Presentations

BSD Professional Certification Update: The Lab Exam, Jim Brown

This talk provides an update on the BSD Professional Lab Exam including a recap of rapid developments on the lab exam during 2010. The format, content, and delivery of the exam are all discussed as well as our current experience with developing a hands-on lab using completely open source tools and methods. A preview of the lab exam format will be shown during the talk, and there will be an opportunity for conference attendees to participate in a usability review.

Jim Brown has worked in the computer industry using various Unix systems for over 30 years. His experience includes commercial applications development, systems integration, database development and administration, networking, and information security. A BSD user and aficionado since the mid 1990s, Jim has installed and managed a variety of BSD systems as a consultant. In 2005, Jim helped found the BSD Certification Group where he still serves as a VP and Treasurer.

Practical Security Event Auditing in FreeBSD, Christian Brueffer

Security event auditing refers to the reliable and secure logging of security-related system events. It allows for post mortem analysis or live monitoring of system intrusions, as well as intrusion detection. It is also an essential part of the Common Access Protection Profile (CAPP) for Common Criteria (CC), a certification necessary for a system to be used in certain critical environments.

Auditing support has been around for a long time in commercial Unix systems like Solaris. In the BSD world however, it is a relatively unknown and new concept. Starting from version 6.2, FreeBSD provides support for it by means of the audit(4) kernel subsystem.

This talk aims at introducing the FreeBSD audit(4) facility, its supporting tools and benefits, as well as its limitations.

Christian Brueffer is a software engineer and "general IT guy" at a small surveying monitoring company. He has been a FreeBSD committer since 2003, mainly working on documentation. When he's not behind his desk, he likes exploring his new home Switzerland.

BSD Firewalling with pfSense, Chris Buechler

pfSense is a FreeBSD-based firewall and router distribution. In this talk, one of the founders of the project discusses the latest developments with the project. How and why people are deploying it, recent developments, and plans for the future.

Chris Buechler is the co-founder of the pfSense project, and makes a living working on it. He is the co-author of the book pfSense: The Definitive Guide, and a frequent presenter at BSD conferences including BSDCan, EuroBSDCon, and DCBSDCon.

BSD: Choose Your Own Adventure Jason Dixon

A quirky look into the software, projects and communities that define BSD. This talk is an interactive series of smaller talks, chosen in order by participants in the audience. Some of the topics will be historical, many will be topical, and some will be a complete surprise (probably even to the presenter).

Jason Dixon is a hopeless fan of the BSD license and most software projects that adopt it. He was first exposed to NetBSD, FreeBSD and OpenBSD back in 1999. Over the years he's given talks on a number of BSD topics, although he prefers to chat about networking, security and monitoring. Jason is currently the Product Manager for Circonus, and he lives in Maryland with his wife, two kids and family pet.

Managing Multiple Machines - FreeBSD, radmind and LDAP, Michael Graziano

In an environment of any complexity the time and effort required to manage and maintain systems can quickly grow to become unreasonable. When that environment begins to scale to multiple geographically separated sites it is easy for the admin staff to go from saturated to overwhelmed, leading to mistakes and downtime. By using a few simple automation utilities you can reduce the workload of managing systems and sites to a manageable level.

This talk is a practical discussion of the LDAP centralized authentication & radmind deployment & tripwire implementation at two sites, and will cover topics covered including the deployment and maintenance of servers using radmind, and the administration of centralized authentication using LDAP (pam_ldap+nss_ldap). Special emphasis will be placed on routine administrative tasks such as patching and pushing out software updates, managing user roles & access restrictions, and performing tripwire-style security checks.

Michael Graziano is a network engineer and system administrator who has worked in various sectors. He is currently working for Premier Heart, LLC, where he is responsible for the design, implementation and maintenance of the clinical diagnosis network. He has been using FreeBSD since the days of three-digit version numbers (2.2.x), and specializes in designing stable, scalable solutions to recurring system administration problems.

Isilon and FreeBSD, Zachary Loafman

Isilon uses FreeBSD exclusively in its storage products. In this presentation, we discuss:

Why and how we use FreeBSD

How we interact with the community

How and why we stay in sync with FreeBSD

Our contributions to FreeBSD

Work we plan to upstream to FreeBSD

Zachary Loafman is a FreeBSD committer and Staff Engineer at Isilon Systems, where he works as a distributed file system and network protocols expert.

Escaping the Database Doldrums, James K. Lowden

Relational Theory describes information retrieval in mathematical terms. Yet its power -- simplicity of expression, verifiable correctness -- remains unrealized because the market and the vendors have agreed on SQL. The problems of the proprietary development model have resulted in generations of programmers skeptical of the Theory and resentful of the tools and libraries they're forced to use.

The market is an idiot. We will never see the promise of Relational Theory realized by firms vested in the dumb-user approach. If we want smart-user tools, we'll have to build them ourselves for fun and profit.

Open source databases depressingly mimic proprietary ones: SQL, incompatible libraries, undocumented protocols. They have an opportunity, though, to change the world by being more like the IETF: to devise a standard I/O library, a standard wire protocol, and a standard language. A real language, not a 4GL of the 70s.

The free database management systems -- MySQL, Firebird, Postgres, Ingres, Rel, MonetDB, SQLite, SAP MaxDB, et al. -- could, for the first time, add UNIX fuel to the Relational fire. Let's use the tools that forged the Internet to get out of the database doldrums. Before the horses die of thirst.

James K. Lowden is a quantitative analyst for AllianceBernstein and a NetBSD user since 1.5. He began working with C, C++, and SQL around 1985. In his copious spare time he has for many years been the maintainer of the FreeTDS project (www.freetds.org). He lives in Manhattan with his daughter, girlfriend, and cat, sometimes in that order.

BSD Needs Books, Michael Lucas

If you wander into any bookstore, brick or virtual, you'll see books on Linux, Solaris, Macintosh, and even non-Unix-like operating systems. The BSD books are far between. We as a community need to address this if we're to expand our reach.

This talk covers designing, selling, writing, and promoting your own technical book, with a special emphasis on BSD books. I'll cover everything that I wished I'd known before I started, common errors, where the "generally accepted wisdom" is wrong, how to actually complete the book, how you can use your publisher to your advantage, post-publication work, and -- most important -- how to enjoy the process.

Michael W. Lucas is a network and systems administrator. His books include "Absolute FreeBSD" and "Absolute OpenBSD." He lives in Detroit, Michigan.

The Automated Testing Framework, Julio Merino

A couple of years ago and in this same conference, I gave an introduction to the Automated Testing Framework (ATF) and how it is related to NetBSD. This year I would like to explain what has changed during the past two years. The talk will focus on new achievements in the infrastructure that allow us to test kernel-level code without any risks for the host system. These improvements are not directly related to ATF, because they are just an application of the puffs/rump frameworks developed by Antti Knatee. I will also give some hints as to how ATF itelf will look like in the near future. The plan is to keep the talk representative and interesting by providing real-life examples on how all the technologies tie together, instead of just providing a "what's new"-style talk.

Julio Merino holds an SRE position at Google. He has been a NetBSD developer since 2002 and has been working on the testing infrastructure since 2007. He currently resides in Ireland although he is originally from Spain.

PC-SYSINSTALL: A new system installation backend for PC-BSD and FreeBSD, Kris Moore

This talk will cover some of the details surrounding the new PC-SYSINSTALL system-installation backend utility, which is the default installer for PC-BSD 8.x and is now imported into FreeBSD HEAD. We will take a look at some of the design decisions that were made for the installer, along with pro's and con's that each can bring. Examples and detailed usage instructions will also be discussed and demonstrated, such as how it performs more complex FreeBSD installations with gpart/ ZFS/geli and more.

Kris Moore is the founder and lead developer of the PC-BSD project, a desktop-targeted version of FreeBSD with a strong emphasis on graphical management. He is the creator and maintainer of the PBI format used by PC-BSD, which offers self-contained package-management, and the developer of "The Warden" jail management software. He currently lives in Maryville Tennessee with his Wife and 4 children.

Standing on the Shoulders of Giants: Key Players and Events in BSD History, Jeremy C. Reed

In this presentation, Jeremy C. Reed will introduce the key people and pivotal moments in the history of the Berkeley Software Distributions, based on his research and interviews with many of the original contributors. For the past couple years, Reed has been working on a detailed book covering the history of Berkeley Unix. His goals include interviewing the approximately 54 surviving contributors of the initial software tapes (before 1981) and also documenting the modern BSD histories and the stories between.

Jeremy C. Reed is a member of the NetBSD Foundation Board of Directors and a founder and board member of the BSD Certification Group. He has taught over 55 classes or lectures and has written hundreds of news articles or tutorials covering open source Unix software. Reed has a degree in journalism and has published a few books about BSD software. He is employed by Internet Systems Consortium and is the BIND 10 release engineer.

A Provider's Perspective on IPv6: Getting Beyond the User Experience, Massimiliano Stucchi

We all know that one day, IPv6 will take the place of IPv4 on the internet, many know that IPv4 addressess are running out, but a few know that the projected time for IPv4 exhaustion is less than a year away from us. With this in mind, getting to know about IPv6 becomes more and more important to keep pace with today's internet trends.

In this talk we will introduce IPv6 and all related protocols, give practical examples of its usage and real world experiences, and most important the user will be guided throught the configuration of the protocol on a sample BSD box. Theory about IPv6 subnetting will also be introduced.

A small IPv6 network will be setup, with a tunnel over to my company's IPv6-enabled network, and every user will be given an IPv6 subnet to use during the presentation. This will give users a real experience in running the protocol.

Massimiliano Stucchi is CTO of BrianTel, an Italian ISP and WISP. Holding his position, he manages a broad range of systems and technologies with his fellow NOC'ers, such as a geographical wireless network ranging throughout northern Italy, PoPs in a few datacenters and a wired access network spanning the whole country. He is also responsible for running the route servers for MINAP, an internet exchange, and helps running the Italian FreeBSD Users Group (GUFI). In his other life, he's an official referee for the Italian Soccer Federation and a hardcore fan of a few players on the WTA Tour.

Managing 600 OpenBSD-Based Firewalls in Microsoft-Centric Small and Medium Business Networks, Lawrence Teo

OpenBSD can shine and thrive even in non-UNIX environments. In the past few years, as lead developer of Calyptix Security, I have led my team to develop and deploy more than 600 OpenBSD-based multifunction firewalls in small and medium-sized businesses across the United States, Canada, and other countries. Virtually all the IT managers at these sites are Microsoft specialists who use Microsoft products like Windows Server and Exchange in their IT infrastructure, where they would not normally have considered using an OpenBSD-based firewall to protect their network.

In this presentation, I will discuss the technical design decisions to facilitate the deployment of these OpenBSD-based firewalls in Microsoft-centric environments. Topics include how we use OpenBSD, updates, internal ports tree management, challenges encountered, lessons learned and other information that may be helpful to BSD systems administrators and developers.

Lawrence Teo leads the development of the OpenBSD-based AccessEnforcer firewall at Calyptix Security, where he oversees everything from gathering customer requirements to development to release engineering to technical support. He first discovered OpenBSD in 1999 and has enjoyed using it extensively ever since, in college, graduate school, and now his full-time work.