This pages lists the presentations, papers, and talks which have not
yet been added to the schedule.
| A Software Approach to Distributing Requests for DNS Service using GNU Zebra, ISC BIND 9 and FreeBSD|
This paper describes an approach for deploying authoritative name
servers using a cluster of hosts, across which the load of client
requests is distributed. DNS services deployed in this fashion enjoy
high availability and are also able to scale to increasing request
loads in a straightforward manner.|
The approach described here does not employ any custom load-balancing
appliances (e.g. devices commonly marketed as as "layer-four
switches", "content switches" or "load-balancers"); instead the
individual members of the cluster announce a service address to one
or more gateway routers by participating in routing protocols to
provide an intra-cluster anycast architecture.
speaker: Joe Abley
|Automated source branch selection using SH/CVS|
Demonstration of how minimalist sh is used to automate selection
and checkout of multiple releases from the FreeBSD CVS repository
including extraction of the latest tags from CVS.
speaker: Allan Fields
|BSD and IPv6: security perspective|
The talk covers BSD and IPv6 (KAME implmentation), from security point-of-view.
There are many implementation choices KAME project have made to provide a
secure IPv6 stack from day one. Choices include API tweaks, protocol stack
implementation techniques and other stuff. The presentation will cover gory
details of the choices as well as possible security threats.
speaker: Jun-ichiro itojun Hagino
|Developing a wireless community group: a social and technical perspective|
The Ile sans fil project is a community group started with a vision that it is
possible to use wireless technologies to foster actual human interaction and
local communities. It is as much a technical experiment as it is a social
one. The talk will discuss how to start a wireless community group and the
pitfalls to avoid, the challenges of doing technical work in an
un-traditional setting, the technical challenges of the GOAT project
(building a wireless metropolitan network using mesh routing), the WifiDog
captive portal project and the true range of Wifi equipment in an urban
speakers: Benoit Gregoire, Michael Lenczner
|Exploit Mitigation Techniques|
Even after huge efforts to increase software quality, bugs will remain. The clever attacker understands the unintended
side-effects created by a bug, as well as the system environment the code lives in, and crafts an exploit which
grants him advantage. It is high time for defensive technologies which make it harder to write an exploit.
Recent and upcoming developments make the environment which Unix processes live much more hostile towards
exploitation, without impacting well-behaving processes.
speaker: Theo de Raadt
|Extreme Programming in a Geographically Dispersed Project|
Extreme Programming <http://www.extremeprogramming.org/> (XP) is a name
given to a process which many of us have followed for years. When applied
to projects in which the participants are not in the same location, there
are several challenges which arise. This presentation outlines those
challenges and demonstrates how XP can be successfully used on
Geographically Dispersed Projects.
speaker: Michael Richardson
While encrypting a disk or a filesystem is not very hard
to do, it is hard to do it well. Traditionally the focus
have been under the cryptographic hood with little attention
to usability and deployability of the resulting code, and
consequently deployment have been very limited.|
GBDE was designed with usability and cryptographic given
equal priority, and the result is a disk encryption facility
where you can trust your data to not fall in the wrong hands
and still implement a sensible security policy at the same
This talk will explain how GBDE works and how it can be
used to implement a security policy for vulnerable disks.
speaker: Poul-Henning Kamp
GEOM, the new disk I/O subsystem in FreeBSD 5 <http://www.freebsd.org/>, is an
infrastructure component which allows pluggable "classes"
to perform arbitrary transformations on disk I/O requests.|
In addition to traditional transformations like partitioning,
this allows things like RAID, multipath-selection, encryption,
volume management and anything else we can think off to be
implemented in a modular and architecturally sane way.
This talk will take the listener through the design and
implementation, showing how the mechanics and dynamics of
GEOM works with disks which come and go without warning,
and people mix architectures and disks indiscriminantly.
speaker: Poul-Henning Kamp
|Introduction to pf|
OpenBSD's <http://www.openbsd.org/> packet filter (pf) has been gaining popularity and has some very powerful features. This talk
introduces pf and shows you some of the most popular features and capabilities.
speaker: Ryan McBride
|Introduction to pseudo and stackable file systems under BSD|
An introductory look at pseudo file systems and vnode stacking under
BSD. Exploration of FiST and template based file systems.
speaker: Allan Fields
|IP Law and Innovation|
This lecture will examine the phenomenon of Free/Libre Open-Software (FLOSS)
and its effect on innovation in the field of computer
software development. The lecture will begin with an introduction to
copyright law and the licensing of the intellectual property contained in
source code. This will involve some discussion of proprietary vs.
non-proprietary intellectual property. We will also examine recent
alternatives to traditional licensing schemes. Time permitting, we may
examine some of the different FLOSS licenses made available by proponents
of this open source movement.
speaker: Marcus Bornfreund
|Network Buffer Allocation in the FreeBSD Operating System|
This paper outlines the current structure of network data buffers
in FreeBSD and explains their allocator's initial implementation.
The current common usage patterns of network data buffers is then
examined along with usage statistics for some of the allocator's
supporting API routines. Finally, the improvement of the allocation
framework to support SMP in FreeBSD 5.x is outlined and an argument
is made to extend the general-purpose allocator to support some of
the specifics of network data buffer semantics.
speaker: Bosko Milekic
|Network Security Monitoring with Sguil|
Many people use open source intrusion detection tools, but most
concentrate on collecting only alert data. To fully investigate
incidents, alert data must be supplemented by session and full content
data. Without this complementary information, it's seldom possible to
validate and escalate security events without performing host-based
forensics or other time-intensive tasks.|
Sguil (http://sguil.sf.net) is an open source interface to all three
types of network-based evidence. It was developed on FreeBSD but is
also deployed on OpenBSD and Linux. This talk will explain the sorts of
data one can collect and examine using short case studies from real
world traffic. It will conclude with a live demo of Sguil on FreeBSD.
speaker not assigned
|Raising Awareness About BSD in the Government of Canada|
The only significant barrier to use of xBSD operating systems in the Canadian
Government seems to be a lack of awareness among IT decision-makers about this
set of options, and of the related xBSD support services offered by suppliers.
Open source off-the-shelf solutions are deployed in a diversity of production
environments throughout the Government of Canada. Treasury Board Secretariat
has stated that "existing Canadian federal legislation, agreements and policies
accommodate a wide variety of business models for public sector software
acquisition, use, production and distribution. Accordingly, software
solutions used in government come under many license types, including
certified 'open source' and 'free/libre' software licenses." In this
session, participants will discuss ways to raise awareness of the
several BSD operating systems available to the Government of Canada.
speaker: Joseph Potvin
|Slony-I, a new enterprise level replication system|
Slony-I, a new enterprise level replication system is currently being
developed and will be available under the BSD license. The proposed key
- Anynchronous Master to multiple Slave
- Cascaded Slaves
- Hot install, join and reconfigure
(no interruption when adding slaves)
- Failover including new Master inherits
- DB Version independant, usable for
upgrade via switchover
The presentation will explain the reason for developing "yet another"
asynchronous replication system for PostgreSQL, and why the proposed
features are essential for the second part of the Slony story.
speaker: Jan Wieck
|Talk on encrypted filesystems w/ comparison paper|
An inventory and comparison of encrypted file systems available for
BSD. A practical look at current file system encryption technologies
available for BSD.
speaker: Allan Fields
|The NetBSD cross platform build environment|
Software project management tools play a key role in making effective
use of developers' time. The mechanisms to track software changes, and
consistently and easily reproduce executables are two of the most key
ones. The NetBSD build.sh-based build environment makes it easy for The
NetBSD Project to package binary releases of NetBSD-current and the
latest release branch on a near daily basis. This talk will discuss the
problems that build.sh solves for anyone using NetBSD, as a
desktop/server OS, or embedded platform.
speaker: David Maxwell
|The Reusable Appliance Platform for Internet Devices (RAPID)|
St. Bernard Software created the Reusable Appliance Platform for Internet Devices
(RAPID) as a basis for producing internet access management appliances. These
appliances are complex devices whose operation is critical to customer networks.
The application domain requires high functionality and high reliability, a
combination often difficult to achieve.|
The Device Environment: there is no sysadmin, there is no console, it must always boot, it has to be secure
Disk Layout: it must always boot, saving non-volatile information, backup and restore
Booting Services: it must always boot, saving non-volatile information, backup and restore
This presentation will present the challenges in creating RAPID and the architectural
decisions made by the St. Bernard IAM team in meeting those challenges, as well as some
of the unique parts of the RAPID architecture developed in-house by the IAM team.
speaker: Wes Peters
|Trusted Operating System Features|
Robert Watson will describe a variety of pieces of work done as part of the TrustedBSD Project, including
the TrustedBSD MAC Framework, Audit facilities for FreeBSD, as well as supporting infrastructure work
such as GEOM/GBDE, UFS2, OpenPAM.
He will also discuss how certification and evaluation play into feature selection, design, and documentation.
speaker: Robert Watson
|Using Bacula over untrusted networks|
Bacula <http://www.bacula.org/> is not as widely known and used as AMANDA, yet it has a
features and design which makes it superior to AMANDA. It is quickly gaining
ground in the Open Source network backup solution arena. This presentation
will introduce Bacula and describe a simple solution for backing up remote machines
over untrusted networks.
speaker: Dan Langille
|Using FreeBSD to provide Firewall and VPN services for an advertising agency|
This talk explains how we are using FreeBSD servers as firewalls and VPN
endpoints in a corporate environment. It explains what our goals were,
the challenges that we faced and the solution we came up with.|
It also covers the basics required for configuring firewalls on FreeBSD
and what you need to do to get a VPN going between a FreeBSD and a
Checkpoint NG device.
Lastly, it explains the benefits we've received by going this route
speaker: Wayne Pascoe