawel Jakub Dawidek, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=xMpmOezBJZo
  • Reducing Lock Contention in a Multi-Core System, Randall Stewart, AsiaBSDCon 2008
    Source: YouTube bsdconferences channel
    Added: 21 February 2009
    Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, multicore, lock contention, randall stewart
    Flash (28:12)

    Reducing Lock Contention in a Multi-Core System, Randall Stewart, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=OQOMva1SmbY
  • Lousy virtualization, Happy users: FreeBSD's jail(2) facility
    Source: UKUUG
    Added: 02 April 2007
    Tags: ukuug, presentation, freebsd, jails, poul-henning kamp
    Slides (2.7 Mb)

    Lousy virtualization, Happy users: FreeBSD's jail(2) facility by Poul-Henning Kamp (phk@FreeBSD.org)
  • Poul-Henning Kamp - GBDE -- Spook strength disk encryption
    Source: Swiss Unix Users Group Conference 2004
    Added: 14 January 2007
    Tags: suug, presentation, gbde, poul-henning kamp
    Slides (113 Kb), Paper (104 Kb)

    GBDE is a disk encryption facility designed with both usability and strength as requirements and it attempts to protect both the user and the data. The talk is about avoiding self-deceiving analysis, how to make real world usable cryptography and generally protect yourself and your data. Required skill level: Laptop user.
  • Max Laier - PF - Extended Introduction
    Source: Swiss Unix Users Group Conference 2004
    Added: 14 January 2007
    Tags: suug, presentation, pf, altq, max laier
    Video/MPEG (94 Mb), Slides (1 Mb), Audio/MP3 (22 Mb)

    The talk will introduce packet filter (pf) - a *BSD firewall system - and summarize its history and projected future. After providing a short overview of pf's general functionality and some firewall basics, it will concentrate on packet filter's advanced feature-set from the administrator's point of view. The talk will also cover the integration of ALTQ, a mature framework for traffic shaping and priorization. Finally it will provide a short overview of the "Common Address Redundancy Protocol" (CARP) and its integration in pf.
  • Poul-Henning Kamp - Old mistakes repeated (but you do get the source code now)
    Source: Swiss Unix Users Group Conference 2004
    Added: 14 January 2007
    Tags: suug, presentation, unix, mistakes, poul-henning kamp
    Slides (65 Kb)

    UNIX is the best operating system ever designed so everybody is running UNIX on their computer, right ? This presentation takes a partisan looks a why UNIX never became a big success in the eighties, failed to win the market in the nineties, and still struggles in the market in the new millennium. Poul-Henning will take a critical look at the mistakes of the past and the mistakes of the present and try to make it really clear what needs to happen for UNIX to become a real success.
  • EuroBSDCon 2008 - Constantine Murenin - OpenBSD Hardware Sensors Framework
    Source: EuroBSDCon
    Added: 22 October 2008
    Tags: eurobsdcon, eurobsdcon2008, presentation, openbsd, hardware sensors, constantine murenin
    PDF (539395 bytes, 38 pages)

    In this talk, we will discuss the past and present history and the design principles of the OpenBSD hardware sensors framework. Sensors framework provides a unified interface for storing, registering and accessing information about hardware monitoring sensors. Sensor types include, but are not limited to, temperature, voltage, fan RPM, time offset and logical drive status. The framework spans sensor_attach(9), sysctl(3), sysctl(8), sensorsd(8), ntpd(8), snmpd(8) and more than 67 drivers, ranging from I2C temperature sensors and Super I/O hardware monitors to IPMI, RAID and SCSI enclosures. Several third-party tools are also available, for example, a plug-in for Nagios and ports/sysutils/symon. Originally based on some ideas from NetBSD, the framework has sustained many improvements in OpenBSD, and was ported and committed to FreeBSD and DragonFly BSD. Constantine A. Murenin is an MMath graduate student at the David R. Cheriton School of Computer Science at the University of Waterloo (CA). Prior to his graduate appointment, Constantine attended and subsequently graduated from East Carolina University (US) and De Montfort University (UK), receiving two bachelor degrees in computer science, with honors and honours respectively. A FreeBSD Google Summer of Code 2007 Student, OpenBSD Committer and Mozilla Contributor, Constantine's interests range from standards compliance and usability at all levels, to quiet computing and hardware monitoring. http://Constantine.SU/
  • The presentation I gave at SUCON 04 (115 Kb)
    Source: Andre Opperman
    Added: 14 January 2007
    Tags: sucon, presentation, freebsd, networking, andre opperman

    The presentation I gave at SUCON 04 on 2nd September 2004 about enhancements/changes in FreeBSD 5.3 Networking Stack.
  • What's your biggest Time Management problem?
    Source: New York City *BSD User Group
    Added: 13 March 2009
    Tags: nycbug, presentation, time management, tom limoncelli
    MP3 version (11 Mb)

    What's your biggest Time Management problem? Tom Limoncelli is a FreeBSD user and the author of the O'Reilly book,"Time Management for System Administrators". He'll be giving a brief presentation with highlights from his book then will take questions from the audience. Whether you are a system administrator, a developer (or even a Linux user) this presentation will help you with something more precious a quad-processor AMD box.
  • Postfix Performance Tuning
    Source: New York City *BSD User Group
    Added: 21 February 2009
    Tags: nycbug, presentation, postfix, john mashey
    MP3 version (11 Mb)

    Money can buy you bandwidth, but latency is forever! John Mashey, MIPS Victor will cover an array of issues connected to Postfix performance tuning, including: Latency, concurrency and throughput Postfix input processing Queue file format rationale Input processing bottlenecks Pre-queue filters, milters, content filters Tuning for fast (enough) input Postfix on-disk queues, requirements and architecture What is a "transport"? Postfix "nqmgr" scheduler algorithm Per-destination in memory queues Per-destination scheduler controls SMTP delivery Understanding delay logging Transport process limits, concurrency limits Scaling to thousands of output processes Connection caching, TLS session caching, feedback controls Speaker Bio Victor Duchovni trained in mathematics, switched tracks to CS in 1980s leaving Princeton with a master's degree in mathematics and newly acquired skills in Unix system administration and system programming. In 1990 moved to Lehman Brothers, worked on system management tooling, and network engineering. Ported "Moira" from MIT to Lehman, built efficient build systems that predated (and partly inspired) Jumpstart. In 1994 joined ESM to market "CMDB" tools to enterprise users, but this did not pan out, in the mean time learned Tcl, and contributed bunch of patches to the 7.x early 8.x TCL releases. In 1997 returned to New York, working in IT Security at Morgan Stanley since late 1999. At Morgan Stanley, developed a hobby in perimeter email security, becoming an active Postfix user and very soon contributor in May of 2001. In addition to many smaller feature improvements, contributed initial implementation of SMTP connection caching, overhauled and currently maintain LDAP and TLS support. Made significant design contributions to queue manager in collaboration with Wietse and Patrik Raq. In 2.6 contributing support for TLS EC ciphers and multi-instance management tooling, ideally also TLS SNI if time permits.
  • Introduction to Puppet
    Source: New York City *BSD User Group
    Added: 19 January 2009
    Tags: nycbug, presentation, puppet, larry ludwig
    MP3 version (11 Mb)

    What it is and how can it make system administration less painful About the speaker: Larry Ludwig - Principal Consultant/Founder of Empowering Media. Empowering Media is a consulting firm and managed hosting provider. Larry Ludwig has been in the industry for over 15 years as a system administration and system programmer. He's had previous experience working for many Fortune 500 corporations and holds a BS in CS from Clemson University. Larry, along with Eric E. Moore and Brian Gupta are founding members of the NYC Puppet usergroup.
  • Hardware Performance Monitoring Counters
    Source: New York City *BSD User Group
    Added: 16 November 2008
    Tags: nycbug, presentation, george neville-neil, counters
    MP3 version (4 Mb)

    Many modern CPUs provide on chip counters for performance events such as retiring instructions and cache misses. The hwpmc driver and libraries in FreeBSD give systems administrators and programmers access to APIs which make it possible to measure performance without modifying source code and with minimal intrusion into application execution. This talk will be a brief introduction to HWPMC, and how to use it. Bio: George Neville-Neil is the co-author with Kirk McKusick of The Design and Implementation of the FreeBSD Operating System. He works on networking an operating systems for fun and profit.
  • New York City BSD Con 2008: BSD v. GPL - a.k.a. not the sequel to "BSD is Dying"
    Source: New York City *BSD User Group
    Added: 14 October 2008
    Tags: nycbsdcon, nycbsdcon2008, presentation, humor, bsd versus gpl, jason dixon
    MP4 (15 Mb)

    BSD vs GPL is a sweeping epic, focused on the dichotomy between good and evil. It peers inside the hearts and minds of the creators of these movements and dissects their battle for world domination. No common documentary will dare to follow the path that BSD vs GPL blazes.
  • New York City BSD Con 2008
    Source: New York City *BSD User Group
    Added: 24 November 2008
    Tags: nycbsdcon2008, nycbsdcon, presentation
    Julio M. Merino Vidal: An introduction to the Automated Testing Framework (ATF) for NetBSD. (570 Kb, 18 pages), Mike Silbersack: Detecting TCP regressions with tcpdiff. (88 Kb, 28 pages), Metthew Dillon: The HAMMER File System. (820 Kb, 16 pages), Kurt Miller: OpenBSD's Position Independent Executables (PIE) Implementation. (21 pages), Adrian Chadd: High-throughput concurrent disk IO in FreeBSD. (197 Kb, 92 pages), Anders Magnusson: Design and Implementation of the Portable C Compiler. (123 Kb, 29 pages), Jason L Wright: When Hardware Is Wrong, or "They can Fix It In Software". (1.7 Mb, 22 pages)

    Slides of presentations given at New York City BSD Conference 2008.
  • New York City BSD Con 2008
    Source: New York City *BSD User Group
    Added: 13 October 2008
    Tags: nycbsdcon2008, nycbsdcon, presentation
    Jeremy C. Reed: Introduction to DNSSEC. (15 Mb), Michael Lucas: Network Refactoring, or doing an oil change at 80 MPH. (10 Mb), Anders Magnusson: Design and Implementation of the Portable C Compiler. (15 Mb), Jason Dixon: BSD versus GPL. (4 Mb), Kurt Miller: OpenBSD's Position Independent Executables (PIE) Implementation. (10 Mb), Metthew Dillon: The HAMMER File System. (14 Mb), Pawel Jakub Dawidek: A closer look at the ZFS file system. (16 Mb), Jason L Wright: When Hardware Is Wrong, or "They can Fix It In Software". (9 Mb), Michael Shalayeff: Porting PCC. (11 Mb), Adrian Chadd: High-throughput concurrent disk IO in FreeBSD. (14 Mb), Mike Silbersack: Detecting TCP regressions with tcpdiff. (11 Mb), Julio M. Merino Vidal: An introduction to the Automated Testing Framework (ATF) for NetBSD. (10 Mb)

    Audio recordings of presentations given at New York City BSD Conference 2008. Courtesy of nikolai at fetissov.org. The main page also has links to the slides.
  • Public Key sudo
    Source: New York City *BSD User Group
    Added: 19 August 2008
    Tags: nycbug, presentation, sudo, public key, matthew burnside
    MP3 version (2 Mb)

    Two tools which have become the norm in Linux- and Unix-based environments are SSH for secure communications, and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this talk, I describe a flaw in their interaction, and then present our solution called public-key sudo. Public-key sudo is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. I describe our implementation of a generic SSH authentication module and the sudo modifications required to use this module. Bio: Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His research interests are in network anonymity, trust management, and enterprise-scale policy enforcement.
  • Configuration Management with Cfengine
    Source: New York City *BSD User Group
    Added: 03 July 2008
    Tags: nycbug, presentation, configuration management, cfengine
    MP3 version (6 Mb, 58 minutes)

    Configuration Management with Cfengine Cfengine is a policy-based configuration management system. Its primary function is to provide automated configuration and maintenance of computers, from a policy specification. The cfengine project was started in 1993 as a reaction to the complexity and non-portability of shell scripting for Unix configuration management, and continues today. The aim was to absorb frequently used coding paradigms into a declarative, domain-specific language that would offer self-documenting configuration. about the speaker: Steven Kreuzer has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.
  • Managing OpenBSD Environments
    Source: New York City *BSD User Group
    Added: 12 May 2008
    Tags: nycbug, presentation, openbsd, system management
    MP3 version (11 Mb, 103 minutes)

    This talk is the result of an after-meeting discussion with a few folks, when it became apparent that there is some confusion as to how to deal with OpenBSD in small and large environments. The topic of installation and upgrading came up again. This talk is aimed to hopefully dispel many of the rumors, provide a thorough description and walk through of the various stages of running OpenBSD in any size environment, and some of the features and tools at the administrator's disposal. Okan Demirmen has been working with UNIX-like systems for as long as he can remember and has found OpenBSD to match some of the same philosophies in which he believes, namely simplicity and correctness, and reap the benefits of such.
  • Building a High-Performance Computing Cluster Using FreeBSD
    Source: New York City *BSD User Group
    Added: 22 March 2008
    Tags: nycbug, presentation, high performance computing, freebsd, brooks davis
    MP3 version (9 Mb, 80 minutes)

    Special NYC*BUG meeting with FreeBSD developer Brooks Davis Since late 2000 we have developed and maintained a general purpose technical and scientific computing cluster running the FreeBSD operating system. In that time we have grown from a cluster of 8 dual Intel Pentium III systems to our current mix of 64 dual, quad-core Intel Xeon and 289 dual AMD Opteron systems. In this talk we reflect on the system architecture as documented in our BSDCon 2003 paper "Building a High-performance Computing Cluster Using FreeBSD" and our changes since that time. After a brief overview of the current cluster we revisit the architectural decisions in that paper and reflect on their long term success. We then discuss lessons learned in the process. Finally, we conclude with thoughts on future cluster expansion and designs. Bio Brooks Davis is an Engineering Specialist in the High Performance Computing Section of the Computer Systems Research Department at The Aerospace Corporation. He has been a FreeBSD user since 1994, a FreeBSD committer since 2001, and a core team member since 2006. He earned a Bachelors Degree in Computer Science from Harvey Mudd College in 1998. His computing interests include high performance computing, networking, security, mobility, and, of course, finding ways to use FreeBSD in all these areas. When not computing, he enjoys reading, cooking, brewing and pounding on red-hot iron in his garage blacksmith shop.
  • User Interfaces and How People Think
    Source: New York City *BSD User Group
    Added: 10 March 2008
    Tags: nycbug, presentation, user interfaces
    MP3 version (9 Mb, 78 minutes)

    "User Interfaces and How People Think" will introduce concepts of designing software for different users by observing how they think about and do what they do. While much of design today focuses on the front-end of computer systems, there is opportunity to innovate in every area where a human interacts with software. Bio: Jeffery Mau is a user experience designer with the leading business and technology consulting firm Sapient. He has helped clients create great customer experiences in the financial services, education, entertainment and telecommunications industries. With a passion for connecting people with technology, Jeff specializes in Information Architecture and Business Strategy. Jeff holds a Masters in Design from the IIT Institute of Design in Chicago, Illinois.
  • Open Meeting on OpenSSH
    Source: New York City *BSD User Group
    Added: 19 February 2008
    Tags: nycbug, presentation, openssh
    MP3 version (7 Mb, 63 minutes)

    Open Meeting on OpenSSH Febrary's NYCBUG meeting is a broad look at OpenSSH, the de facto method for remote administration and more. OpenSSH celebrated its 8th anniversary this past September, and we thought this would be a great opportunity to discuss OpenSSH, and for others to contribute their hacks and interesting applications.
  • SSARES
    Source: New York City *BSD User Group
    Added: 11 January 2008
    Tags: nycbug, presentation, ipv6, gene cronk
    Paper (443 Kb, 10 pages), MP3 version (7 Mb, 67 minutes)

    SSARES: Secure Searchable Automated Remote Email Storage - A usable, secure email system on a remote untrusted server The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefit of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confidentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search. To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient. However, the system also incurs significant costs, primarily in terms of expanded storage requirements. We view our work as a starting point toward creating privacy-friendly hosted services. Angelos Keromytis is an Associate Professor with the Department of Computer Science at Columbia University, and director of the Network Security Laboratory. He received his B.Sc. in Computer Science from the University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer and Information Science (CIS) Department, University of Pennsylvania. He is the author and co-author of more than 100 papers on refereed conferences and journals, and has served on over 40 conference program committees. He is an associate editor of the ACM Transactions on Information and Systems Security (TISSEC). He recently co-authored a book on using graphics cards for security, and is a co-founder of StackSafe Inc. His current research interests revolve around systems and network security, and cryptography.
  • Gene Cronk on Implementing IPv6
    Source: New York City *BSD User Group
    Added: 06 October 2007
    Tags: nycbug, presentation, ipv6, gene cronk
    MP3 version (14Mb, 60 minutes)

    This talk will be on some of the basics of IPv6 including addressing, subnetting, and tools to test connectivity. There will be a lab (network permitting), and setups for an as of yet undisclosed flavor of BSD as well as some of the well known daemons (Apache 2, SSHD) will be demonstrated. Setting up a BSD OS as an IPv6 router and tunneling system will also be covered. Bio Gene Cronk, CISSP-ISSAP, NSA-IAM is a freelance network security consultant, specializing in *NIX solutions. He has been working with computers for well over 20 years, electronics for over 15, and IPv6 specifically for 4 years. He has given talks on IPv6 and a multitude of other topics at DefCon, ShmooCon and other "underground" venues. Gene is from Jacksonville, FL. When not involved in matters concerning IPv6, he can be found gaming (Anarchy Online), helping out with the Jacksonville Linux User's Group, being one of the benevolent dictators of the Hacker Pimps Security Think Tank, or fixing up his house.
  • Using Cryptography to Improve Web Application Performance and Security
    Source: New York City *BSD User Group
    Added: 12 September 2007
    Tags: nycbug, presentation, cryptography, nick galbreath
    MP3 version (18Mb)

    Cryptography has a reputation of slowing down applications. However if done correctly, it can actually be used to improve performance by storing high-value/high-cost results "in public." In addition the same techniques can solve common security problems such as authorization, parameter scanning, and parameter rewriting. All are welcome - no previous experience with cryptography is required, and the techniques will be presented in a programming-language neutral format. Nick Galbreath have been working on high performance servers and web security at various high profile startups since 1994 (most recently Right Media). He holds a Master degree of Mathematics from Boston University, and published a book on cryptography. He currently lives in the Lower East Side.
  • Marc Spitzer on Nagios
    Source: New York City *BSD User Group
    Added: 01 August 2007
    Tags: nycbug, presentation, nagios, marc spitzer
    MP3 version (19Mb)

    Nagios is a platform for monitoring services and the hosts they reside on. It provides a reasonable tool for monitoring your network and you can not beat the price. We plan on covering the following topics: what it is how it works where to get it how to install it how to configure it how to customize it for your environment where the data is stored how to write a basic plug-in About the Speaker Marc Spitzer started as a VAX/VMS operator who taught himself some basic scripting in DCL to help me remember how to do procedures that did not come up enough to actually remember all the steps, this was in 1990. Since then he has worked with HPUX, Solaris, Windows, Linux, and the BSDs, FreeBSD being his favorite. He has held a variety of positions, admin and engineering, where he has been able to introduce BSD into his work place. He currently works for Columbia University as a Systems Administrator. He is a founding member of NYCBUG and LispNYC and on the board of UNIGroup. Most of his career has been building tools to solve operational problems, with extra effort going to the ones that irritated him personally. He takes a great deal of pride in not needing a budget to solve most problems.
  • Isaac 'Ike' Levy on the Real Unix Tradition
    Source: New York City *BSD User Group
    Added: 08 July 2007
    Tags: nycbug, presentation, unix tradition, isaac levy
    MP3 version (10Mb)

    "The Real Unix Tradition" UNIX hackers, all standing on the shoulders of giants. "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 "Well, it was all Open Source, before anybody really called it that". - Brian Redman, 2003 UNIX is the oldest active and growing computing culture alive today. From it's humble roots in the back room at Bell Laboratories, to today's global internet infrastructure- UNIX has consistently been at the core of major advances in computing. Today, the BSD legacy is the most direct continuation of the most successful principles in UNIX, and continues to lead major advances in computing. Why? What's so great about UNIX? This lecture aims to prove that UNIX history is surprisingly useful (and fun)- for developers, sysadmins, and anyone working with BSD systems. About the speaker Isaac Levy, (ike) is a freelance BSD hadker based in NYC. He runs Diversaform Inc. as an engine to make his hacking feed itself, (and ike). Diversaform specializes in *BSD based solutions, providing 'IT special weapons and tatics' for various sized business clients, as well as running a small high-availability datacenter operation from lower Manhattan. With regard to FreeBSD jail(8), ike was a partner in the first jail (8)-based web hosting ISP in America, iMeme, and has been developing internet applications in and out of jails since 1999. Isaac is a proud member of NYC*BUG (the New York City *BSD Users Group), and a long time member of LESMUUG, (the Lower East Side Mac Unix Users Group).
  • Steven Kreuzer on Denial of Service Mitigation Techniques
    Source: New York City *BSD User Group
    Added: 08 June 2007
    Tags: nycbug, presentation, denialofservice, steven kreuzer
    MP3 version (10Mb)

    Protecting your servers, workstations and networks can only go so far. Attacks which consume your available Internet-facing bandwidth, or overpower your CPU, can still take you offline. His presentation will discuss techniques for mitigating the effects of such attacks on servers designed to provide network intensive services such as HTTP or routing. About the speaker Steven Kreuzer is currently employed by Right Media as a Systems Administrator focusing on building and managing high transaction infrastructures around the globe. He has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.
  • Amitai Schlair on pkgsrcCon.
    Source: New York City *BSD User Group
    Added: 04 May 2007
    Tags: nycbug, presentation, pkgsrccon, netbsd, amitai schlair
    MP3 version (21Mb)

    The fourth annual pkgsrcCon is April 27-29 in Barcelona. As might be expected when brains congregate, pkgsrcCon traditionally results in a flurry of activity toward new directions and initiatives. Mere hours after returning to New York, Amitai will give us a recap of the proceedings, including his presentation, "Packaging djbware." Amitai Schlair is a pkgsrc developer who has worked in such diverse areas as Mac OS X platform support and packages of software by Dan Bernstein. His full-time undergraduate studies at Columbia are another contributing factor to his impending insanity. He consults in software and IT.
  • Ray Lai: on OpenCVS
    Source: New York City *BSD User Group
    Added: 06 April 2007
    Tags: nycbug, presentation, cvs, openbsd, ray lai
    MP3 version

    This presentation was inspired by the recent Subversion presentation. It will talk about the origins of OpenRCS and OpenCVS, its real-world usage in the OpenBSD project, and why OpenBSD will continue to use CVS. Ray is an OpenBSD developer who uses Subversion by day, CVS by night. Taking the phrase "complexity is the enemy of security" to heart, he believes that the beauty of UNIX's security is in its simplicity.
  • Matthew Burnside: Integrated Enterprise Security Mgmt
    Source: New York City *BSD User Group
    Added: 09 March 2007
    Tags: mp3, presentation, enterprise security, matthew burnside
    MP3 version

    Integrated Enterprise Security Management Security policies are a key component in protecting enterprise networks. But, while there are many diverse defensive options available, current models and mechanisms for mechanically-enforced security policies are limited to traditional admission-based access control. Defensive capabilities include among others logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, while policy enforcement is essentially limited to one-off access control. Furthermore, access-control mechanisms operate independently on each service, which can (and often does) lead to inconsistent or incorrect application of the intended system-wide policy. We propose a new scheme for global security policies. Every policy decision is made with near-global knowledge, and re-evaluated as global knowledge changes. Using a variety of actuators, we make the full array of defensive capabilities available to the global policy. Our goal is a coherent, enterprise-wide response to any network threat. Biography Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His main research interests are in computer security, trust management, and network anonymity.
  • Ivan Ivanov on The Version Control System Subversion
    Source: New York City *BSD User Group
    Added: 09 February 2007
    Tags: nycbug, presentation, subversion, ivan ivanov
    MP3 version

    The presentation will discuss Subversion from both client and server points of view. It will show how to create repositories and how to make them accessible over the network using different access schemes like http://, file:// or svn://. Pointers are given on securing the repositories and on authenticating and authorizing the clients. Next, the presentation shows how an user interacts with the repository and describes some of the important Subversion client commands. Finally, it deals with administrating the repository using "hook scripts". Ivan Ivanov is generally interested in Version Control Systems since his student years in Sofia University, Bulgaria, where he set up and maintained a CVS server for an academic project. When Subversion became a fact and proved to be "a better CVS" he researched it and last year deployed it for his NYC-based employer Ariel Partners (http://www.arielpartners.com/). He integrated the Subversion repositories with Apache Web Server over https to enable a reliable and secure way to access them from any point.
  • Okan Demirmen on PF
    Source: New York City *BSD User Group
    Added: 07 January 2007
    Tags: nycbug, presentation, openbsd, pf, okan demirmen
    MP3 version

    We have had lots of meetings that have peripherally discussed OpenBSD's wildly popular PF firewall... but finally we will have a meeting focused on it.
  • New York City BSD Con 2006: BSD is Dying - A Cautionary Tale of Sex and Greed
    Source: New York City *BSD User Group
    Added: 02 November 2006
    Tags: nycbug, presentation, humor, bsd is dying, jason dixon
    MP4 (31Mb), QuickTime (19Mb), iPod (36Mb)

    BSD is Dying A Cautionary Tale of Sex and Greed Jason Dixon October 28, 2006 First and foremost, I would like to thank the unique presentation styles of Dick Hardt and Lawrence Lessig for inspiring me to create this presentation. The following videos were created by exporting the original Keynote presentation slides into QuickTime video, then manually synchronizing them using iMovie HD with the audio recordings captured by Nikolai Fetissov. They were then exported into QuickTime, mpeg4 (H.264/AAC), and iPod movie formats. If you are having difficulties with the MP4 copy, and are unable to view QuickTime movies, please contact me and I'll try to assist.
  • New York City BSD Con 2006
    Source: New York City *BSD User Group
    Added: 01 November 2006
    Tags: nycbug, nycbsdcon, nycbsdcon2006, presentation
    Russell Sutherland: BSD on the Edge of the Enterprise. (12 Mb), Bob Beck: spamd - spam deferral daemon. (16 Mb), Bjorn Nelson: A Build System for FreeBSD (9 Mb), Jason Dixon: BSD Is Dying. (5 Mb), Kristaps Johnson: BSD Virtualisation with sysjail. (15 Mb), Bob Beck: PF, it is not just for firewalls anymore. (15 Mb), Jason Wright: OpenBSD on sparc64. (9 Mb), Brian A. Seklecki: A Framework for NetBSD Network Appliances. (10 Mb), Johnny C. Lam: The "hidden dependency" problem. (13 Mb), Corey Benninger: Security with Ruby on Rails in BSD (14 Mb), Wietse Venema: Postfix as a Secure Programming Example. (16 Mb), Marco Peereboom: Bio & Sensors in OpenBSD. (11 Mb)

    Audio recordings of presentations given at New York City BSD Conference 2006. Courtesy of nikolai at fetissov.org. The main page also has links to the slides.
  • Isaac 'Ike' Levy on m0n0wall and PFSense (9 Mb)
    Source: New York City *BSD User Group
    Added: 09 September 2006
    Tags: nycbug, presentation, monowall, pfsense, isaac levy

    UNIX professionals are busy these days. Setting up routers and firewalls are fundamental to any network, but in environments where the focus is on various applications, (servers, workstations, and the software that runs on them), it's difficult for a business not to choose off-the-shelf SOHO routers and networking gear. The web management GUIs are understandable by everyone, (even techs without UNIX knowledge), and the gear is cheap - this saves time and money. In the meantime, the features of your average Linksys or Netgear router often leave MUCH to be desired, (https auth management, for one simple example). Enter m0n0wall and PFSense, 2 BSD based packaged router/firewall solutions that are as solid and full featured as you'd expect from any BSD system- PLUS THEY HAVE HTML WEB INTERFACES FOR MANAGEMENT! m0n0wall and PFSense become an easy sell in any small professional environment, any competent tech can manage the network within minutes... At home, in every hackers home network, they free the hacker to have trusted tools available, but are as time-saving as using any Linksys router. m0n0wall and PFSense are both light and clean, designed to run on embedded systems- (Soekris, WRAP), but are monsters when unleashed on even legacy PCs around the office. If you manage UNIX networks and systems all day, do you really want to manage the router for your DSL when you get home? But then doesn't it bug you to use a chincey Linksys box? Ike has been a member of NYC*BUG since we first launched in January 2004. He is a long-time member of the Lower East Side Mac Unix User Group. He has spoken frequently on a number of topics at various venues, particularly on the issue of FreeBSD's jail (8).
  • Alfred Perlstein on Sendmail Hacks (11 Mb)
    Source: New York City *BSD User Group
    Added: 07 August 2006
    Tags: nycbug, presentation, sendmail, alfred perlstein

    Alfred will discuss the hacks used to turn Sendmail into a high performance solution for delivering millions of messages to OKCupid's subscribers. Topics covered will be system tuning and sendmail hacks used in house to achieve massive throughput. Alfred Perlstein is the CTO of OKcupid.com, the largest free online dating site. He has been a FreeBSD hacker for five years, he's worked on NFS, VFS, pthreads, networking and general system maintenance during his tenure on both FreeBSD and OS X kernels.
  • Nate Lawson on ACPI (245 Mb)
    Source: Bay Area FreeBSD User Group
    Added: 09 September 2006
    Tags: bafug, presentation, freebsd, acpi, nate lawson

    Our Topic: FreeBSD's ACPI implementation: The details. Our Speaker: Nate Lawson, FreeBSD Committer. Our Topic: FreeBSD's ACPI implementation is based on code for ACPI released by Intel. Nate and others wrote the glue code to make this code work on FreeBSD. He explains how this was done, and why.
  • Network Protocol Development Tools and Techniques for FreeBSD (211 Mb)
    Source: Bay Area FreeBSD User Group
    Added: 10 August 2006
    Tags: bafug, presentation, freebsd, packet construction set, george neville-neil

    Our Topic: Network Protocol Development Tools and Techniques for FreeBSD Our Speaker: George Neville-Neil, co-author of the "Design and Implementation of the FreeBSD Operating System" "daemon" book. Our Topic: While computers have gotten faster and more powerful the tools we use to develop network protocols, such as TCP, UDP, IPv4 and IPv6 have not. Most network protocols are developed, in C, in the kernel, and require a lot of work to test. Over the past year or so I have been working with virtual machines, a couple of pieces of open source software, and begun developing a library for use in protocol testing. This talk will cover three topics: Developing and testing kernel code with Virtual Machines Finding good tests for networking code Packet Construction Set (PCS) a new library for writing protocol tests
  • Tim Kientzler on developing libarchive and tar
    Source: Bay Area FreeBSD User Group
    Added: 13 July 2006
    Tags: bafug, presentation, libarchive, tim kientzler
    Part 2 (125 Mb), Part 1 (50 Mb), Part 3 (30 Mb)

    libarchive..........Tim Kientzler on developing libarchive and tar.
  • COMPLETE Hard Disk Encryption with FreeBSD
    Source: 22nd Chaos Communication Congress
    Added: 23 August 2006
    Tags: ccc, ccc2005, ccc22, presentation, freebsd, harddisk encryption, marc schiesser
    Bittorrent link (37Kb), Slides (679Kb)

    COMPLETE Hard Disk Encryption with FreeBSD, by Marc Schiesser Learn how to effectively protect not only your data but also your applications. Most technologies and techniques intended for securing digital data focus on protection while the machine is turned on mostly by defending against remote attacks. An attacker with physical access to the machine, however, can easily circumvent these defenses by reading out the contents of the storage medium on a different, fully accessible system or even compromise program code on it in order to leak encrypted information. Especially for mobile users, that threat is real. And for those carrying around sensitive data, the risk is most likely high. This talk will introduce a method of mitigating that particular risk by protecting not only the data through encryption, but also the applications and the operating system from being compromised while the machine is turned off.
  • FreeBSD Security Officer funktionen
    Source: AArhus Unix Users Group
    Added: 15 January 2007
    Tags: aauug, presentation, danish, freebsd, security officer, simon l nielsen
    PDF (danish) (211 Kb)

    "FreeBSD Security Officer funktionen" at the AAUUG, AAUUG, 22 August 2006 by Simon L. Nielsen (FreeBSD Deputy Security Officer)
  • FreeBSD Security Officer funktionen (210 Kb)
    Source: BSD UNIX bruger gruppe i Danmark
    Added: 15 January 2007
    Tags: aauug, presentation, danish, freebsd, security officer, simon l nielsen

    "FreeBSD Security Officer funktionen" at the BSD-DK, 26 August 2006 by Simon L. Nielsen (FreeBSD Deputy Security Officer)
  • Releaseparty, the Varnish HTTP accelerator
    Source: Norwegian Unix Users Group
    Added: 03 October 2006
    Tags: nuug, presentation, varnish, poul-henning kamp
    MP3 version (47.8 Mb), Video version (230 Mb)

    VG sponsored the creation of a web-accellerator called "Varnish" because Squid was too slow for them. Varnish is being developed by Poul-Henning Kamp and the Norwegian Linux consultancy Linpro. This is the releaseparty for version 1.0. The first half of the talk will introduce Varnish and present some of the novel features it brings to the business of web-serving. The second half of the talk, using Varnish as the example, will show ways to get the most performance out of modern hardware and operating systems. (The English text starts at about 5 minutes in the stream)
  • Dimitri Vasileva - Visualizing Security Threats with Social Networking Software
    Source: OpenFest
    Added: 27 March 2008
    Tags: openfest, openfest2007, presentation, freebsd, security, social networking, dimitri vasileva
    AVI (331 Mb)

    Dimitri Vasileva - Visualizing Security Threats with Social Networking Software (Bulgarian)
  • Shcheryana Shopova - SNMP monitoring
    Source: OpenFest
    Added: 27 March 2008
    Tags: openfest, openfest2007, presentation, freebsd, snmp, monitoring, shcheryana shopova
    AVI (271 Mb)

    Shcheryana Shopova - SNMP monitoring (Bulgarian)
  • Willow Vachkov - FreeBSD and the new network and transport protocols (IPv6 and SCTP)
    Source: OpenFest
    Added: 27 March 2008
    Tags: openfest, openfest2007, presentation, freebsd, ipv6, sctp, willow vanchkov
    AVI (251 Mb)

    Willow Vachkov - FreeBSD and the new network and transport protocols (IPv6 and SCTP) (Bulgarian)
  • Atanas Bchvarov - Packet Filtering in FreeBSD
    Source: OpenFest
    Added: 27 March 2008
    Tags: openfest, openfest2007, presentation, freebsd, atanas bchvarov
    AVI (186 Mb)

    Atanas Bchvarov - Packet Filtering in FreeBSD (Bulgarian)
  • Nikolai Denev - FreeBSD goes Zettabyte
    Source: OpenFest
    Added: 27 March 2008
    Tags: openfest, openfest2007, presentation, freebsd, zettabyte, nikolai denev
    AVI (358 Mb)

    Nikolai Denev - FreeBSD goes Zettabyte (Bulgarian)
  • Vasil Dimov - The FreeBSD ports collection - tips and tricks
    Source: OpenFest
    Added: 27 March 2008
    Tags: openfest, openfest2007, presentation, freebsd, ports collection, vasil dimov
    AVI (341 Mb)

    Vasil Dimov - The FreeBSD ports collection - tips and tricks (Bulgarian)
  • FreeBSD ports Erwin Lansing
    Source: OpenFest
    Added: 15 January 2007
    Tags: openfest, openfest2006, presentation, freebsd, port manager, erwin lansing
    PDF (128 Kb)

    Case study : managing a worldwide open source project: FreeBSD port manager
  • Ham Radio on FreeBSD (23 pages)
    Source: Ottawa Amateur Radio Club
    Added: 19 February 2007
    Tags: oarc, presentation, radio, diane bruce

    Last month I attended a meeting of the Ottawa Amateur Radio Club (OARC) as a member of my local BUG was giving a presentation on Ham Radio on FreeBSD. Diane Bruce, call sign VA3DB, has had her operator license since 1969 and is well known in the BSD community and for the development of ircd-hybrid. In the past year she has assisted in the creation of the Hamradio category in the FreeBSD ports tree and has become the maintainer of over 20 of the hamradio ports. She also contributed to the FreeBSD entry at Hampedia, the Wikipedia for ham operators. Her presentation slides are a great introduction to the various ham utilities which are available, including both descriptions and screenshots of the utilities in action.
  • Chris Buechler and Scott Ullrich - pfSense: 2.0 and beyond
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, pfsense, chris buechler, scott ullrich
    Slides (3.2 Mb, 36 pages)

    pfSense: 2.0 and beyond From firewall distribution to appliance building platform pfSense is a BSD licensed customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. This session will start with an introduction to the project and its common uses, which have expanded considerably beyond firewalling. We will cover much of the new functionality coming in the 2.0 release, which contains significant enhancements to nearly every portion of the system as well as numerous new features. While the primary function of the project is a firewalling and routing platform, with changes coming in pfSense 2.0, it has also become an appliance building framework enabling the creation of customized special purpose appliances. The m0n0wall code where pfSense originated has proved popular for this purpose, with AskoziaPBX and FreeNAS also based upon it, in addition to a number of commercial solutions. The goal of this appliance building framework is to enable creation of projects such as these without having to fork and maintain another code base. The existing appliances, including a DNS server using TinyDNS, VoIP with FreeSWITCH, and others will be discussed. For those interested in creating appliances, an overview of the process will be provided along with references for additional information.
  • Luigi Rizzo - GEOM based disk schedulers for FreeBSD
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
    Slides (430 Kb, 40 pages)

    GEOM based disk schedulers for FreeBSD The high cost of seek operations makes the throughput of disk devices very sensitive to the offered workload. A disk scheduler can then help reorder requests to improve the overall throughput of the device, or improve the service guarantees for individual users, or both. Research results in recent years have introduced, and proven the effectiveness of, a technique called "anticipatory scheduling". The basic idea behind this technique is that, in some cases, requests that cause a seek should not be served immediately; instead, the scheduler should wait for a short period of time in case other requests arrive that do not require a seek to be served. With many common workloads, dominated by sequential synchronous requests, the potential loss of throughput caused by the disk idling times is more than balanced by the overall reduction of seeks. While a fair amount of research on disk scheduling has been conducted on FreeBSD, the results were never integrated in the OS, perhaps because the various prototype implementations were very device-specific and operated within the device drivers. Ironically, anticipatory schedulers are instead a standard part of Linux kernels. This talk has two major contributions: First, we will show how, thanks to the flexibility of the GEOM architecture, an anticipatory disk scheduling framework has been implemented in FreeBSD with little or no modification to a GENERIC kernel. While these schedulers operate slightly above the layer where one would naturally put a scheduler, they can still achieve substantial performance improvements over the standard disk scheduler; in particular, even the simplest anticipatory schedulers can prevent the complete trashing of the disk performance that often occurs in presence of multiple processes accessing the disk. Secondly, we will discuss how the basic anticipatory scheduling technique can be used not only to improve the overall throughput of the disk, but also to give service guarantees to individual disk clients, a feature that is extremely important in practice e.g., when serving applications with pseudo-real-time constraints such as audio or video streaming ones. A prototype implementation of the scheduler that will be covered in the presentation is available at http://info.iet.unipi.it/~luigi/FreeBSD/
  • Constantine A. Murenin - Quiet Computing with BSD
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, openbsd, hardware sensors, constantine murenin
    Slides (264 Kb, 16 pages)

    Quiet Computing with BSD Programming system hardware monitors for quiet computing In this talk, we will present a detailed overview of the features and common problems of microprocessor system hardware monitors as they relate to the topic of silent computing. In a nutshell, the topic of programmable fan control will be explored. Silent computing is an important subject as its practice reduces the amount of unnecessary stress and improves the motivation of the workforce, at home and in the office. Attendees will gain knowledge on how to effectively programme the chips to minimise fan noise and avoid system failure or shutdown during temperature fluctuations, as well as some basic principles regarding quiet computing. Shortly before the talk, a patch for programming the most popular chips (like those from Winbond) will be released for the OpenBSD operating system, although the talk itself will be more specific to the microprocessor system hardware monitors themselves, as opposed to the interfacing with thereof in modern operating systems like OpenBSD, NetBSD, DragonFly BSD and FreeBSD.
  • Fernando Gont - Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, bsd, security assessment, fernado gont
    Security Assessment of the Internet Protocol (660 Kb, 63 pages), Slides (473 Kb, 64 pages), Proposal (93 Kb, 3 pages), Security Assessment of the Transmission Control Protocol (TCP) (1.4 Mb, 130 pages)

    Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies Fernando Gont will present the results of security assessment of the TCP and IP protocols carried out on behalf of the United Kingdom's Centre for the Protection of National Infrastructure (Centre for the Protection of National Infrastructure). His presentation will provide an overview of the aforementioned project, and will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems with respect to the aforementioned issues. During the last twenty years, many vulnerabilities have been identified in the TCP/IP stacks of a number of systems. The discovery of these vulnerabilities led in most cases to reports being published by a number of CSIRTs and vendors, which helped to raise awareness about the threats and the best possible mitigations known at the time the reports were published. For some reason, much of the effort of the security community on the Internet protocols did not result in official documents (RFCs) being issued by the organization in charge of the standardization of the communication protocols in use by the Internet: the Internet Engineering Task Force (IETF). This basically led to a situation in which "known" security problems have not always been addressed by all vendors. In addition, in many cases vendors have implemented quick "fixes" to the identified vulnerabilities without a careful analysis of their effectiveness and their impact on interoperability. As a result, producing a secure TCP/IP implementation nowadays is a very difficult task, in large part because of the hard task of identifying relevant documentation and differentiating between that which provides correct advisory, and that which provides misleading advisory based on inaccurate or wrong assumptions. During 2006, the United Kingdom's Centre for the Protection of National Infrastructure embarked itself in an ambitious and arduous project: performing a security assessment of the TCP and IP protocols. The project did not limit itself to an analysis of the relevant IETF specifications, but also included an analysis of common implementation strategies found in the most popular TCP and IP implementations. The result of the project was a set of documents which identifies possible threats for the TCP and IP protocols and, where possible, proposes counter-measures to mitigate the identified threats. This presentation will will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems.
  • Randi Harper - Automating FreeBSD Installations
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, freebsd, pxe, sysinstall, randi harper
    Slides (33 Kb, 14 pages)

    Automating FreeBSD Installations PXE Booting and install.cfg Demystified This paper will provide an explanation of the tools involved in performing an automated FreeBSD install and a live demonstration of the process. FreeBSD's sysinstall provides a powerful and flexible mechanism for automated installs but doesn't get used very often because of a lack of documentation.
  • Brooks Davis - Isolating Cluster Jobs for Performance and Predictability
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, freebsd, cluster, brooks davis
    Slides (1.4 Mb, 27 pages)

    Isolating Cluster Jobs for Performance and Predictability At The Aerospace Corporation, we run a large FreeBSD based computing cluster to support engineering applications. These applications come in all shapes, sizes, and qualities of implementation. To support them and our diverse userbase we have been searching for ways to isolate jobs from one another in ways that are more effective than Unix time sharing and more fine grained than allocating whole nodes to jobs. In this talk we discuss the problem space and our efforts so far. These efforts include implementation of partial file systems virtualization and CPU isolation using CPU sets.
  • John Baldwin - Multiple Passes of the FreeBSD Device Tree
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, freebsd, device tree, john baldwin
    Slides (60 Kb, 15 pages), Paper (103 Kb, 8 pages)

    Multiple Passes of the FreeBSD Device Tree The existing device driver framework in FreeBSD works fairly well for many tasks. However, there are a few problems that are not easily solved with the current design. These problems include having "real" device drivers for low-level hardware such as clocks and interrupt controllers, proper resource discovery and management, and allowing most drivers to always probe and attach in an environment where interrupts are enabled. I propose extending the device driver framework to support multiple passes over the device tree during boot. This would allow certain classes of drivers to be attached earlier and perform boot-time setup before other drivers are probed and attached. This in turn can be used to develop solutions to the earlier list of problems.
  • Colin Percival - scrypt: A new key derivation function
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, scrypt, colin percival
    Slides (556 Kb, 21 pages), Paper (201 Kb, 16 pages)

    scrypt: A new key derivation function Doing our best to thwart TLAs armed with ASICs Password-based key derivation functions are used for two primary purposes: First, to hash passwords so that an attacker who gains access to a password file does not immediately possess the passwords contained therewithin; and second, to generate cryptographic keys to be used for encrypting or authenticating data. In both cases, if passwords do not have sufficient entropy, an attacker with the relevant data can perform a brute force attack, hashing potential passwords repeatedly until the correct key is found. While commonly used key derivation functions, such as Kamp's iterated MD5, Provos and Mazieres' bcrypt, and RSA Laboratories' PBKDF1 and PBKDF2 make an attempt to increase the difficulty of brute-force attacks, they all require very little memory, making them ideally suited to attack by custom hardware. In this talk, I will introduce the concepts of memory-hard and sequential memory-hard functions, and argue that key derivation functions should be sequential memory-hard. I will present a key derivation function which, subject to common assumptions about cryptographic hash functions, is provably sequential memory-hard, and a variation which appears to be stronger (but not provably so). Finally, I will provide some estimates of the cost of performing brute force attacks on a variety of password strengths and key derivation functions.
  • Stephen Borrill - Building products with NetBSD - thin-clients
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, netbsd, thin client, stephen borrill
    Slides (499 Kb, 60 pages)

    Building products with NetBSD - thin-clients NetBSD: delivering the goods This talk will discuss what thin-clients are, why they are useful and why NetBSD is good choice to build such a device. This talk will provide information on some alternatives and the strengths and weaknesses of NetBSD when used in such a device. It will discuss problems that needed to be addressed such as how to get a device with rich functionality running from a small amount of flash storage, as well as recent developments in NetBSD that have helped improve the product.
  • Cat Allman and Leslie Hawthorn - Getting Started in Free and Open Source
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, getting started, cat allman, leslie hawthorn
    Slides (893 Kb, 25 pages)

    Getting Started in Free and Open Source Interested in getting involved? But don't really know where or how to start? The talk is called "Getting Started in Free and Open Source". It's a talk for beginners who are interested to getting involved but don't really know where or how to start. We cover the basics of: -why you might want to get involved -what you can get out of participating -more than coding is needed -how to chose a project -how to get started -etiquette of lists and other communication -dos and don't of joining a community
  • Warner Losh - Tracking FreeBSD in a commercial Environment
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, freebsd, commercial environment, waner losh
    Paper (624 Kb, 45 pages), Slides (104 Kb, 10 pages)

    Tracking FreeBSD in a commercial Environment How to stay current while staying sane The FreeBSD project publishes two lines of source code: current and stable. All changes must first be committed to current and then are merged into stable. Commercial organizations wishing to use FreeBSD in their products must be aware of this policy. Four different strategies have developed for tracking FreeBSD over time. A company can choose to run only unmodified release versions of FreeBSD. A company may choose to import FreeBSD's sources once and then never merge newer versions. A company can choose to import each new stable branch as it is created, adding its own changes to that branch, as well as integrating new versions from FreeBSD from time to time. A company can track FreeBSD's current branch, adding to it their changes as well as newer FreeBSD changes. Which method a company chooses depends on the needs of the company. These methods are explored in detail, and their advantages and disadvantages are discussed. Tracking FreeBSD's ports and packages is not discussed. Companies building products based upon FreeBSD have many choices in how to use the projects sources and binaries. The choices range from using unmodified binaries from FreeBSD's releases, to tracking modify FreeBSD heavily and tracking FreeBSD's evolution in a merged tree. Some companies may only need to maintain a stable version of FreeBSD with more bug fixes or customizations than the FreeBSD project wishes to place in that branch. Some companies also wish to contribute some subset of their changes back to the FreeBSD project. FreeBSD provides an excellent base technology with which to base products. It is a proven leader in performance, reliability and scalability. The technology also offers a very business friendly license that allows companies to pick and choose which changes they wish to contribute to the community rather than forcing all changes to be contributed back, or attaching other undesirable license conditions to the code. However, the FreeBSD project does not focus on integration of its technology into customized commercial products. Instead, the project focuses on producing a good, reliable, fast and scalable operating system and associated packages. The project maintains two lines of development. A current branch, where the main development of the project takes place, and a stable branch which is managed for stability and reliability. While the project maintains documentation on the system, including its development model, relatively little guidance has been given to companies in how to integrate FreeBSD into their products with a minimum of trouble. Developing a sensible strategy to deal with both these portions of FreeBSD requires careful planning and analysis. FreeBSD's lack of guidelines to companies leaves it up to them to develop a strategy. FreeBSD's development model differs from some of the other Free and Open Source projects. People familiar with those systems often discover that methods that were well suited to them may not work as well with FreeBSD's development model. These two issues cause many companies to make poor decisions without understanding the problems that lie in their future. Very little formal guidance exists for companies wishing to integrate FreeBSD into their products. Some email threads can be located via a Google search that could help companies, but many of them are full of contradictory information, and it is very disorganized. While the information about the FreeBSD development process is in the FreeBSD handbook, the implications of that process for companies integrating FreeBSD into their products are not discussed.
  • Kris Moore - PC-BSD - Making FreeBSD on the desktop a reality
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, pc-bsd, freebsd, kris moore
    Paper (351 Kb, 9 pages), Slides (512 Kb, 35 pages)

    PC-BSD - Making FreeBSD on the desktop a reality FreeBSD on the Desktop While FreeBSD is a all-around great operating system, it is greatly lagging behind in desktop appeal. Why is this? In this talk, we will take a look at some of the desktop drawbacks of FreeBSD, and how are are attempting to fix them through PC-BSD. FreeBSD has a reputation for its rock-solid reliability, and top-notch performance in the server world, but is noticeably absent when it comes to the vast market of desktop computing. Why is this? FreeBSD offers many, if not almost all of the same open-source packages and software that can be found in the more popular Linux desktop distributions, yet even with the speed and reliability FreeBSD offers, a relative few number of users are deploying it on their desktops. In this presentation we will take a look at some of the reasons why FreeBSD has not been as widely adopted in the desktop market as it has on the server side. Several of the desktop weaknesses of FreeBSD will be shown, along with how we are trying to fix these short-comings through a desktop-centric version of FreeBSD, known as PC-BSD. We will also take a look at the package management system employed by all open-source operating systems alike, and some of the pitfalls it brings, which may hinder widespread desktop adoption.
  • Sean Bruno - Implementation of TARGET_MODE applications
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, freebsd, firewire, sean bruno
    Slides (72 Kb, 22 pages)

    Implementation of TARGET_MODE applications How we used TARGET_MODE in the kernel to create and interesting product This presentation will cover a real world implementation of the TARGET_MODE infrastructure in the kernel (stable/6). Topics to include: drivers used (isp, aic7xxx, firewire). scsi_target userland code vs kernel drivers missing drivers (4/8G isp support, iSCSI target) Target Mode describes a feature within certain drivers that allows a FreeBSD system to emulate a Target in the SCSI sense of the word. By recompiling your kernel with this feature enabled, it permits one to turn a FreeBSD system into an external hard disk. This feature of the FreeBSD kernel provides many interesting implementations and is highly desirable to many organizations whom run FreeBSD as their platform. I have been tasked with the maintenance of a proprietary target driver that interfaces with the FreeBSD kernel to do offsite data mirroring at the block level. This talk will discuss the implementation of that kernel mode driver and the process my employer went through to implement a robust and flexible appliance. Since I took over the implementation, we have implemented U160 SCSI(via aic7xxx), 2G Fibre Channel(via isp) and Firewire 400 (via sbp_targ). Each driver has it's own subtleties and requirements. I personally enhanced the existing Firewire target driver and was able to get some interesting results. I hope to demonstrate a functional Firewire 400/800 target and show how useful this application can be for the embedded space. Also, I wish to demonstrate the need for iSCSI. USB and 4/8G Fibre Channel target implementations that use the TARGET_MODE infrastructure that is currently in place to allow others to expand their various interface types. The presentation should consist of a high level overview, followed by detailed implementation instructions with regards to the Firewire implementation and finish up with a hands-on demonstration with a FreeBSD PC flipped into TARGET_MODE and a Mac.
  • George Neville-Neil - Understanding and Tuning SCHED_ULE
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, freebsd, sched_ule, george neville-neil
    Slides (228 Kb, 29 pages)

    Understanding and Tuning SCHED_ULE With the advent of widespread SMP and multicore CPU architectures it was necessary to implement a new scheduler in the FreeBSD operating system. The SCHEDULE scheduler was added for the 5 series of FreeBSD releases and has now matured to the point where it is the default scheduler in the 7.1 release. While scheduling processes was a difficult enough task in the uniprocessor world, moving to multiple processors, and multiple cores, has significantly increased the number of problems that await engineers who wish to squeeze every last ounce of performance out of their system. This talk will cover the basic design of SCHEDULE and focus a great deal of attention on how to tune the scheduler for different workloads, using the sysctl interfaces that have been provided for that purpose. Understanding and tuning a scheduler used to be done only by operating systems designers and perhaps a small minority of engineers focusing on esoteric high performance systems. With the advent of widespread multi-processor and multi-core architectures it has become necessary for more users and administrators to decide how to tune their systems for the best performance. The SCHEDULE scheduler in FreeBSD provides a set of sysctl interfaces for tuning the scheduler at run time, but in order to use these interfaces effectively the scheduling process must first be understood. This presentation will give an overview of how SCHEDULE works and then will show several examples of tuning the system with the interfaces provided. The goal of modifying the scheduler's parameters is to change the overall performance of programs on the system. One of the first problems presented to the person who wants to tune the scheduler is how to measure the effects of their changes. Simply tweaking the parameters and hoping that that will help is not going to lead to good results. In our recent experiments we have used the top(1) program to measure our results.
  • Lawrence Stewart - Improving the FreeBSD TCP Implementation
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, freebsd, tcp, lawrence stewart
    Slides (2.1 Mb, 38 pages)

    Improving the FreeBSD TCP Implementation. An update on all things TCP in FreeBSD and how they affect you. My involvement in improving the FreeBSD TCP stack has continued this past year, with much of the work targeted at FreeBSD 8. This talk will cover what these changes entail, why they are of interest to the FreeBSD community and how they help to improve our TCP implementation. It has been a busy year since attending my inaugural BSDCan in 2008, where I talked about some of my work with TCP in FreeBSD. I have continued the work on TCP analysis/debugging tools and integrating modular congestion control into FreeBSD as part of the NewTCP research project. I will provide a progress update on this work. Additionally, a grant win from the FreeBSD Foundation to undertake a project titled "Improving the FreeBSD TCP Implementation" at Swinburne University's Centre for Advanced Internet Architectures has been progressing well. The project focuses on bringing TCP Appropriate Byte Counting (RFC 3465), reassembly queue auto-tuning and integration of low-level analysis/debugging tools to the base system, all of which I will also discuss.
  • Joerg Sonnenberger - Journaling FFS with WAPBL
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, netbsd, wapbl, ffs, joerg sonnenberger
    Slides (10 Kb, 24 pages)

    Journaling FFS with WAPBL NetBSD 5 is the first NetBSD release with a journaling filesystem. This lecture introduces the structure of the Fast File System, the modifications for WAPBL and specific constraints of the implementation. The Fast File System (FFS) has been used in the BSD land for more than two decades. The original implementation offered two operational modes: safe and slow (sync) unsafe and fast (async) One decade ago, Kirk McKusick introduced the soft dependency mechanism to offset the performance impact without risk of mortal peril on the first crash. With the advent of Terabyte hard disks, the need for a file system check (fsck) after a crash becomes finally unacceptable. Even a background fsck like supported on FreeBSD consumes lots of CPU time and IO bandwidth. Based on a donation from Wasabi Systems, Write Ahead Physical Block Logging (WAPBL) provides journaling for FFS with similar or better performance than soft dependencies during normal operation. Recovery time after crashes depends on the amount of outstanding IO operations and normally takes a few seconds. This lecture gives a short overview of FFS and the consistency constraints for meta data updates. It introduces the WAPBL changes, both in terms of the on-disk format and the implementation in NetBSD. Finally the implementation is compared to the design of comparable file systems and specific issues of and plans for the current implementation are discussed.
  • Ivan Voras - Remote and mass management of systems with finstall
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
    Slides (377 Kb, 24 pages)

    Remote and mass management of systems with finstall Automated management on a largish scale An important part of the "finstall" project, created as a graphical installer for FreeBSD, is a configuration server that can be used to remotely administer and configure arbitrary systems. It allows for remote scripting of administration tasks and is flexible enough to support complete reconfiguration of running systems. The finstall project has two major parts - the front-end and the back-end. The front-end is just a GUI allowing the users to install the system in a convenient way. The back-end is a network-enabled XML-RPC server that is used by the front-end to perform its tasks. It can be used as a stand-alone configuration daemon. This talk will describe a way to make use of this property of finstall to remotely manage large groups of systems.
  • Mike Silbersack - Detecting TCP regressions with tcpdiff
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, tcpdiff, freebsd, mike silbersack
    Slides (89 Kb, 33 pages)

    Detecting TCP regressions with tcpdiff Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. The initial version of tcpdiff presented at NYCBSDCon 2008 demonstrated that it could be used to detect at least two major TCP bugs that were introduced into FreeBSD in the past few years. The work from that presentation can be viewed at http://www.silby.com/nycbsdcon08/. For BSDCan 2009, I hope to fix a number of bugs in tcpdiff, make it easier to use, set up nightly tests of FreeBSD, and improve it so that additional known bugs can be detected. Additionally, I plan to run it on OSes other than FreeBSD.
  • Philip Paeps - Crypto Acceleration on FreeBSD
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, crypto acceleration, freebsd, philip paeps
    Slides (361 Kb, 28 pages)

    Crypto Acceleration on FreeBSD As more and more services on the internet become cryptographically secured, the load of cryptography on systems becomes heavier and heavier. Crypto acceleration hardware is available in different forms for different workloads. Embedded communications processors from VIA and AMD have limited acceleration facilities in silicon and various manufacturers build hardware for accelerating secure web traffic and IPSEC VPN tunnels. This talk gives an overview of FreeBSD's crypto framework in the kernel and how it can be used together with OpenSSL to leverage acceleration hardware. Some numbers will be presented to demonstrate how acceleration can improve performance - and how it can curiously bring a system to a grinding halt. Philip originally started playing with crypto acceleration when he saw the "crypto block" in one of his Soekris boards. As usual, addiction was instant and by the grace of the "you touch it, you own it" principle, he has been fiddling the crypto framework more than is good for him.
  • Sean Bruno - Firewire BoF Plugfest
    Source: BSDCan - The Technical BSD Conference
    Added: 25 May 2009
    Tags: bsdcan, bsdcan2009, presentation, firewire, plugfest, sean bruno
    Slides (37 Kb, 1 page)

    Firewire BoF Plugfest Debugging and testing of Firewire products with FreeBSD Come one come all to a Firewire plugfest. Let's debug and test together and see if we can't knock out some features and bugs. A hands-on testing and debugging session of the Firewire stack in FreeBSD. Everyone who wishes to attend should bring their Firewire devices, ext Drives and Cameras, and their Laptops. I will be debugging and capturing data points to enhance and improve features in the Firewire stack. We should be able to knock out quite a bunch of bugs if folks can bring their various Firewire devices along with their various PCs. Even if your Firewire device works perfectly, bring it by so it can be documented as supported by the Firewire team!
  • Daniel Braniss
    Source: BSDCan - The Technical BSD Conference
    Added: 28 May 2008
    Tags: bsdcan, bsdcan2008, presentation, iscsi, daniel braniss
    PDF file (1.4 Mb, 30 pages)

    iSCSI not an Apple appliance. iSCSI is not an Apple appliance. The i in iSCSI stands for internet, some say for insecure, personally I like to think interesting. I'll try to share the road followed from RFC-3720 to the actual working driver, the challenges, the frustrations.
  • PmcTools talk at the Bangalore chapter of the ACM
    Source: Joseph Koshy
    Added: 24 May 2009
    Tags: freebsd, presentation, freebsd, pmctools, joseph koshy
    PDF version (550 Kb, 48 pages)

    In April 2009 I was invited to speak on FreeBSD/PmcTools by the Bangalore chapter of the ACM. This was an overview talk. The talk briefly touched upon: the motivations and goals of the project, the programming APIs, some aspects of the implementation and on possible future work.