Skip site navigation (1) Skip section navigation (2)

FreeBSD Multimedia Resources List

Links on this page refer to multimedia resources (podcast, vodcast, audio recordings, video recordings, photos) related to FreeBSD or of interest for FreeBSD users.

This list is available as chronological overview, as a tag cloud and via the sources.

This list is also available as RSS feed RSS Feed

If you know any resources not listed here, or notice any dead links, please send details to Edwin Groothuis so that it can be included or updated.

Tag Cloud

2006 2010 2011 2012 George Neville-Neil Robert Watson Steven Murdoch X aauug abstract accessibility acpi adam dunkels adam glen adam wright adrian chad adrian chadd afilias aggelos economopoulos air traffic control alex feldman alexander motin alfred perlstein alistair crooks altq amitai schlair anders magnusson andre opperman andrew doran andrey zakharchenko anniversary antii kantee antti kantee anttii kantee arm article artwork asiabsdcon asiabsdcon2004 asiabsdcon2006 asiabsdcon2007 asiabsdcon2008 asiabsdcon2009 asterisk atanas bchvarov atf attilio Rao avi bacula bafug benedict reuschling berklix binpatch bjoern a zeeb bjorn nelson bluffs bmc software bob beck book of pf books brian a seklecki brighton chilli wifi brooks brooks david brooks davis bruce mah bsd bsd certification bsd fast filesystem bsd is dying bsd versus gpl bsd# bsdcan bsdcan2004 bsdcan2006 bsdcan2007 bsdcan2008 bsdcan2009 bsdcan2010 bsdcan2011 bsdcan2012 bsdcertification bsdcontr bsdcontr2007 bsdjobs bsdl bsdnexus bsdtalk cat allman ccc ccc2005 ccc22 cfengine chess griffin chris buechler chris lattner christian bruffer christian laursen christoph badura christoph egger cisco claes wikstrom claudio jeker cli clocks cluster clusters cms pipes codeweavers colin percival commercial environment configuration management constantine murenin consultancy contikios corey benninger counters course cover crossover crypto acceleration cryptography cvs daemonforums damien miller dan langille daniel braniss daniel seuffert danish david gwynne davis dcbsdcon dcbsdcon2009 debian deborah norling debugging denialofservice design and implementation of the freebsd operating system desktop device drivers device tree devsummit devsummit2008 devsummit2012 diana bruce diane bruce dikshie fauzie dimitri vasileva diomidis spinellis discussion disk schedulers dnssec documentation domidis spinellis dragonflybsd dru lavigne dtrace ed kikkert ed maste edd barrett eeepc eiichi muramoto einar th einarsson eirik Overby embed embedded embedding freebsd emc lab emulab encryption engineering applications enterprise security erwin lansing eurobsdcon eurobsdcon2004 eurobsdcon2005 eurobsdcon2006 eurobsdcon2007 eurobsdcon2008 extreme programming eystein aarseth f-prot fast file system fernado gont ffs finger printing finstall firewall cluster firewire flash flickr frantic films freebsd freebsd 7.0 freebsd core freebsd core team freebsd for all freebsd foundation freebsd project freebsd vs linux freebsd7 freebsdgirl gbde gene cronk geom george neville-neil george neville-neil murray stokely getting started glen r j neff global software development gomoos google google soc gregers petersen groff hajimu umemoto hammer hans van de looy harddisk encryption hardware hardware sensors hauke fath hideki sunahara high performance high performance computing hiroki sao hiroki sato history hostobzor hostobzor12 hoststated html humor installer interview ion-mihai tetcu ipf ipfw ipsec ipv6 ironport isaac levy iscsi isilon isp itojun ivan ivanov ivan voras ixsystems jail jails james cornell jan kneschke jan srzednicki jared d mcneill jason dixon jason l wright jason thaxter jason thorpe jason wright jean lorchat jeff rizzo jeremy c reed jeremy white joerg sonnenberger john baldwin john birrell john mashey john p hartmann john pertalion john todd johnny c lam johnny lam jorg sonnenberger joseph kong joseph koshy josh berkus julian elischer julio m merino vidal jun murai jun-ichiro itoh hagino justin gibbs justin sherril kame katsuomi hamajima kauth keiichi shima keisuke uehara ken caruso ken smith kern sibbald kernel keynote kip macy kirk mckusick koichi suzuki koshiro mitsuya kris kennaway kris moore kris more kristaps dzonsons kristaps johnson kurt miller laptops larry ludwig lawrence stewart leslie hawthorn libarchive libelf lighttpd linux linux link tech show llvm load balancing lock contention locking lubomir sedlacik lucas holt luigi rzzo m warner losh m4v mac mail mainframes management marc balmer marc schiesser marc spitzer marco peerenboom mark thomas marko zec marten vijn martin schuette martin tournoij marvell orion massimiliano stucchi mathew dillon matt juszczak matt morley matt olander mattew dillon matthew burnside matthew dillon matthieu herrb max laier meetbsd meetbsd2007 meetbsd2008 metthew dillon michael auyeung michael bushkov michael dexter michael lauth michael lucas michael shalayeff midnightbsd mike erdely mike silbersack mips miros mistakes mitchell smith monitoring monowall mov mp mp3 mp4 mpd mpeg multi project multicast multicore nagios nate lawson nederlands nemo netasq netbsd network applications network refactoring network stack network testing networking nfs nick barkas nick galbreath nikolai denev nllgg no starch press nobuo kawaguti notes nsswitch nuug nycbsdcon nycbsdcon2006 nycbsdcon2007 nycbsdcon2008 nycbug oarc odf odp ogg okan demirmen ollivier robert one time passwords open source open source development models openbgpd openbsd openbsm opencommunitycamp opencon openfest openfest2006 openfest2007 openssh openvpn packages packet construction set paper papers paul richards pawel jakub pawel jakub dawidek pawel solyga pbi pc-bsd pcbsd pcc pdf pedro giffuni performance peter hansteen peter losher peter n m hansteen peter wemm peternmhansteen pf pfsense phil pereira philip paeps phillip coblentz photos pie pierre yves ritschard pierre-yves ritschard pipes pkgsrc pkgsrccon plugfest pmctools png podcast clients polish port manager portmgr ports ports collection portsnap postfix postgresql poul-henning kamp ppt presentation privacy profiling promotion public key puffs puppet pxe qing li quicktime radio radio clocks rafal jaworowski ragge randall stewart randi harper ray lai refuse release engineer remko lodder research resources richard stallman rick macklem rick van der zwet rms robert ricci robert watson romain kuntz rootkits routing routing arp and nd6 ruby ruby on rails run your own server russel sutherland russian ryan bickhart ryuji wakikawa sam leffler sam smith sangoma scada scalability sched_ule schmoocon scott murphy scott ullrich scrypt sctp sean bruno sean cody security security assessment security officer sendmail sensors sevan janiyan shcheryana shopova sidsel jensen simon l nielsen simon nielsen slawomir zak slides smp snmp social networking software development solaris soren straarup source21 spamd sparc sparc64 stack virtualization stanislav sedov stephan uphoff stephen borrill steven kreuzer stream control transmission protocol subversion sucon sudo summer of code suug sysinstall sysjail syslog syslogd system management takahiro kurosawa talk talks tar tatuya jimei tcp tcp regression tcp-to-sctp tcpdiff tcpip the best of freebsd basics thin client thin clients thomas glaser thomas mclaughlin tim kientzler tim rightnour time management tom limoncelli tom snow tor trustedbsd tsoyoshi momose tutorial ty semaka typesetting u-boot ufs2 ukuug ultrasparc t1 unix unix tradition unix-tutorial user interfaces variant symlinks varnish vasil dimov videos vimage virtual machines virtualization vpn waner losh wapbl warner losh whurley wietse venema will backman william hurley willow vanchkov windows writeup wscons x.org xcast6 xen xenocara yaws youtube yuji imai yvan vanhullebus zach loafman zettabyte zfs

Multimedia Resources

2006

2010

2011

2012

George Neville-Neil

Robert Watson

Steven Murdoch

    X

    • Getting to know X
      Source: bsdtalk
      Added: 2007-03-21
      Tags: bsdtalk, X
      Files: MP3 version (5 Mb, 10 minutes), Ogg version (10 minutes)

      Getting to know the X Window System. Make sure you are in a text only mode. You might need to change how the system boots, or boot into single user mode. "startx" to make sure X is working right. "X" by itself gives the basic grey screen. "ctrl" and "alt" and "backspace" keys at the same time will zap X. "X & xterm -display :0" "xterm -geometry +300+300" "twm" or "metacity"

    aauug

    abstract

    • Brooks Davis - Using FreeBSD to Promote Open Source Development Methods
      Source: BSDCan - The Technical BSD Conference
      Added: 2008-05-21
      Tags: bsdcan, bsdcan2008, abstract, software development, brooks davis
      Files: PDF file (2 pages, 72 Kb), PDF file (33 pages, 1 Mb)

      Using FreeBSD to Promote Open Source Development Methods In this talk we present Aerosource, an initiative to bring Open Source Software development methods to internal software developers at The Aerospace Corporation. Within Aerosource, FreeBSD is used in several key roles. First, we run most of our tools on top of FreeBSD. Second, the ports collection (both official ports and custom internal ones) eases our administrative burden. Third, the FreeBSD project serves as an example and role model for the results that can be achieved by an Open Source Software projects. We discuss the development infrastructure we have built for Aerosource based largely on BSD licensed software including FreeBSD, PostgreSQL, Apache, and Trac. We will also discuss our custom management tools including our system for managing our custom internal ports. Finally, we will cover our development successes and how we use projects like FreeBSD as exemplars of OSS development.

    • Randall Stewart - SCTP what it is and how to use it
      Source: BSDCan - The Technical BSD Conference
      Added: 2008-05-21
      Tags: bsdcan, bsdcan2008, abstract, freebsd, sctp, randall stewart
      Files: PDF file (10 pages, 130 Kb)

      SCTP - SCTP what it is and how to use it This talk will introduce the attendee into the interesting world of SCTP. We will first discuss the new and different features that SCTP (a new transport in FreeBSD 7.0) provide to the user. Then we will shift gears and discuss the extended socket API that is available to SCTP users and will cover such items as: The two socket programming models Extended system calls that support the SCTP feature set. What model may fit you best

    accessibility

    acpi

    • Nate Lawson on ACPI
      Source: Bay Area FreeBSD User Group
      Added: 2006-09-09
      Tags: bafug, presentation, freebsd, acpi, nate lawson
      Files:  (245 Mb)

      Our Topic: FreeBSD's ACPI implementation: The details. Our Speaker: Nate Lawson, FreeBSD Committer. Our Topic: FreeBSD's ACPI implementation is based on code for ACPI released by Intel. Nate and others wrote the glue code to make this code work on FreeBSD. He explains how this was done, and why.

    adam dunkels

    adam glen

    adam wright

    adrian chad

    • Adrian Chad - What Not To Do When Writing Network Applications
      Source: BSDCan - The Technical BSD Conference
      Added: 2008-05-21
      Tags: bsdcan, bsdcan2008, slides, network applications, adrian chad
      Files: PDF file (73 pages, 190 Kb)

      What Not To Do When Writing Network Applications The lessons learnt working with not-so-high-performance network applications This talk will look at issues which face the modern network application developer, from the point of view of poorly-designed examples. This will cover internal code structure and dataflow, interaction with the TCP stack, IO scheduling in high and low latency environments and high-availability considerations. In essence, this presentation should be seen as a checklist of what not to do when writing network applications. Plenty of examples of well designed network applications exist in the open and closed source world today. Unfortunately there are just as many examples of fast network applications as there are "fast but workload specific"; sometimes failing miserably in handling the general case. This may be due to explicit design (eg Varnish) but many are simply due to the designer not fully appreciating the wide variance in "networks" - and their network application degrades ungracefully when under duress. My aim in this presentation is to touch on a wide number of issues which face network application programmers - most of which seem not "application related" to the newcomer - such as including pipelining into network communication, managing a balance between accepting new requests and servicing existing requests, or providing back-pressure to a L4 loadbalancer in case of traffic bursts. Various schemes for working with these issues will be presented, and hopefully participants will walk away with more of an understanding about how the network, application and operating systems interact.

    adrian chadd

      afilias

      aggelos economopoulos

      • EuroBSDCon 2008 - Aggelos Economopoulos - An MP-capable network stack for DragonFlyBSD with minimal use of locks
        Source: EuroBSDCon
        Added: 2008-October-22
        Tags: eurobsdcon, eurobsdcon2008, dragonflybsd, mp, network stack, aggelos economopoulos
        Files: OGG (1 byte, 42 minutes), MP3 (1 byte, 42 minutes), PDF (1 byte, n pages)

        Given the modern trend towards multi-core shared memory multiprocessors, it is inconceivable for production OS kernels not to be reentrant. The typical approach for allowing multiple execution contexts to simultaneously execute in kernel mode has been to use fine-grained locking for synchronising access to shared resources. While this technique has been proven efficient, empirical evidence suggests that the resulting locking rules tend to be cumbersome even for the experienced kernel programmer, leading to bugs that are hard to diagnose. Moreover, scaling to more processors requires extensive use of locks, which may impose unnecessary locking overhead for small scale multiprocessor systems. This talk will describe the typical approach and then discuss the alternative approach taken in the DragonFlyBSD network stack. We will give an overview of the various protocol threads employed for network I/O processing and the common-case code paths for packet reception and transmission. Additionally, we'll need to make a passing reference to DragonFlyBSD's message passing model. This should establish a baseline, allowing us to focus on the recent work by the author to eliminate use of the Big Giant Lock in the performance-critical paths for the TCP and UDP protocols. The decision to constrain this work on the two by far most widely-used transport protocols was made in order to (a) limit the amount of work necessary and (b) explore the effectiveness of the approach on the cases that matter at this point in time.

      air traffic control

      • Poul-Henning Kamp - Measured (almost) does Air Traffic Control
        Source: BSDCan - The Technical BSD Conference
        Added: 2008-05-26
        Tags: bsdcan, bsdcan2008, slides, air traffic control, scada, poul-henning kamp
        Files: PDF file (46 pages, 7.7 Mb)

        Measured (almost) does Air Traffic Control Monitoring weird hardware reliably The new Danish Air Traffic Control system, CASIMO, prompted the development on a modular and general software platform for data collection, control and monitoring of "weird hardware" of all sorts. The talk will present the "measured" daemon, and detail some of the uses it has been put to, as an, admittedly peripheral, component of the ATC system. Many "SCADA" systems suffer from lack of usable interfaces for external access to the data. Measured takes the opposite point of view and makes real-time situation available, and accepts control instructions as ASCII text stream over TCP connections. Several examples of how this can be used will be demonstrated. Measured will run on any FreeBSD system, but has not been ported to other UNIX variants yet, and it is perfect for that "intelligent house" project of yours. I believe I gave a WIP presentation of this about two years ago.

      alex feldman

      alexander motin

      alfred perlstein

      • Alfred Perlstein on Sendmail Hacks
        Source: New York City *BSD User Group
        Added: 2006-08-07
        Tags: nycbug, presentation, sendmail, alfred perlstein
        Files:  (11 Mb)

        Alfred will discuss the hacks used to turn Sendmail into a high performance solution for delivering millions of messages to OKCupid's subscribers. Topics covered will be system tuning and sendmail hacks used in house to achieve massive throughput. Alfred Perlstein is the CTO of OKcupid.com, the largest free online dating site. He has been a FreeBSD hacker for five years, he's worked on NFS, VFS, pthreads, networking and general system maintenance during his tenure on both FreeBSD and OS X kernels.

      alistair crooks

      altq

      • Max Laier - PF - Extended Introduction
        Source: Swiss Unix Users Group Conference 2004
        Added: 2007-01-14
        Tags: suug, presentation, pf, altq, max laier
        Files: Slides (1 Mb), Video/MPEG (94 Mb), Audio/MP3 (22 Mb)

        The talk will introduce packet filter (pf) - a *BSD firewall system - and summarize its history and projected future. After providing a short overview of pf's general functionality and some firewall basics, it will concentrate on packet filter's advanced feature-set from the administrator's point of view. The talk will also cover the integration of ALTQ, a mature framework for traffic shaping and priorization. Finally it will provide a short overview of the "Common Address Redundancy Protocol" (CARP) and its integration in pf.

      amitai schlair

      • Amitai Schlair on pkgsrcCon.
        Source: New York City *BSD User Group
        Added: 2007-05-04
        Tags: nycbug, presentation, pkgsrccon, netbsd, amitai schlair
        Files: MP3 version (21Mb)

        The fourth annual pkgsrcCon is April 27-29 in Barcelona. As might be expected when brains congregate, pkgsrcCon traditionally results in a flurry of activity toward new directions and initiatives. Mere hours after returning to New York, Amitai will give us a recap of the proceedings, including his presentation, "Packaging djbware." Amitai Schlair is a pkgsrc developer who has worked in such diverse areas as Mac OS X platform support and packages of software by Dan Bernstein. His full-time undergraduate studies at Columbia are another contributing factor to his impending insanity. He consults in software and IT.

      anders magnusson

      andre opperman

      andrew doran

      andrey zakharchenko

        anniversary

        antii kantee

          antti kantee

          anttii kantee

          • EuroBSDCon 2008 - Anttii Kantee - Converting kernel file systems to services
            Source: EuroBSDCon
            Added: 2008-October-22
            Tags: eurobsdcon, eurobsdcon2008, anttii kantee
            Files: OGG (1 byte, 55 minutes), MP3 (1 byte, 55 minutes), PDF (1 byte, n pages)

            ABSD/UNIX operating system is traditionally split into two pieces: the kernel and userspace. Historically the reasons for this were clear: the UNIX kernel was a simple entity. However, over time the kernel has grown more and more complex. Currently, most of the same functionality is available both in userspace and the kernel, but under different names. Examples include synchronization routines and threading support. For instance, to lock a mutex in the NetBSD kernel, the call is mutex_enter(), while in userspace the routine which does exactly the same thing is known as pthread_mutex_enter(). Taking another classic example, a BSD style OS has malloc()/free() available both in userspace and the kernel, but with different linkage (the kernel malloc interface is currently being widely deprecated, though). This imposes a completely arbitrary division between the kernel and userspace. Most functionality provided by an opearating system should be treated as a service instead of explicitly pinning it down as a userspace daemon or a kernel driver. Currently, due to the arbitrarily difference in programming interface names, functionality must be explicitly ported between the kernel and userspace if it is to run in one or the other environment. By unifying the environments where possible, the arbitrary division is weakened and porting between these environments becomes simpler. Antti Kantee has been a NetBSD developer for many many moons. He has managed to work on quite a few bits and pieces of a BSD system: userland utilities, the pkgsrc packaging system, networking, virtual memory, device drivers, hardware support and file systems. See also http://www.netbsd.org/docs/puffs/rump.htm

          arm

          • Rafal Jaworowski - Porting FreeBSD/ARM to Marvell Orion System-On-Chip
            Source: BSDCan - The Technical BSD Conference
            Added: 2008-05-21
            Tags: bsdcan, bsdcan2008, slides, freebsd, arm, marvell orion, rafal jaworowski
            Files: PDF file (25 pages, 193 Kb)

            Porting FreeBSD/ARM to Marvell Orion System-On-Chip This talk covers the development work on porting the FreeBSD/ARM to Marvell Orion family of highly integrated chips. ARM architecture is widely adopted in the embedded devices, and since the architecture can be licensed, many implementation variations exist: Orion is a derivative compliant with the ARMv5TE definition, it provides a rich set of on-chip peripherals. Present state of the FreeBSD support for ARM is explained, areas for improvement highlighted and its overall shape and condition presented. The main discussion covers scope of the Orion port (what integrated peripherals required new development, what was adapted from existing code base); design decisions are explained for the most critical items, and implementation details revealed. Summary notes are given on general porting methodology, debugging techniques and difficulties encountered during such undertaking.

          article

          artwork

          • Artist and Musician Ty Semaka
            Source: bsdtalk
            Added: 2007-01-29
            Tags: bsdtalk, interview, openbsd, artwork, ty semaka
            Files: MP3 version (6 Mb, 12 minutes), Ogg version (12 minutes)

            Interview with Artist and Musician Ty Semaka. You can find his work at http://www.tysemaka.com/, and also on the OpenBSD CDs, posters, and shirts.

          • OpenBSD 4.5 Release Songs - Games
            Source: OpenBSD
            Added: 2008-05-25
            Tags: openbsd, artwork
            Files: MP3 version (6.4 Mb, 3:29 minutes), Ogg version (4.5 Mb, 3:29 minutes)

            [Commentary still being written] For RSS readers: Please note that the download URL is an FTP site.

          • OpenBSD 4.0 Release Songs - OpenVOX
            Source: OpenBSD
            Added: 2006-October-10
            Tags: openbsd, artwork
            Files: MP3 version (3.9 Mb, 4 minutes), Ogg version (6.0 Mb, 4 minutes)

            This is an extra track by the artist Ty Semaka (who really has "had Puffy on his mind") which we included on the audio CD. This song details the process that Ty has to go through to make the art and music for each OpenBSD release. Ty and Theo really do go to a (very specific) bar and discuss what is going on in the project, and then try to find a theme that will work... For RSS readers: Please note that the download URL is an FTP site.

          • OpenBSD 4.4 Release Song - "Source Wars - Episode IV - Trial of the BSD Knights"
            Source: OpenBSD
            Added: 2008-November-18
            Tags: openbsd, artwork
            Files: MP3 version (5.6 Mb, 3 minutes 5 seconds), Ogg version (4.4 Mb, 3 minutes 5 seconds)

            Nearly 10 years ago Kirk McKusick wrote a history of the Berkeley Unix distributions for the O'Reilly book "Open Sources: Voices from the Open Source Revolution". We recommend you read his story, entitled "Twenty Years of Berkeley Unix From AT&T-Owned to Freely Redistributable" first, to see how Kirk remembers how we got here. Sadly, since it showed up in book form originally, this text has probably not been read by enough people. The USL(AT&T) vs BSDI/UCB court case settlement documents were not public until recently; their disclosure has made the facts more clear. But the story of how three people decided to free the BSD codebase of corporate pollution -- and release it freely -- is more interesting than the lawsuit which followed. Sure, a stupid lawsuit happened which hindered the acceptance of the BSD code during a critical period. But how did a bunch of guys go through the effort of replacing so much AT&T code in the first place? After all, companies had lots of really evil lawyers back then too -- were they not afraid? After a decade of development, most of the AT&T code had already been replaced by university researchers and their associates. So Keith Bostic, Mike Karels and Kirk McKusick (the main UCB CSRG group) started going through the 4.3BSD codebase to cleanse the rest. Keith, in particular, built a ragtag team (in those days, USENIX conferences were a gold mine for such team building) and led these rebels to rewrite and replace all the Imperial AT&T code, piece by piece, starting with the libraries and userland programs. Anyone who helped only got credit as a Contributor -- people like Chris Torek and a cast of .. hundreds more. Then Mike and Kirk purified the kernel. After a bit more careful checking, this led to the release of a clean tree called Net/2 which was given to the world in June 1991 -- the largest dump of free source code the world had ever received (for those days -- not modern monsters like OpenOffice). Some of these ragtags formed a company (BSDi) to sell a production system based on this free code base, and a year later Unix System Laboratories (basically AT&T) sued BSDi and UCB. Eventually AT&T lost and after a few trifling fixes (described in the lawsuit documents) the codebase was free. A few newer developments (and more free code) were added, and released in June 1994 as 4.4BSD-Lite. Just over 14 years later OpenBSD is releasing its own 4.4 release (and for a lot less than $1000 per copy). The OpenBSD 4.4 release is dedicated to Keith Bostic, Mike Karels, Kirk McKusick, and all of those who contributed to making Net/2 and 4.4BSD-Lite free.

          • OpenBSD 4.3 Release Song - "Home to Hypocrisy"
            Source: OpenBSD
            Added: 2008-05-03
            Tags: openbsd, artwork
            Files: MP3 version (8.2 Mb, 4 minutes 48 seconds), Ogg version (6.5 Mb, 4 minutes 48 seconds)

            We are just plain tired of being lectured to by a man who is a lot like Naomi Campbell. In 1998 when a United Airlines plane was waiting in the queue at Washington Dulles International Airport for take-off to New Orleans (where a Usenix conference was taking place), one man stood up from his seat, demanded that they stop waiting in the queue and be permitted to deplane. Even after orders from the crew and a pilot from the cockpit he refused to sit down. The plane exited the queue and returned to the airport gangway. Security personnel ran onto the plane and removed this man, Richard Stallman, from the plane. After Richard was removed from the plane, everyone else stayed onboard and continued their journey to New Orleans. A few OpenBSD developers were on that same plane, seated very closeby, so we have an accurate story of the events. This is the man who presumes that he should preach to us about morality, freedom, and what is best for us. He believes it is his God-given role to tell us what is best for us, when he has shown that he takes actions which are not best for everyone. He prefers actions which he thinks are best for him -- and him alone -- and then lies to the public. Richard Stallman is no Spock. We release our software in ways that are maximally free. We remove all restrictions on use and distribution, but leave a requirement to be known as the authors. We follow a pattern of free source code distribution that started in the mid-1980's in Berkeley, from before Richard Stallman had any powerful influence which he could use so falsely. We have a development sub-tree called "ports". Our "ports" tree builds software that is 'found on the net' into packages that OpenBSD users can use more easily. A scaffold of Makefiles and scripts automatically fetch these pieces of software, apply patches as required by OpenBSD, and then build them into nice neat little tarballs. This is provided as a convenience for users. The ports tree is maintained by OpenBSD entirely separately from our main source tree. Some of the software which is fetched and compiled is not as free as we would like, but what can we do. All the other operating system projects make exactly the same decision, and provide these same conveniences to their users. Richard felt that this "ports tree" of ours made OpenBSD non-free. He came to our mailing lists and lectured to us specifically, yet he said nothing to the many other vendors who do the same; many of them donate to the FSF and perhaps that has something to do with it. Meanwhile, Richard has personally made sure that all the official GNU software -- including Emacs -- compiles and runs on Windows. That man is a false leader. He is a hypocrite. There may be some people who listen to him. But we don't listen to people who do not follow their own stupid rules.

          • OpenBSD 4.2 Release Song - "100001 1010101"
            Source: OpenBSD
            Added: 2007-November-02
            Tags: openbsd, artwork
            Files: MP3 version (4.0 Mb, 4 minutes 40 seconds), Ogg version (6.4 Mb, 4 minutes 4- seconds)

            Those of us who work on OpenBSD are often asked why we do what we do. This song's lyrics express the core motivations and goals which have remained unchanged over the years - secure, free, reliable software, that can be shared with anyone. Many other projects purport to share these same goals, and love to wrap themselves in a banner of "Open Source" and "Free Software". Given how many projects there are one would think it might be easy to stick to those goals, but it doesn't seem to work out that way. A variety of desires drag many projects away from the ideals very quickly. Much of any operating system's usability depends on device support, and there are some very tempting alternative ways to support devices available to those who will surrender their moral code. A project could compromise by entering into NDA agreements with vendors, or including binary objects in the operating system for which no source code exists, or tying their users down with contract terms hidden inside copyright notices. All of these choices surrender some subset of the ideals, and we simply will not do this. Sure, we care about getting devices working, but not at the expense of our original goals. Of course since "free to share with anyone" is part of our goals, we've been at the forefront of many licensing and NDA issues, resulting in a good number of successes. This success had led to much recognition for the advancement of Free Software causes, but has also led to other issues. We fully admit that some BSD licensed software has been taken and used by many commercial entities, but contributions come back more often than people seem to know, and when they do, they're always still properly attributed to the original authors, and given back in the same spirit that they were given in the first place. That's the best we can expect from companies. After all, we make our stuff so free so that everyone can benefit -- it remains a core goal; we really have not strayed at all in 10 years. But we can expect more from projects who talk about sharing -- such as the various Linux projects. Now rather than seeing us as friends who can cooperatively improve all codebases, we are seen as foes who oppose the GPL. The participants of "the race" are being manipulated by the FSF and their legal arm, the SFLC, for the FSF's aims, rather than the goal of getting good source into Linux (and all other code bases). We don't want this to come off as some conspiracy theory, but we simply urge those developers caution -- they should ensure that the path they are being shown by those who have positioned themselves as leaders is still true. Run for yourself, not for their agenda. The Race is there to be run, for ourselves, not for others. We do what we do to run our own race, and finish it the best we can. We don't rush off at every distraction, or worry how this will affect our image. We are here to have fun doing right.

          • OpenBSD 4.1 Release Song - Puffy Baba and the 40 Vendors
            Source: OpenBSD
            Added: 2007-05-02
            Tags: openbsd, artwork
            Files: MP3 version (4.1 Mb, 4 minutes 19 seconds), Ogg version (8.3 Mb, 4 minutes 19 seconds)

            As developers of a free operating system, one of our prime responsibilities is device support. No matter how nice an operating system is, it remains useless and unusable without solid support for a wide percentage of the hardware that is available on the market. It is therefore rather unsurprising that more than half of our efforts focus on various aspects relating to device support. Most parts of the operating system (from low kernel, through to libraries, all the way up to X, and then even to applications) use fairly obvious interface layers, where the "communication protocols" or "argument passing" mechanisms (ie. APIs) can be understood by any developer who takes the time to read the free code. Device drivers pose an additional and significant challenge though: because many vendors refuse to document the exact behavior of their devices. The devices are black boxes. And often they are surprisingly weird, or even buggy. When vendor documentation does not exist, the development process can become extremely hairy. Groups of developers have found themselves focused for months at a time, figuring out the most simple steps, simply because the hardware is a complete mystery. Access to documentation can ease these difficulties rapidly. However, getting access to the chip documentation from vendors is ... almost always a negotiation. If we had open access to documentation, anyone would be able to see how simple all these devices actually are, and device driver development would flourish (and not just in OpenBSD, either). When we proceed into negotiations with vendors, asking for documentation, our position is often weak. One would assume that the modern market is fair, and that selling chips would be the primary focus of these vendors. But unfortunately a number of behemoth software vendors have spent the last 10 or 20 years building political hurdles against the smaller players. A particularly nasty player in this regard has been the Linux vendors and some Linux developers, who have played along with an American corporate model of requiring NDAs for chip documentation. This has effectively put Linux into the club with Microsoft, but has left all the other operating system communities -- and their developers -- with much less available clout for requesting documentation. In a more fair world, the Linux vendors would work with us, and the device driver support in all free operating systems would be fantastic by now. We only ask that users help us in changing the political landscape.

          • OpenBSD 4.0 Release Song - Humppa negala
            Source: OpenBSD
            Added: 2006-October-10
            Tags: openbsd, artwork
            Files: MP3 version (2.3 Mb, 2 minutes 40 seconds), Ogg version (3.6 Mb, 2 minutes 40 seconds)

            The last 10 years, every 6 month period has (without fail) resulted in an official OpenBSD release making it to the FTP servers. But CDs are also manufactured, which the project sells to continue our development goals. While tests of the release binaries are done by developers around the world, Theo and some developers from Calgary or Edmonton (such as Peter Valchev or Bob Beck) test that the discs are full of (only) correct code. Ty Semaka works for approximately two months to design and draw artwork that will fit the designated theme, and coordinates with his music buddies to write and record a song that also matches the theme. Then the discs and all the artwork gets delivered to the plant, so that they can be pressed in time for an official release date. This release, instead of bemoaning vendors or organizations that try to make our task of writing free software more difficult, we instead celebrate the 10 years that we have been given (so far) to write free software, express our themes in art, and the 5 years that we have made music with a group of talented musicians. OpenBSD developers have been torturing each other for years now with Humppa-style music, so this release our users get a taste of this too. Sometimes at hackathons you will hear the same songs being played on multiple laptops, out of sync. It is under such duress that much of our code gets written. We feel like Pufferix and Bobilix delivering The Three Discs of Freedom to those who want them whenever the need arises, then returning to celebrate the (unlocked) source tree with all the other developers. For RSS readers: Please note that the download URL is an FTP site.

          asiabsdcon

          asiabsdcon2004

          asiabsdcon2006

          asiabsdcon2007

          asiabsdcon2008

          asiabsdcon2009

          asterisk

          atanas bchvarov

          atf

            attilio Rao

              avi

                bacula

                bafug

                benedict reuschling

                berklix

                binpatch

                bjoern a zeeb

                bjorn nelson

                  bluffs

                    bmc software

                    bob beck

                    book of pf

                    books

                    brian a seklecki

                      brighton chilli wifi

                      brooks

                        brooks david

                          brooks davis

                          bruce mah

                          bsd

                          • Marshall Kirk McKusick at DCBSDCon
                            Source: bsdtalk
                            Added: 2009-02-21
                            Tags: bsdtalk, presentation, bsd, history, kirk mckusick
                            Files: MP3 version (26 Mb, 55 minutes), Ogg version (55 minutes)

                            A recording of Marshall Kirk McKusick's talk "A Narrative History of BSD" at DCBSDCon this past weekend. You can get a much more complete history here: http://www.mckusick.com/history/index.html

                          • Using BSD in SchmooCon Labs
                            Source: YouTube bsdconferences channel
                            Added: 2009-05-24
                            Tags: youtube, presentation, dcbsdcon, dcbsdcon2009, bsd, schmoocon, ken caruso
                            Files: Flash (35:08)

                            Using BSD in SchmooCon Labs DCBSDCon 2009, Ken Caruso clive URL: http://www.youtube.com/watch?v=9ZhfuP4jghY

                          • 25 years with BSD
                            Source: YouTube bsdconferences channel
                            Added: 2009-05-24
                            Tags: youtube, keynote, asiabsdcon2008, asiabsdcon, bsd, hideki sunahara
                            Files: Flash (44:43)

                            Thinking RealSpace: Life with BSD - ~25 years with BSD AsiaBSDCon 2008, Hideki Sunahara clive URL: http://www.youtube.com/watch?v=brYdkQ120Do

                          • EuroBSDCon 2008 - Edd Barret - Modern Typesetting on BSD
                            Source: EuroBSDCon
                            Added: 2008-October-22
                            Tags: eurobsdcon, eurobsdcon2008, typesetting, bsd, edd barrett
                            Files: OGG (1 byte, 33 minutes), MP3 (1 byte, 33 minutes), PDF (1 byte, n pages)

                            Edd Barrett will speak about using the BSD Platform as a means of typesetting from a practical standpoint at EuroBSDcon 2008. Edd Barrett does not wish to go into the technicalities of each typesetter, but rather state which are good for certain types of document, and which tools (ports and packages), integrate well with the available typesetters. Edd Barrett os a student from the UK, currently on "placement year" as a systems administrator for Bournemouth University. Open Source *NIX has been his platform of choice for many years and he has been using OpenBSD for about 3 years now, simply because it is small, clean, correct and secure. Just recently he has started developing things I want or need for OpenBSD.

                          • EuroBSDCon 2008 - Michael Dexter - Zen and the Art of Multiplicity Maintenance: An applied survey of BSD-licensed multiplicity strategies from chroot to mult
                            Source: EuroBSDCon
                            Added: 2008-October-22
                            Tags: eurobsdcon, eurobsdcon2008, bsd, michael dexter
                            Files: OGG (1 byte, 38 minutes), MP3 (1 byte, 38 minutes), PDF (1 byte, n pages)

                            Many BSD-licensed strategies of various levels of maturity exist to implement multiplicity, herein defined as the introduction of plurality to traditionally singular computing environments via isolation, virtualization, or other method. For example, the chroot utility introduces an additional isolated root execution environment within that of the host; or an emulator provides highly-isolated virtual systems that can run complete native or foreign operating systems. Motivations for multiplicity vary, but a demonstrable desire exists for users to obtain root or run a foreign binary or operating system. We propose a hands-on survey of portable and integrated BSD-licensed multiplicity strategies applicable to the FreeBSD, OpenBSD, DragonFlyBSD and NetBSD operating systems on the i386 architecture. We will also address three oft-coupled disciplines: software storage devices, the installation of operating system and userlands in multiplicity environments plus the management of select multiplicity environments. Finally we will comment on each strategies potential limits of isolation, compatibility, independence and potential overhead in comparison to traditional systems. Keywords: multiplicity, virtualization, chroot, jail, hypervisor, xen, compat. Michael Dexter has used Unix systems since 1991 and BSD-licensed multiplicity strategies for over five years. He is the Program Manager at the BSD Fund and Project Manager of the BSD.lv Project.

                          • EuroBSDCon 2008 - Hauke Fath - Managing BSD desktop clients - Fencing in the herd
                            Source: EuroBSDCon
                            Added: 2008-October-22
                            Tags: eurobsdcon, eurobsdcon2008, bsd, desktop, hauke fath
                            Files: OGG (1 byte, 50 minutes), MP3 (1 byte, 50 minutes), PDF (1 byte, n pages)

                            The members of the BSD family have traditionally prospered off the desktop, as operating systems on servers and embedded systems. The advent of MacOS X has marked a change, and moved the desktop more into focus. Modern desktop systems create a richer software landscape, with more diverse requirements, than their server counterparts. User demands, software package interdependencies and frequent security issues result in a change rate that can put a considerable load on the admin staff. Without central management tools, previously identical installations diverge quickly. This paper looks at concepts and strategies for managing tens to hundreds of modern, Unix-like desktop clients. The available management tools range from simple, image-based software distribution, mainly used for setting up uniform clients, to "intelligent" rule-based engines capable of search-and-replace operations on configuration files. We will briefly compare their properties and limitations, then take a closer look at Radmind, a suite for file level administration of Unix clients. Radmind has been in use in the Institute of Telecommunication at Technische Universitt Darmstadt for over three years, managing NetBSD and Debian Linux clients in the labs as well as faculty members' machines. We will explore the Radmind suite's underlying concepts and functionality. In order to see how the concept holds up, we will discuss real-world scenarios from the system life-cycle of Installation, configuration changes, security updates, component updates, and system upgrades. Hauke Fath works as a systems administrator for the Institut fr Nachrichtentechnik (telecommunication) at Technische Universitt Darmstadt. He has been using NetBSD since 1994, when he first booted a NetBSD 1.0A kernel on a Macintosh SE/30. NetBSD helped shaping his career by causing a slow drift from application programmer's work towards systems and network administration. Hauke Fath holds a MS in Physics and became a NetBSD developer in late 2006. Keywords: Managing Unix desktop clients, software distribution, tripwire

                          • Fernando Gont - Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, bsd, security assessment, fernado gont
                            Files: Proposal (3 pages, 93 Kb), Security Assessment of the Internet Protocol (63 pages, 660 Kb), Security Assessment of the Transmission Control Protocol (TCP) (130 pages, 1.4 Mb), Slides (64 pages, 473 Kb)

                            Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies Fernando Gont will present the results of security assessment of the TCP and IP protocols carried out on behalf of the United Kingdom's Centre for the Protection of National Infrastructure (Centre for the Protection of National Infrastructure). His presentation will provide an overview of the aforementioned project, and will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems with respect to the aforementioned issues. During the last twenty years, many vulnerabilities have been identified in the TCP/IP stacks of a number of systems. The discovery of these vulnerabilities led in most cases to reports being published by a number of CSIRTs and vendors, which helped to raise awareness about the threats and the best possible mitigations known at the time the reports were published. For some reason, much of the effort of the security community on the Internet protocols did not result in official documents (RFCs) being issued by the organization in charge of the standardization of the communication protocols in use by the Internet: the Internet Engineering Task Force (IETF). This basically led to a situation in which "known" security problems have not always been addressed by all vendors. In addition, in many cases vendors have implemented quick "fixes" to the identified vulnerabilities without a careful analysis of their effectiveness and their impact on interoperability. As a result, producing a secure TCP/IP implementation nowadays is a very difficult task, in large part because of the hard task of identifying relevant documentation and differentiating between that which provides correct advisory, and that which provides misleading advisory based on inaccurate or wrong assumptions. During 2006, the United Kingdom's Centre for the Protection of National Infrastructure embarked itself in an ambitious and arduous project: performing a security assessment of the TCP and IP protocols. The project did not limit itself to an analysis of the relevant IETF specifications, but also included an analysis of common implementation strategies found in the most popular TCP and IP implementations. The result of the project was a set of documents which identifies possible threats for the TCP and IP protocols and, where possible, proposes counter-measures to mitigate the identified threats. This presentation will will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems.

                          • George Neville-Neil - Thinking about thinking in code
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, keynote, bsd, george neville-neil
                            Files: Slides (137 pages, 4.0 Mb)

                            Thinking about thinking in code Proposed keynote talk This is not a talk that's specific to any BSD but is a more general talk about how we think about coding and how our thinking changes the way we code. I compare how we built systems to how other industries build their products and talk about what we can learn from how we work and from how others work as well.

                          • Een historisch overzicht van BSD - Hans van de Looy
                            Source: Nederlandse Linux Gebruikers Group
                            Added: 2008-December-31
                            Tags: nllgg, bsd, history, hans van de looy
                            Files: PDF version (5767 Kb, 38 pages)

                            Hans zal een historisch overzicht geven van het ontstaan van *BSD vanaf de oorsprong van UNIX tot aan de nu bekende *BSD varianten. Hij zal daarbij met name ingaan wat de oorsprong en het ontstaan van een aantal *BSD-projecten zijn. Hierbij zal hij zeer kort ingaan op de verschillende licentieproblemen die we in het verleden gezien hebben en worden een aantal bekende personen en data weer eens even op de kaart geplaatst. Hans van de Looy is oprichter van Madison Gurkha. Een bedrijf dat gespecialiseerd is op het gebied van het uitvoeren van technische ICT-beveiligingsonderzoeken, in de media ook wel aangeduid met Etisch Hacken. Tijdens dergelijke onderzoeken maakt hij ook regelmatig gebruik van op BSD* gebaseerde systemen.

                          bsd certification

                          bsd fast filesystem

                          bsd is dying

                          • BSD is Dying, Jason Dixon, NYCBSDCon 2007
                            Source: YouTube bsdconferences channel
                            Added: 2008-December-06
                            Tags: youtube, nycbsdcon, nycbsdcon2007, bsd is dying, jason dixon
                            Files: Flash (17:41)

                            A tongue-in-cheek look at the history and future of the BSD movement. Modeled after the presentation styles of Lessig and Hardt, the talk provides a light-hearted introspection of the leaders, technologies, and community that forges ahead despite having been left for dead some 15 years past. This presentation was given by Jason Dixon at the NYC BSD Conference at Columbia University on October 28, 2006 clive URL: http://www.youtube.com/watch?v=g7tvI6JCXD0

                          • New York City BSD Con 2006: BSD is Dying - A Cautionary Tale of Sex and Greed
                            Source: New York City *BSD User Group
                            Added: 2006-November-02
                            Tags: nycbug, presentation, humor, bsd is dying, jason dixon
                            Files: QuickTime (19Mb), MP4 (31Mb), iPod (36Mb)

                            BSD is Dying A Cautionary Tale of Sex and Greed Jason Dixon October 28, 2006 First and foremost, I would like to thank the unique presentation styles of Dick Hardt and Lawrence Lessig for inspiring me to create this presentation. The following videos were created by exporting the original Keynote presentation slides into QuickTime video, then manually synchronizing them using iMovie HD with the audio recordings captured by Nikolai Fetissov. They were then exported into QuickTime, mpeg4 (H.264/AAC), and iPod movie formats. If you are having difficulties with the MP4 copy, and are unable to view QuickTime movies, please contact me and I'll try to assist.

                          bsd versus gpl

                          bsd#

                          bsdcan

                          • BSDCan-2012 Photos - Friday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2012-05-28
                            Tags: 2012, bsdcan, bsdcan2012, photos, diane bruce

                            Photos taken during the Conference on Friday at BSDCan 2012 in Ottawa by Diane Bruce.

                          • BSDCan-2012 Photos - Saturday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2012-05-28
                            Tags: 2012, bsdcan, bsdcan2012, photos, diane bruce

                            Photos taken during both the DevSummit and Conference on Saturday at BSDCan 2012 in Ottawa by Diane Bruce.

                          • BSDCan-2012 Photos - Saturday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2012-05-28
                            Tags: 2012, bsdcan, bsdcan2012, photos, benedict reuschling

                            Photos taken during both the DevSummit and Conference on Saturday at BSDCan 2012 in Ottawa by Benedict Reuschling.

                          • BSDCan-2012 - Michael Dexter - An applied survey of BSD multiplicity and virtualization strategies from chroot to BHyVe
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2012-05-30
                            Tags: 2012, bsdcan, bsdcan2012, papers, michael dexter
                            Files: html

                            Ever since the University of California, Berkeley CSRG implemented the chroot(8) command and system call in its BSD operating system in 1982, the community-developed BSD Unix derivatives have set the standard for the introduction of plurality to the conventionally-singular Unix computing model. Today's system operators and developers have an array of BSD-licensed multiplicity strategies at their disposal that offer various degrees of both isolation and virtualization when introducing plurality. This paper will survey current and experimental BSD multiplicity strategies including chroot, FreeBSD jail, NetBSD/Xen, Amazon EC2, compatlinux, GXemul and SIMH, plus experimental strategies such as FreeBSD BHyVe, compatmach, Usermode NetBSD, Dragonfly BSD vkernel, OpenBSD sysjail and NetBSD mult. As an applied survey, this paper will both categorize each multiplicity strategy by the Unix environment to which it introduces plurality and demonstrate the usage of the utilities relating to each solution.

                          • BSDCan-2012 - Kirk McKusick - An Overview of Locking in the FreeBSD Kernel
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2012-05-30
                            Tags: 2012, bsdcan, bsdcan2012, papers, kirk mckusick
                            Files: Slides (27 Kb)

                            The FreeBSD kernel uses seven different types of locks to ensure proper access to the resources that it manages. This talk describes the hierarchy of these locks from the low-level and simple to the high-level and full-featured. The functionality of each type of lock is described along with the problem domain for which it is intended. The talk concludes by describing the witness system within the FreeBSD kernel that tracks the usage of all the locks in the system and reports any possible deadlocks that might occur because of improper acquisition ordering of locks.

                          • BSDCan-2012 - Pawel Jakub Dawidek - auditdistd - Secure and reliable distribution of audit trail files
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2012-05-30
                            Tags: 2012, bsdcan, bsdcan2012, papers, pawel jakub dawidek
                            Files: PDF (=265.6 Kb, 50 pages)

                            Security Event Audit is a facility to provide fine-grained, configurable logging of security-relevant events. Audit events are stored in trail files that can be used for postmortem analysis in case of system compromise. Once the system is compromised, an attacker has access to audit trail files and can modify or delete them. The auditdistd daemon's role is to distribute audit trail files to a remote system in a secure and reliable way.

                          • BSDCan-2012 - Ivan Voras - Bullet Cache - Balancing speed and usability in a cache server
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2012-05-30
                            Tags: 2012, bsdcan, bsdcan2012, papers, ivan voras
                            Files: PDF (=661.3 Kb, 40 pages)

                            Bullet Cache is an in-memory cache server inspired by memcached, but with a twist: a powerful record tagging and bulk query facility, configurable multithreading models and a dump / cache prewarm option. This talk will have two parts: a technical description of Bullet Cache's implementation with focus on programming techniques and optimizations, and a description of usage scenarios with the focus on how it can help real-world applications (not limited to Web applications).

                          • BSDCan-2012 - Benedict Reuschling - Google Code-In and FreeBSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2012-05-30
                            Tags: 2012, bsdcan, bsdcan2012, papers, benedict reuschling
                            Files: PDF (=82 Kb, 16 pages)

                            A summary of FreeBSD's participation in the 2011 contest.

                          • BSDCan-2012 Photos - Developers summit and conference
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2012-05-28
                            Tags: 2012, bsdcan, bsdcan2012, photos, ollivier robert

                            Photos taken during both the DevSummit and Conference on Saturday at BSDCan 2012 in Ottawa by Ollivier Robert.

                          • BSDCan-2011 - Brooks Davis - Improving System Management with ZFS
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2011-05-30
                            Tags: 2011, bsdcan, bsdcan2011, papers, brooks davis
                            Files: PDF (=40.4 Kb, 2 pages)

                            The Zetabyte File System (ZFS) is a modern file system which combines traditional file system features like a POSIX file system interface with RAID and volume management functionality. Features such as snapshot management and file share management are all managed within the ZFS interface. This management interface provides a number of opportunities to simplify system management. In the Technical Computing Services Sub-division of The Aerospace Corporation we are taking advantage of these features in a number of different ways. This talk presents some of the more interesting ones.

                          • BSDCan-2011 Photos - Saturday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2011-05-14
                            Tags: 2011, bsdcan, bsdcan2011, photos, diane bruce

                            Photos taken during the Conference on Saturday at BSDCan 2011 in Ottawa by Diane Bruce.

                          • BSDCan-2011 Photos - Friday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2011-05-13
                            Tags: 2011, bsdcan, bsdcan2011, photos, diane bruce

                            Photos taken during the Conference on Friday at BSDCan 2011 in Ottawa by Diane Bruce.

                          • BSDCan-2010 Photos - Saturday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2010-05-15
                            Tags: 2010, bsdcan, bsdcan2010, photos, diane bruce

                            Photos taken during the Conference on Saturday at BSDCan 2010 in Ottawa by Diane Bruce.

                          • BSDCan-2010 Photos - Friday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2010-05-14
                            Tags: 2010, bsdcan, bsdcan2010, photos, diane bruce

                            Photos taken during the Conference on Friday at BSDCan 2010 in Ottawa by Diane Bruce.

                          • BSDCan-2010 - Kris Moore - The PBI format re-implemented for FreeBSD and PC-BSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2010-05-20
                            Tags: 2010, bsdcan, bsdcan2010, papers, kris moore
                            Files: html

                            The PBI format (Push Button Installer) has been the default package management system for PC-BSD going on 5+ years now. However as we looked to the future it became apparent that it was greatly needing an overhaul to both improve its functionality, and expand its usage outside the scope of just PC-BSD. Among the areas needing improvement were how it dealt with identical libraries between applications, the heavy requirements from being implemented in QT/KDE, and lack of a digital verification mechanism.

                          • A Few FreeBSD Core Team Members
                            Source: bsdtalk
                            Added: 2009-05-24
                            Tags: bsdtalk, interview, bsdcan, freebsd core team, robert watson, brooks davis, hiroki sato, philip paeps, george neville-neil
                            Files: MP3 version (18 Mb, 38 minutes), Ogg version (38 minutes)

                            Interview with a few of the FreeBSD Core Team members at BSDCan 2009: Robert Watson, Brooks Davis, Hiroki Sato, Philip Paeps, and George V. Neville-Neil. We talk about the recent 7.2 release, and what is coming for 8.

                          • BSDCan 2009 with Dan Langille
                            Source: bsdtalk
                            Added: 2009-05-24
                            Tags: bsdtalk, interview, bsdcan, dan langille
                            Files: MP3 version (6 Mb, 13 minutes), Ogg version (13 minutes)

                            Interview with Dan Langille. We talk about BSDCan 2009. More information at http://www.bsdcan.org.

                          • Robert Watson's Slides from BSDCan 2006 and FreeBSD Developer Summit
                            Source: Robert Watson
                            Added: 2007-01-14
                            Tags: bsdcan, bsdcan2006, notes, devsummit, robert watson
                            Files: Notes from the 10 May 2006 Meeting of the Network Stack Cabal (Developer Summit) (72 Kb), SMPng Network Stack Update (Developer Summit) (91 Kb), TrustedBSD Project Update (Developer Summit) (120 Kb), How the FreeBSD Project Works (BSDCan 2006 Full Conference) (4.4 Mb Kb)

                            As usual, Dan Langille ran an excellent BSDCan conference. On this page, you can find my slides from the developer summit and full conference, excluding the contents of the WIPs, for which I don't have permission to redistribute the slides.

                          • Robert Watson's Slides from BSDCan 2004
                            Source: Robert Watson
                            Added: 2007-01-14
                            Tags: bsdcan, bsdcan2004, slides, trustedbsd, freebsd, robert watson
                            Files: TrustedBSD: Trusted Operating System Features for BSD (277 Kb)

                            BSDCan 2004 took place at the University of Ottawa in Ottawa, Canada. On this page, you can find my slides from the conference. Robert Watson will describe a variety of pieces of work done as part of the TrustedBSD Project, including the TrustedBSD MAC Framework, Audit facilities for FreeBSD, as well as supporting infrastructure work such as GEOM/GBDE, UFS2, OpenPAM. He will also discuss how certification and evaluation play into feature selection, design, and documentation.

                          • BSDCan-2006 Photos - Friday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2006-05-24
                            Tags: 2006, bsdcan, bsdcan2006, photos, diane bruce

                            Photos taken during the Conference on Friday at BSDCan 2006 in Ottawa by Diane Bruce.

                          • BSDCan-2006 Photos - Saturday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2006-05-24
                            Tags: 2006, bsdcan, bsdcan2006, photos, diane bruce

                            Photos taken during the Conference on Saturday at BSDCan 2006 in Ottawa by Diane Bruce.

                          • Chris Buechler and Scott Ullrich - pfSense: 2.0 and beyond
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, pfsense, chris buechler, scott ullrich
                            Files: Slides (36 pages, 3.2 Mb)

                            pfSense: 2.0 and beyond From firewall distribution to appliance building platform pfSense is a BSD licensed customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. This session will start with an introduction to the project and its common uses, which have expanded considerably beyond firewalling. We will cover much of the new functionality coming in the 2.0 release, which contains significant enhancements to nearly every portion of the system as well as numerous new features. While the primary function of the project is a firewalling and routing platform, with changes coming in pfSense 2.0, it has also become an appliance building framework enabling the creation of customized special purpose appliances. The m0n0wall code where pfSense originated has proved popular for this purpose, with AskoziaPBX and FreeNAS also based upon it, in addition to a number of commercial solutions. The goal of this appliance building framework is to enable creation of projects such as these without having to fork and maintain another code base. The existing appliances, including a DNS server using TinyDNS, VoIP with FreeSWITCH, and others will be discussed. For those interested in creating appliances, an overview of the process will be provided along with references for additional information.

                          • Luigi Rizzo - GEOM based disk schedulers for FreeBSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
                            Files: Slides (40 pages, 430 Kb)

                            GEOM based disk schedulers for FreeBSD The high cost of seek operations makes the throughput of disk devices very sensitive to the offered workload. A disk scheduler can then help reorder requests to improve the overall throughput of the device, or improve the service guarantees for individual users, or both. Research results in recent years have introduced, and proven the effectiveness of, a technique called "anticipatory scheduling". The basic idea behind this technique is that, in some cases, requests that cause a seek should not be served immediately; instead, the scheduler should wait for a short period of time in case other requests arrive that do not require a seek to be served. With many common workloads, dominated by sequential synchronous requests, the potential loss of throughput caused by the disk idling times is more than balanced by the overall reduction of seeks. While a fair amount of research on disk scheduling has been conducted on FreeBSD, the results were never integrated in the OS, perhaps because the various prototype implementations were very device-specific and operated within the device drivers. Ironically, anticipatory schedulers are instead a standard part of Linux kernels. This talk has two major contributions: First, we will show how, thanks to the flexibility of the GEOM architecture, an anticipatory disk scheduling framework has been implemented in FreeBSD with little or no modification to a GENERIC kernel. While these schedulers operate slightly above the layer where one would naturally put a scheduler, they can still achieve substantial performance improvements over the standard disk scheduler; in particular, even the simplest anticipatory schedulers can prevent the complete trashing of the disk performance that often occurs in presence of multiple processes accessing the disk. Secondly, we will discuss how the basic anticipatory scheduling technique can be used not only to improve the overall throughput of the disk, but also to give service guarantees to individual disk clients, a feature that is extremely important in practice e.g., when serving applications with pseudo-real-time constraints such as audio or video streaming ones. A prototype implementation of the scheduler that will be covered in the presentation is available at http://info.iet.unipi.it/~luigi/FreeBSD/

                          • Constantine A. Murenin - Quiet Computing with BSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, openbsd, hardware sensors, constantine murenin
                            Files: Slides (16 pages, 264 Kb)

                            Quiet Computing with BSD Programming system hardware monitors for quiet computing In this talk, we will present a detailed overview of the features and common problems of microprocessor system hardware monitors as they relate to the topic of silent computing. In a nutshell, the topic of programmable fan control will be explored. Silent computing is an important subject as its practice reduces the amount of unnecessary stress and improves the motivation of the workforce, at home and in the office. Attendees will gain knowledge on how to effectively programme the chips to minimise fan noise and avoid system failure or shutdown during temperature fluctuations, as well as some basic principles regarding quiet computing. Shortly before the talk, a patch for programming the most popular chips (like those from Winbond) will be released for the OpenBSD operating system, although the talk itself will be more specific to the microprocessor system hardware monitors themselves, as opposed to the interfacing with thereof in modern operating systems like OpenBSD, NetBSD, DragonFly BSD and FreeBSD.

                          • Fernando Gont - Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, bsd, security assessment, fernado gont
                            Files: Proposal (3 pages, 93 Kb), Security Assessment of the Internet Protocol (63 pages, 660 Kb), Security Assessment of the Transmission Control Protocol (TCP) (130 pages, 1.4 Mb), Slides (64 pages, 473 Kb)

                            Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies Fernando Gont will present the results of security assessment of the TCP and IP protocols carried out on behalf of the United Kingdom's Centre for the Protection of National Infrastructure (Centre for the Protection of National Infrastructure). His presentation will provide an overview of the aforementioned project, and will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems with respect to the aforementioned issues. During the last twenty years, many vulnerabilities have been identified in the TCP/IP stacks of a number of systems. The discovery of these vulnerabilities led in most cases to reports being published by a number of CSIRTs and vendors, which helped to raise awareness about the threats and the best possible mitigations known at the time the reports were published. For some reason, much of the effort of the security community on the Internet protocols did not result in official documents (RFCs) being issued by the organization in charge of the standardization of the communication protocols in use by the Internet: the Internet Engineering Task Force (IETF). This basically led to a situation in which "known" security problems have not always been addressed by all vendors. In addition, in many cases vendors have implemented quick "fixes" to the identified vulnerabilities without a careful analysis of their effectiveness and their impact on interoperability. As a result, producing a secure TCP/IP implementation nowadays is a very difficult task, in large part because of the hard task of identifying relevant documentation and differentiating between that which provides correct advisory, and that which provides misleading advisory based on inaccurate or wrong assumptions. During 2006, the United Kingdom's Centre for the Protection of National Infrastructure embarked itself in an ambitious and arduous project: performing a security assessment of the TCP and IP protocols. The project did not limit itself to an analysis of the relevant IETF specifications, but also included an analysis of common implementation strategies found in the most popular TCP and IP implementations. The result of the project was a set of documents which identifies possible threats for the TCP and IP protocols and, where possible, proposes counter-measures to mitigate the identified threats. This presentation will will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems.

                          • Randi Harper - Automating FreeBSD Installations
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, pxe, sysinstall, randi harper
                            Files: Slides (14 pages, 33 Kb)

                            Automating FreeBSD Installations PXE Booting and install.cfg Demystified This paper will provide an explanation of the tools involved in performing an automated FreeBSD install and a live demonstration of the process. FreeBSD's sysinstall provides a powerful and flexible mechanism for automated installs but doesn't get used very often because of a lack of documentation.

                          • Brooks Davis - Isolating Cluster Jobs for Performance and Predictability
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, cluster, brooks davis
                            Files: Slides (27 pages, 1.4 Mb)

                            Isolating Cluster Jobs for Performance and Predictability At The Aerospace Corporation, we run a large FreeBSD based computing cluster to support engineering applications. These applications come in all shapes, sizes, and qualities of implementation. To support them and our diverse userbase we have been searching for ways to isolate jobs from one another in ways that are more effective than Unix time sharing and more fine grained than allocating whole nodes to jobs. In this talk we discuss the problem space and our efforts so far. These efforts include implementation of partial file systems virtualization and CPU isolation using CPU sets.

                          • John Baldwin - Multiple Passes of the FreeBSD Device Tree
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, device tree, john baldwin
                            Files: Paper (8 pages, 103 Kb), Slides (15 pages, 60 Kb)

                            Multiple Passes of the FreeBSD Device Tree The existing device driver framework in FreeBSD works fairly well for many tasks. However, there are a few problems that are not easily solved with the current design. These problems include having "real" device drivers for low-level hardware such as clocks and interrupt controllers, proper resource discovery and management, and allowing most drivers to always probe and attach in an environment where interrupts are enabled. I propose extending the device driver framework to support multiple passes over the device tree during boot. This would allow certain classes of drivers to be attached earlier and perform boot-time setup before other drivers are probed and attached. This in turn can be used to develop solutions to the earlier list of problems.

                          • Colin Percival - scrypt: A new key derivation function
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, scrypt, colin percival
                            Files: Paper (16 pages, 201 Kb), Slides (21 pages, 556 Kb)

                            scrypt: A new key derivation function Doing our best to thwart TLAs armed with ASICs Password-based key derivation functions are used for two primary purposes: First, to hash passwords so that an attacker who gains access to a password file does not immediately possess the passwords contained therewithin; and second, to generate cryptographic keys to be used for encrypting or authenticating data. In both cases, if passwords do not have sufficient entropy, an attacker with the relevant data can perform a brute force attack, hashing potential passwords repeatedly until the correct key is found. While commonly used key derivation functions, such as Kamp's iterated MD5, Provos and Mazieres' bcrypt, and RSA Laboratories' PBKDF1 and PBKDF2 make an attempt to increase the difficulty of brute-force attacks, they all require very little memory, making them ideally suited to attack by custom hardware. In this talk, I will introduce the concepts of memory-hard and sequential memory-hard functions, and argue that key derivation functions should be sequential memory-hard. I will present a key derivation function which, subject to common assumptions about cryptographic hash functions, is provably sequential memory-hard, and a variation which appears to be stronger (but not provably so). Finally, I will provide some estimates of the cost of performing brute force attacks on a variety of password strengths and key derivation functions.

                          • George Neville-Neil - Thinking about thinking in code
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, keynote, bsd, george neville-neil
                            Files: Slides (137 pages, 4.0 Mb)

                            Thinking about thinking in code Proposed keynote talk This is not a talk that's specific to any BSD but is a more general talk about how we think about coding and how our thinking changes the way we code. I compare how we built systems to how other industries build their products and talk about what we can learn from how we work and from how others work as well.

                          • Stephen Borrill - Building products with NetBSD - thin-clients
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, netbsd, thin client, stephen borrill
                            Files: Slides (60 pages, 499 Kb)

                            Building products with NetBSD - thin-clients NetBSD: delivering the goods This talk will discuss what thin-clients are, why they are useful and why NetBSD is good choice to build such a device. This talk will provide information on some alternatives and the strengths and weaknesses of NetBSD when used in such a device. It will discuss problems that needed to be addressed such as how to get a device with rich functionality running from a small amount of flash storage, as well as recent developments in NetBSD that have helped improve the product.

                          • Cat Allman and Leslie Hawthorn - Getting Started in Free and Open Source
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, getting started, cat allman, leslie hawthorn
                            Files: Slides (25 pages, 893 Kb)

                            Getting Started in Free and Open Source Interested in getting involved? But don't really know where or how to start? The talk is called "Getting Started in Free and Open Source". It's a talk for beginners who are interested to getting involved but don't really know where or how to start. We cover the basics of: -why you might want to get involved -what you can get out of participating -more than coding is needed -how to chose a project -how to get started -etiquette of lists and other communication -dos and don't of joining a community

                          • Warner Losh - Tracking FreeBSD in a commercial Environment
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, commercial environment, waner losh
                            Files: Slides (10 pages, 104 Kb), Paper (45 pages, 624 Kb)

                            Tracking FreeBSD in a commercial Environment How to stay current while staying sane The FreeBSD project publishes two lines of source code: current and stable. All changes must first be committed to current and then are merged into stable. Commercial organizations wishing to use FreeBSD in their products must be aware of this policy. Four different strategies have developed for tracking FreeBSD over time. A company can choose to run only unmodified release versions of FreeBSD. A company may choose to import FreeBSD's sources once and then never merge newer versions. A company can choose to import each new stable branch as it is created, adding its own changes to that branch, as well as integrating new versions from FreeBSD from time to time. A company can track FreeBSD's current branch, adding to it their changes as well as newer FreeBSD changes. Which method a company chooses depends on the needs of the company. These methods are explored in detail, and their advantages and disadvantages are discussed. Tracking FreeBSD's ports and packages is not discussed. Companies building products based upon FreeBSD have many choices in how to use the projects sources and binaries. The choices range from using unmodified binaries from FreeBSD's releases, to tracking modify FreeBSD heavily and tracking FreeBSD's evolution in a merged tree. Some companies may only need to maintain a stable version of FreeBSD with more bug fixes or customizations than the FreeBSD project wishes to place in that branch. Some companies also wish to contribute some subset of their changes back to the FreeBSD project. FreeBSD provides an excellent base technology with which to base products. It is a proven leader in performance, reliability and scalability. The technology also offers a very business friendly license that allows companies to pick and choose which changes they wish to contribute to the community rather than forcing all changes to be contributed back, or attaching other undesirable license conditions to the code. However, the FreeBSD project does not focus on integration of its technology into customized commercial products. Instead, the project focuses on producing a good, reliable, fast and scalable operating system and associated packages. The project maintains two lines of development. A current branch, where the main development of the project takes place, and a stable branch which is managed for stability and reliability. While the project maintains documentation on the system, including its development model, relatively little guidance has been given to companies in how to integrate FreeBSD into their products with a minimum of trouble. Developing a sensible strategy to deal with both these portions of FreeBSD requires careful planning and analysis. FreeBSD's lack of guidelines to companies leaves it up to them to develop a strategy. FreeBSD's development model differs from some of the other Free and Open Source projects. People familiar with those systems often discover that methods that were well suited to them may not work as well with FreeBSD's development model. These two issues cause many companies to make poor decisions without understanding the problems that lie in their future. Very little formal guidance exists for companies wishing to integrate FreeBSD into their products. Some email threads can be located via a Google search that could help companies, but many of them are full of contradictory information, and it is very disorganized. While the information about the FreeBSD development process is in the FreeBSD handbook, the implications of that process for companies integrating FreeBSD into their products are not discussed.

                          • Kris Moore - PC-BSD - Making FreeBSD on the desktop a reality
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, pc-bsd, freebsd, kris moore
                            Files: Slides (35 pages, 512 Kb), Paper (9 pages, 351 Kb)

                            PC-BSD - Making FreeBSD on the desktop a reality FreeBSD on the Desktop While FreeBSD is a all-around great operating system, it is greatly lagging behind in desktop appeal. Why is this? In this talk, we will take a look at some of the desktop drawbacks of FreeBSD, and how are are attempting to fix them through PC-BSD. FreeBSD has a reputation for its rock-solid reliability, and top-notch performance in the server world, but is noticeably absent when it comes to the vast market of desktop computing. Why is this? FreeBSD offers many, if not almost all of the same open-source packages and software that can be found in the more popular Linux desktop distributions, yet even with the speed and reliability FreeBSD offers, a relative few number of users are deploying it on their desktops. In this presentation we will take a look at some of the reasons why FreeBSD has not been as widely adopted in the desktop market as it has on the server side. Several of the desktop weaknesses of FreeBSD will be shown, along with how we are trying to fix these short-comings through a desktop-centric version of FreeBSD, known as PC-BSD. We will also take a look at the package management system employed by all open-source operating systems alike, and some of the pitfalls it brings, which may hinder widespread desktop adoption.

                          • Sean Bruno - Implementation of TARGET_MODE applications
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, firewire, sean bruno
                            Files: Slides (22 pages, 72 Kb)

                            Implementation of TARGET_MODE applications How we used TARGET_MODE in the kernel to create and interesting product This presentation will cover a real world implementation of the TARGET_MODE infrastructure in the kernel (stable/6). Topics to include: drivers used (isp, aic7xxx, firewire). scsi_target userland code vs kernel drivers missing drivers (4/8G isp support, iSCSI target) Target Mode describes a feature within certain drivers that allows a FreeBSD system to emulate a Target in the SCSI sense of the word. By recompiling your kernel with this feature enabled, it permits one to turn a FreeBSD system into an external hard disk. This feature of the FreeBSD kernel provides many interesting implementations and is highly desirable to many organizations whom run FreeBSD as their platform. I have been tasked with the maintenance of a proprietary target driver that interfaces with the FreeBSD kernel to do offsite data mirroring at the block level. This talk will discuss the implementation of that kernel mode driver and the process my employer went through to implement a robust and flexible appliance. Since I took over the implementation, we have implemented U160 SCSI(via aic7xxx), 2G Fibre Channel(via isp) and Firewire 400 (via sbp_targ). Each driver has it's own subtleties and requirements. I personally enhanced the existing Firewire target driver and was able to get some interesting results. I hope to demonstrate a functional Firewire 400/800 target and show how useful this application can be for the embedded space. Also, I wish to demonstrate the need for iSCSI. USB and 4/8G Fibre Channel target implementations that use the TARGET_MODE infrastructure that is currently in place to allow others to expand their various interface types. The presentation should consist of a high level overview, followed by detailed implementation instructions with regards to the Firewire implementation and finish up with a hands-on demonstration with a FreeBSD PC flipped into TARGET_MODE and a Mac.

                          • George Neville-Neil - Understanding and Tuning SCHED_ULE
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, sched_ule, george neville-neil
                            Files: Slides (29 pages, 228 Kb)

                            Understanding and Tuning SCHED_ULE With the advent of widespread SMP and multicore CPU architectures it was necessary to implement a new scheduler in the FreeBSD operating system. The SCHEDULE scheduler was added for the 5 series of FreeBSD releases and has now matured to the point where it is the default scheduler in the 7.1 release. While scheduling processes was a difficult enough task in the uniprocessor world, moving to multiple processors, and multiple cores, has significantly increased the number of problems that await engineers who wish to squeeze every last ounce of performance out of their system. This talk will cover the basic design of SCHEDULE and focus a great deal of attention on how to tune the scheduler for different workloads, using the sysctl interfaces that have been provided for that purpose. Understanding and tuning a scheduler used to be done only by operating systems designers and perhaps a small minority of engineers focusing on esoteric high performance systems. With the advent of widespread multi-processor and multi-core architectures it has become necessary for more users and administrators to decide how to tune their systems for the best performance. The SCHEDULE scheduler in FreeBSD provides a set of sysctl interfaces for tuning the scheduler at run time, but in order to use these interfaces effectively the scheduling process must first be understood. This presentation will give an overview of how SCHEDULE works and then will show several examples of tuning the system with the interfaces provided. The goal of modifying the scheduler's parameters is to change the overall performance of programs on the system. One of the first problems presented to the person who wants to tune the scheduler is how to measure the effects of their changes. Simply tweaking the parameters and hoping that that will help is not going to lead to good results. In our recent experiments we have used the top(1) program to measure our results.

                          • Lawrence Stewart - Improving the FreeBSD TCP Implementation
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, tcp, lawrence stewart
                            Files: Slides (38 pages, 2.1 Mb)

                            Improving the FreeBSD TCP Implementation. An update on all things TCP in FreeBSD and how they affect you. My involvement in improving the FreeBSD TCP stack has continued this past year, with much of the work targeted at FreeBSD 8. This talk will cover what these changes entail, why they are of interest to the FreeBSD community and how they help to improve our TCP implementation. It has been a busy year since attending my inaugural BSDCan in 2008, where I talked about some of my work with TCP in FreeBSD. I have continued the work on TCP analysis/debugging tools and integrating modular congestion control into FreeBSD as part of the NewTCP research project. I will provide a progress update on this work. Additionally, a grant win from the FreeBSD Foundation to undertake a project titled "Improving the FreeBSD TCP Implementation" at Swinburne University's Centre for Advanced Internet Architectures has been progressing well. The project focuses on bringing TCP Appropriate Byte Counting (RFC 3465), reassembly queue auto-tuning and integration of low-level analysis/debugging tools to the base system, all of which I will also discuss.

                          • Joerg Sonnenberger - Journaling FFS with WAPBL
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, netbsd, wapbl, ffs, joerg sonnenberger
                            Files: Slides (24 pages, 10 Kb)

                            Journaling FFS with WAPBL NetBSD 5 is the first NetBSD release with a journaling filesystem. This lecture introduces the structure of the Fast File System, the modifications for WAPBL and specific constraints of the implementation. The Fast File System (FFS) has been used in the BSD land for more than two decades. The original implementation offered two operational modes: safe and slow (sync) unsafe and fast (async) One decade ago, Kirk McKusick introduced the soft dependency mechanism to offset the performance impact without risk of mortal peril on the first crash. With the advent of Terabyte hard disks, the need for a file system check (fsck) after a crash becomes finally unacceptable. Even a background fsck like supported on FreeBSD consumes lots of CPU time and IO bandwidth. Based on a donation from Wasabi Systems, Write Ahead Physical Block Logging (WAPBL) provides journaling for FFS with similar or better performance than soft dependencies during normal operation. Recovery time after crashes depends on the amount of outstanding IO operations and normally takes a few seconds. This lecture gives a short overview of FFS and the consistency constraints for meta data updates. It introduces the WAPBL changes, both in terms of the on-disk format and the implementation in NetBSD. Finally the implementation is compared to the design of comparable file systems and specific issues of and plans for the current implementation are discussed.

                          • Ivan Voras - Remote and mass management of systems with finstall
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
                            Files: Slides (24 pages, 377 Kb)

                            Remote and mass management of systems with finstall Automated management on a largish scale An important part of the "finstall" project, created as a graphical installer for FreeBSD, is a configuration server that can be used to remotely administer and configure arbitrary systems. It allows for remote scripting of administration tasks and is flexible enough to support complete reconfiguration of running systems. The finstall project has two major parts - the front-end and the back-end. The front-end is just a GUI allowing the users to install the system in a convenient way. The back-end is a network-enabled XML-RPC server that is used by the front-end to perform its tasks. It can be used as a stand-alone configuration daemon. This talk will describe a way to make use of this property of finstall to remotely manage large groups of systems.

                          • Mike Silbersack - Detecting TCP regressions with tcpdiff
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, tcpdiff, freebsd, mike silbersack
                            Files: Slides (33 pages, 89 Kb)

                            Detecting TCP regressions with tcpdiff Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. The initial version of tcpdiff presented at NYCBSDCon 2008 demonstrated that it could be used to detect at least two major TCP bugs that were introduced into FreeBSD in the past few years. The work from that presentation can be viewed at http://www.silby.com/nycbsdcon08/. For BSDCan 2009, I hope to fix a number of bugs in tcpdiff, make it easier to use, set up nightly tests of FreeBSD, and improve it so that additional known bugs can be detected. Additionally, I plan to run it on OSes other than FreeBSD.

                          • Philip Paeps - Crypto Acceleration on FreeBSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, crypto acceleration, freebsd, philip paeps
                            Files: Slides (28 pages, 361 Kb)

                            Crypto Acceleration on FreeBSD As more and more services on the internet become cryptographically secured, the load of cryptography on systems becomes heavier and heavier. Crypto acceleration hardware is available in different forms for different workloads. Embedded communications processors from VIA and AMD have limited acceleration facilities in silicon and various manufacturers build hardware for accelerating secure web traffic and IPSEC VPN tunnels. This talk gives an overview of FreeBSD's crypto framework in the kernel and how it can be used together with OpenSSL to leverage acceleration hardware. Some numbers will be presented to demonstrate how acceleration can improve performance - and how it can curiously bring a system to a grinding halt. Philip originally started playing with crypto acceleration when he saw the "crypto block" in one of his Soekris boards. As usual, addiction was instant and by the grace of the "you touch it, you own it" principle, he has been fiddling the crypto framework more than is good for him.

                          • Sean Bruno - Firewire BoF Plugfest
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, firewire, plugfest, sean bruno
                            Files: Slides (1 page, 37 Kb)

                            Firewire BoF Plugfest Debugging and testing of Firewire products with FreeBSD Come one come all to a Firewire plugfest. Let's debug and test together and see if we can't knock out some features and bugs. A hands-on testing and debugging session of the Firewire stack in FreeBSD. Everyone who wishes to attend should bring their Firewire devices, ext Drives and Cameras, and their Laptops. I will be debugging and capturing data points to enhance and improve features in the Firewire stack. We should be able to knock out quite a bunch of bugs if folks can bring their various Firewire devices along with their various PCs. Even if your Firewire device works perfectly, bring it by so it can be documented as supported by the Firewire team!

                          • Peter Hansteen - Building the Network You Need with PF, the OpenBSD packet filter
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, tutorial, pf, openbsd, peter hansteen
                            Files: Slides (68 pages, 2.5 Mb)

                            Building the Network You Need with PF, the OpenBSD packet filter. Building the network you need is the central theme for any network admin. This tutorial is for aspiring or seasoned network professionals with at least a basic knowledge of networking in general and TCP/IP particular. The session aims at teaching tools and techniques to make sure you build your network to work the way it's supposed to, keeping you in charge. Central to the toolbox is the OpenBSD PF packet filter, supplemented with tools that interact with it. Whether you are a greybeard looking for ways to optimize your setups or a greenhorn just starting out, this session will give you valuable insight into the inner life of your network and provide pointers to how to use that knowledge to build the network you need. The session will also offer some fresh information on changes introduced in OpenBSD 4.5, the most recent version of PF and OpenBSD. The tutorial is loosely based on Hansteen's recent book, /The Book of PF/ (No Starch Press), with updates and adaptations based on developments since the book's publication date.

                          • George Neville-Neil - Networking from the Bottom Up: Device Drivers
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, tutorial, device drivers, george neville-neil
                            Files: PDF file (68 pages, 480 Kb)

                            Networking from the Bottom Up: Device Drivers. In this tutorial I will describe how to write and maintain network drivers in FreeBSD and use the example of the Intel Gigabit Ethernet driver (igb) throughout the course. Students will learn the basic data structures and APIs necessary to implement a network driver in FreeBSD. The tutorial is general enough that it can be applied to other BSDs, and likely to other embedded and UNIX like systems while being specific enough that given a device and a manual the student should be able to develop a working driver on their own. This is the first of a series of lectures on network that I am developing over the next year or so.

                          • Daniel Braniss
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-28
                            Tags: bsdcan, bsdcan2008, presentation, iscsi, daniel braniss
                            Files: PDF file (30 pages, 1.4 Mb)

                            iSCSI not an Apple appliance. iSCSI is not an Apple appliance. The i in iSCSI stands for internet, some say for insecure, personally I like to think interesting. I'll try to share the road followed from RFC-3720 to the actual working driver, the challenges, the frustrations.

                          • Scott Ullrich, Chris Buechler - pfSense Tutorial
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-28
                            Tags: bsdcan, bsdcan2008, tutorial, freebsd, pfsense, scott ullrich, chris buechler
                            Files: PDF file (91 pages, 4.1 Kb)

                            pfSense Tutorial From Zero to Hero with pfSense pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices. This tutorial is being presented by the founders of the pfSense project, Chris Buechler and Scott Ullrich. The session will start with an introduction to the project, hardware sizing and selection, installation, firewalling concepts and basic configuration, and continue to cover all the most popular features of the system. Common usage scenarios, deployment considerations, step by step configuration guidance, and best practices will be covered for each feature. Most configurations will be demonstrated in a live lab environment. Attendees are assumed to have basic knowledge of TCP/IP and firewalling concepts, however no in-depth knowledge in these areas or prior knowledge of pfSense or FreeBSD is necessary.

                          • Bjoern A. Zeeb - BSDCan08 devsummit summary
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-28
                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, writeup, bjoern a zeeb

                            200805DevSummit - BSDCan 2008 FreeBSD Developer summit summary

                          • Rafal Jaworowski - FreeBSD Embedded Report
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, embedded, rafal jaworowski
                            Files: PDF file (6 pages, 58 Kb)

                            FreeBSD Embedded Report

                          • Robert Watson - TCP SMP Scalability
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, smp, robert watson
                            Files: PDF file (8 pages, 70 Kb)

                            TCP SMP Scalability

                          • Erwin Lansing - What's happening in the world of ports and portmgr
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-24
                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, portmgr, erwin lansing
                            Files: PDF file (14 pages, 146 Kb)

                            What's happening in the world of ports and portmgr

                          • Kern Sibbald - Bacula
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, bacula, kern sibbald
                            Files: PDF file (30 pages, 505 Kb)

                            Bacula The Open Source Enterprise Backup Solution The Bacula project started in January 2000 with several goals, one of which was the ability to backup any client from a Palm to a mainframe computer. Bacula is available under a GPL license. Bacula uses several distinct components, each communicating via TCP/IP, to achieve a very scalable and robust solution to backups. Kern is one of the original project founders and still one of the most productive Bacula developers.

                          • Warner Losh - FreeBSD/mips
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, freebsd, mips, embedded, warner losh
                            Files: PDF file (19 pages, 1.3 Mb)

                            FreeBSD/mips Embedding FreeBSD FreeBSD now runs on the MIPS platform. FreeBSD/mips supports MIPS-32 and MIPS-64 targets, including SMP for multicore support. FreeBSD/mips is targeted at the embedded MIPS marketplace. FreeBSD has run on the MIPS platform for many years. Juniper ported FreeBSD to the Mips platform in the late 1990's. However, concern about intellectual property issues kept Juniper from contributing the port back to FreeBSD until recently. The contributed port was a 64-bit mips port. In the mean time, many efforts were made to bring FreeBSD to the mips platform. The first substantial effort to bring FreeBSD to the Mips platform was done by Juli Mallet. This effort made it to single user, but never further than that. This effort was abandoned due to a change in Juli's life. The port languished. Two years ago at BSDcan, as my involvement with FreeBSD/arm was growing, I tried to rally the troops into doing a FreeBSD/mips port. My efforts resulted in what has been commonly called the "mips2" effort. The name comes from the choice of //depot/projects/mips2 to host the work in perforce. A number of people worked on the earliest versions of the port, but it too languished and seemed destined to suffer the same fate as earlier efforts. Then, two individuals stood up and started working on the port. Wojciech A. Koszek and Oleksandr Tymoshenko pulled in code from the prior efforts. Through their efforts of stabilizing this code, the port to the single user stage and ported it to three different platforms. Others ported it to a few more. Snapshots of this work were released from time to time. Cavium Networks picked up one of these snapshots and ported it to their multicore mips64 network processor. Cavium has kindly donated much of their work to the comminuty. In December, I started at Cisco systems. My first job was to merge all the divergent variants of FreeBSD/mips and get it into shape to push into the tree. With luck, this should be in the tree before I give my talk. In parallel to this, other advances in the embedded support for FreeBSD have been happening as well. I'll talk about new device drivers, new subsystems, and new build tools that help to support the embedded developer.

                          • Kris Moore - Building self-contained PBIs from Ports (Automagically)
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, pc-bsd, ports, pbi, kris moore
                            Files: PDF file (26 pages, 120 Kb)

                            Building self-contained PBIs from Ports (Automagically) Creating a self-contained application from the ports tree PC-BSD provides a user-friendly desktop experience, for experts and casual users alike. PC-BSD is 100% FreeBSD under the hood, while providing desktop essentials, such as a graphical installation system, point-n-click package-management using the PBI system, and easy to use system management tools; All integrated into an easy to use K Desktop Environment (KDE). The PBI (Push Button Installer) format is the cornerstone of the PC-BSD desktop, which allows users to install applications in a self-contained format, free from dependency problems, and compile issues that stop most casual users from desktop adoption. The PBI format also provides power and flexibility in user interaction, and scripting support, which allows applications to be fine-tuned to the best possible user experience. This talk would go over in some detail our new PBI building system, which converts a FreeBSD port, such as FireFox, into a standalone self-contained PBI installer for PC-BSD desktops. The presentation will be divided into two main sections: The Push Button Installer (PBI) Format The basics of the PBI format The PBI format construction Add & Remove scripting support within PBI Building PBIs from Ports "Auto-magically" The PBI build server & standalone software Module creation & configuration Converting messy ports into PBIs

                          • John Pertalion - An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, openbsd, openvpn, john pertalion
                            Files: PDF file (26 pages, 127 Kb)

                            An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD Solving the problem At Appalachian State University, we utilize an open source VPN to allow faculty, staff and vendors secure access to Appalachian State University's internal network from any location that has an Internet connection. To implement our virtual private network project, we needed a secure VPN that is flexible enough to work with our existing network registration and LDAP authentication systems, has simple client installation, is redundant, allows multiple VPN server instances for special site-to-site tunnels and unique configurations, and can run on multiple platforms. Using OpenVPN running on OpenBSD, we met those requirements and added a distributed administration system that allows select users to allow VPN access to specific computers for external users and vendors without requiring intervention from our network or security personnel. Our presentation will start with a quick overview of OpenVPN and OpenBSD and then detail the specifics of our VPN implementation. Dissatisfied with IPSec for road warrior VPN usage we went looking for a better solution. We had hopped that we could find a solution that would run on multiple platforms, was flexible and worked well. We found OpenVPN and have been pleased. Initially we ran it on RHEL. We migrated to OpenBSD for pf functionality and general security concerns. ...and because we like OpenBSD. Our presentation will focus on the specifics of our VPN implementation. We will quickly cover the basics of OpenVPN and the most used features of OpenBSD. Moving along we will cover multiple authentication methods, redundancy, running multiple instances, integration with our netreg system, how pf has extended functionality, embedding in appliances, and client configuration. The system has proven helpful with providing vendor access where needed and we'll cover this aspect as well. Time permitting we will cover current enhancement efforts and future plans. OpenVPN has been called the "Swiss army knife" of VPN solutions. We hope our presentation leaves participants with that feeling.

                          • Ivan Voras - "finstall" - the new FreeBSD installer
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, freebsd, installer, ivan voras
                            Files: PDF file (39 pages, 1.1 Mb)

                            "finstall" - the new FreeBSD installer A graphical installer for FreeBSD The "finstall" project, sponsored by Google as a Summer of Code 2007 project, is an attempt to create a user-friendly graphical installer for FreeBSD, with enough strong technical features to appeal to the more professional users. A long term goal for it is to be a replacement for sysinstall, and as such should support almost all of the features present in sysinstall, as well as add support for new FreeBSD features such as GEOM, ZFS, etc. This talk will describe the architecture of "finstall" and focus on its lesser known features such as remote installation. "finstall" is funded by Google SoC as a possible long-term replacement for sysinstall, as a "LiveCD" with the whole FreeBSD base system on the CD, with X11 and XFCE4 GUI. In the talk I intend to describe what I did so far, and what are the future plans for it. This includes the installer GUI, the backend (which has the potential to become a generic FreeBSD configuration backend) and the assorted tools developed for finstall ("LiveCD" creation scripts). More information on finstall can be found here: http://wiki.freebsd.org/finstall.

                          • Poul-Henning Kamp - Measured (almost) does Air Traffic Control
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, air traffic control, scada, poul-henning kamp
                            Files: PDF file (46 pages, 7.7 Mb)

                            Measured (almost) does Air Traffic Control Monitoring weird hardware reliably The new Danish Air Traffic Control system, CASIMO, prompted the development on a modular and general software platform for data collection, control and monitoring of "weird hardware" of all sorts. The talk will present the "measured" daemon, and detail some of the uses it has been put to, as an, admittedly peripheral, component of the ATC system. Many "SCADA" systems suffer from lack of usable interfaces for external access to the data. Measured takes the opposite point of view and makes real-time situation available, and accepts control instructions as ASCII text stream over TCP connections. Several examples of how this can be used will be demonstrated. Measured will run on any FreeBSD system, but has not been ported to other UNIX variants yet, and it is perfect for that "intelligent house" project of yours. I believe I gave a WIP presentation of this about two years ago.

                          • Chris Lattner - BSD licensed C++ compiler
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, bsdl, llvm, chris lattner
                            Files: PDF file (33 pages, 5.8 Mb)

                            BSD licensed C++ compiler LLVM is a suite of carefully designed open source libraries that implement compiler components (like language front-ends, code generators, aggressive optimizers, Just-In-Time compiler support, debug support, link-time optimization, etc.). The goal of the LLVM project is to build these components in a way that allows them to be combined together to create familiar tools (like a C compiler), interesting new tools (like an OpenGL JIT compiler), and many other things we haven't thought of yet. Because LLVM is under continuous development, clients of these components naturally benefit from improvements in the libraries. This talk gives an overview of LLVM's design and approach to compiler construction, and gives several example applications. It describes applications of LLVM technology to llvm-gcc (a C/C++/Objective C compiler based on the GNU GCC front-end), the OpenGL stack in Mac OS/X Leopard, and Clang. Among other things, the Clang+LLVM Compiler provides a fully BSD-Licensed C and Objective-C compiler (with C++ in development) which compiles code several times faster than GCC, produces code that is faster than GCC in many cases, produces better warnings and error messages, and supports many other applications (e.g. static analysis and refactoring).

                          • Robert Watson - BSDCan 2008 - Closing
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, robert watson
                            Files: PDF file (55 pages, 428 Kb)

                            Closing Beer, prizes, secrets, Works In Progress The traditional closing... with some new and interesting twists. Sleep in if you must, but don't miss this session.

                          • Leslie Hawthorn - Google SoC
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, google, summer of code, leslie hawthorn
                            Files: PDF file (44 pages, 2.2 Mb)

                            Google SoC Summer of Code In this talk, I will briefly discuss some general ways Google's Open Source Team contributes to the wider community. The rest of the talk will explore some highlights of the Google Summer of Code program, our initiative to get university students involved in Open Source development. I will cover the program's inception, lessons learned over time and tips for success in the program for both mentors and students. In particular, the talk will detail some experiences of the *BSD mentoring organizations involved in the program as a case study in successfully managing the program from the Open Source project's perspective. Any Google Summer of Code participants in the audience are welcome and encouraged to chime in with their own insights.

                          • Pawel Jakub Dawidek - A closer look at the ZFS file system
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, zfs, freebsd, pawel jakub dawidek
                            Files: PDF file (33 pages, 150 Kb)

                            A closer look at the ZFS file system simple administration, transactional semantics, end-to-end data integrity SUN's ZFS file system became part of FreeBSD on 6th April 2007. ZFS is a new kind of file system that provides simple administration, transactional semantics, end-to-end data integrity, and immense scalability. ZFS is not an incremental improvement to existing technology; it is a fundamentally new approach to data management. We've blown away 20 years of obsolete assumptions, eliminated complexity at the source, and created a storage system that's actually a pleasure to use. ZFS presents a pooled storage model that completely eliminates the concept of volumes and the associated problems of partitions, provisioning, wasted bandwidth and stranded storage. Thousands of file systems can draw from a common storage pool, each one consuming only as much space as it actually needs. The combined I/O bandwidth of all devices in the pool is available to all filesystems at all times. All operations are copy-on-write transactions, so the on-disk state is always valid. There is no need to fsck(1M) a ZFS file system, ever. Every block is checksummed to prevent silent data corruption, and the data is self-healing in replicated (mirrored or RAID) configurations. If one copy is damaged, ZFS detects it and uses another copy to repair it.

                          • Rafal Jaworowski - Interfacing embedded FreeBSD with U-Boot
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, embedded, freebsd, u-boot, rafal jaworowski
                            Files: PDF file (26 pages, 300 Kb)

                            Interfacing embedded FreeBSD with U-Boot Working with the de facto standard for an initial level boot loader In the embedded world U-Boot is a de facto standard for an initial level boot loader (firmware). It runs on a great number of platforms and architectures, and is open source. This talk covers the development work on integrating FreeBSD with U-Boot-based systems. Starting with an overview of differences between booting an all-purpose desktop computer vs. embedded system, FreeBSD booting concepts are explained along with requirements for the underlying firmware. Historical attempts to interface FreeBSD with this firmware are mentioned and explanation given on why they failed or proved incomplete. Finally, the recently developed approach to integrate FreeBSD and U-Boot is presented, with implementation details and particular attention on how it's been made architecture and platform independent, and how loader(8) has been bound to it.

                          • John Baldwin - Introduction to Debugging the FreeBSD Kernel
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, paper, debugging, freebsd, john baldwin
                            Files: slides, PDF file (26 pages, 113 Kb), paper, PDF file (15 pages, 121 Kb)

                            Introduction to Debugging the FreeBSD Kernel Just like every other piece of software, the FreeBSD kernel has bugs. Debugging a kernel is a bit different from debugging a userland program as there is nothing underneath the kernel to provide debugging facilities such as ptrace() or procfs. This paper will give a brief overview of some of the tools available for investigating bugs in the FreeBSD kernel. It will cover the in-kernel debugger DDB and the external debugger kgdb which is used to perform post-mortem analysis on kernel crash dumps. Introduction to Debugging the FreeBSD Kernel Basic crash messages, what a crash looks like typical panic() invocation page fault example "live" debugging with DDB stack traces ps deadlock examples show lockchain show sleepchain Adding new DDB commands KGDB inspecting processes and threads working with kernel modules using scripts to extend examining crashdumps using utilities ps, netstat, etc. debugging strategies kernel crashes system hangs

                          • John Birrell - DTrace for FreeBSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, dtrace, freebsd, john birrell
                            Files: PDF file (49 pages, 148 Kb)

                            DTrace for FreeBSD What on earth is that system doing?! DTrace is a comprehensive dynamic tracing facility originally developed for Solaris that can be used by administrators and developers on live production systems to examine the behavior of both user programs and of the operating system itself. DTrace enables users to explore their system to understand how it works, track down performance problems across many layers of software, or locate the cause of aberrant behavior. DTrace lets users create their own custom programs to dynamically instrument the system and provide immediate, concise answers to arbitrary questions you can formulate using the DTrace D programming language. This talk discusses the port of the DTrace facility to FreeBSD and demonstrates examples on a live FreeBSD system. Introduction to the D language - probes, predicates and actions. dtrace(8) and libdtrace - the userland side of the DTrace story. The DTrace kernel module, it's ioctl interface to userland and the provider infrastructure in the kernel. DTrace kernel hooks and the problem of code licensed under Sun's CDDL. What does a DTrace probe actually do? DTrace safety and how it is implemented. Build system changes to add CTF (Compact C Type Format) data to objects, shared libraries and executables. The DTrace test suite. A brief list of things to do to port the DTrace facility to other BSD-derived operating systems.

                          • Matthieu Herrb - X.org
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, x.org, matthieu herrb
                            Files: PDF file (30 pages, 1.6 Mb)

                            X.org upcoming plans The X.Org project provides an open source implementation of the X Window System. The development work is being done in conjunction with the freedesktop.org community. The X.Org Foundation is the educational non-profit corporation whose Board serves this effort, and whose Members lead this work. The X window system has been changing a lot in the recent years, and still changing. This talk will present this evolution, summarizing what has already been done and showing the current roadmap for future evolutions, with some focus on how *BSD kernels can be affected by the developments done with Linux as the primary target.

                          • Adrian Chad - What Not To Do When Writing Network Applications
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, network applications, adrian chad
                            Files: PDF file (73 pages, 190 Kb)

                            What Not To Do When Writing Network Applications The lessons learnt working with not-so-high-performance network applications This talk will look at issues which face the modern network application developer, from the point of view of poorly-designed examples. This will cover internal code structure and dataflow, interaction with the TCP stack, IO scheduling in high and low latency environments and high-availability considerations. In essence, this presentation should be seen as a checklist of what not to do when writing network applications. Plenty of examples of well designed network applications exist in the open and closed source world today. Unfortunately there are just as many examples of fast network applications as there are "fast but workload specific"; sometimes failing miserably in handling the general case. This may be due to explicit design (eg Varnish) but many are simply due to the designer not fully appreciating the wide variance in "networks" - and their network application degrades ungracefully when under duress. My aim in this presentation is to touch on a wide number of issues which face network application programmers - most of which seem not "application related" to the newcomer - such as including pipelining into network communication, managing a balance between accepting new requests and servicing existing requests, or providing back-pressure to a L4 loadbalancer in case of traffic bursts. Various schemes for working with these issues will be presented, and hopefully participants will walk away with more of an understanding about how the network, application and operating systems interact.

                          • Brooks Davis - Using FreeBSD to Promote Open Source Development Methods
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, abstract, software development, brooks davis
                            Files: PDF file (2 pages, 72 Kb), PDF file (33 pages, 1 Mb)

                            Using FreeBSD to Promote Open Source Development Methods In this talk we present Aerosource, an initiative to bring Open Source Software development methods to internal software developers at The Aerospace Corporation. Within Aerosource, FreeBSD is used in several key roles. First, we run most of our tools on top of FreeBSD. Second, the ports collection (both official ports and custom internal ones) eases our administrative burden. Third, the FreeBSD project serves as an example and role model for the results that can be achieved by an Open Source Software projects. We discuss the development infrastructure we have built for Aerosource based largely on BSD licensed software including FreeBSD, PostgreSQL, Apache, and Trac. We will also discuss our custom management tools including our system for managing our custom internal ports. Finally, we will cover our development successes and how we use projects like FreeBSD as exemplars of OSS development.

                          • Randall Stewart - SCTP what it is and how to use it
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, abstract, freebsd, sctp, randall stewart
                            Files: PDF file (10 pages, 130 Kb)

                            SCTP - SCTP what it is and how to use it This talk will introduce the attendee into the interesting world of SCTP. We will first discuss the new and different features that SCTP (a new transport in FreeBSD 7.0) provide to the user. Then we will shift gears and discuss the extended socket API that is available to SCTP users and will cover such items as: The two socket programming models Extended system calls that support the SCTP feature set. What model may fit you best

                          • Rafal Jaworowski - Porting FreeBSD/ARM to Marvell Orion System-On-Chip
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, freebsd, arm, marvell orion, rafal jaworowski
                            Files: PDF file (25 pages, 193 Kb)

                            Porting FreeBSD/ARM to Marvell Orion System-On-Chip This talk covers the development work on porting the FreeBSD/ARM to Marvell Orion family of highly integrated chips. ARM architecture is widely adopted in the embedded devices, and since the architecture can be licensed, many implementation variations exist: Orion is a derivative compliant with the ARMv5TE definition, it provides a rich set of on-chip peripherals. Present state of the FreeBSD support for ARM is explained, areas for improvement highlighted and its overall shape and condition presented. The main discussion covers scope of the Orion port (what integrated peripherals required new development, what was adapted from existing code base); design decisions are explained for the most critical items, and implementation details revealed. Summary notes are given on general porting methodology, debugging techniques and difficulties encountered during such undertaking.

                          • Dan Langille - BSDCan 2008 - Opening session
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, dan langille
                            Files: PDF file (17 pages, 500 Kb)

                            Opening session Welcome to BSDCan 2008 Traditional greetings

                          • BSDCan-2007 - Videos
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-08-24
                            Tags: bsdcan, bsdcan2007, talks, kirk mckusick
                            Files: MOV file (35 minutes, 77 Mb)

                            The 2007 BSDCan conference Kirk McKusick - Code Reading of Locally-Connected Sockets

                          • BSDCan-2007 - Videos
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-08-14
                            Tags: bsdcan, bsdcan2007, talks, erwin lansing, ports
                            Files: MOV file (20 minutes, 39 Mb)

                            The 2007 BSDCan conference Erwin Lansing - The state of the FreeBSD Ports Tree

                          • BSDCan-2007 Videos
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-08-13
                            Tags: bsdcan, bsdcan2007, talks
                            Files: MOV file (9 minutes, 16 Mb)

                            The 2007 BSDCan conference - Introduction of people.

                          • BSDCan-2007 - Videos
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-08-13
                            Tags: bsdcan, bsdcan2007, talks, kris kennaway, scalability
                            Files: MOV file (73 minutes, 148 Mb)

                            The 2007 BSDCan conference Kris Kennaway - Scalability Update 2007 Progress on FreeBSD SMP performance and scalablity since BSDCan Dev Summit 2006

                          • BSDCan-2007 - Videos
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-08-13
                            Tags: bsdcan, bsdcan2007, talks, qing li, routing arp and nd6
                            Files: MOV file (30 minutes, 63 Mb)

                            The 2007 BSDCan conference Qing Li - Routing, ARP and ND6

                          • BSDCan-2007 - Videos
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-08-13
                            Tags: bsdcan, bsdcan2007, talks, marko zec, vimage
                            Files: MOV file (20 minutes, 44 Mb)

                            The 2007 BSDCan conference Marko Zec explains the vimage architecture

                          • BSDCan-2007 - Videos
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-08-13
                            Tags: bsdcan, bsdcan2007, talks, max laier, ipf
                            Files: MOV file (30 minutes, 52 Mb)

                            The 2007 BSDCan conference Max Laier - PFIL, firewalls and locking

                          • BSDCan-2007 Photos
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-05-18
                            Tags: bsdcan, bsdcan2007, photos, ollivier robert

                            Photos taken during both DevSummit and Conference at BSDCan 2007 in Ottawa by Ollivier Robert.

                          • BSDCan-2007 Photos - Friday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-05-19
                            Tags: bsdcan, bsdcan2007, photos, diane bruce

                            Photos taken during both DevSummit and Conference on Friday at BSDCan 2007 in Ottawa by Diane Bruce.

                          • BSDCan-2007 Photos - Saturday
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-05-20
                            Tags: bsdcan, bsdcan2007, photos, diane bruce

                            Photos taken during both DevSummit and Conference on Saturday at BSDCan 2007 in Ottawa by Diane Bruce.

                          • BSDCan-2007 Photos - Scott Murphy
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-05-24
                            Tags: bsdcan, bsdcan2007, photos, scott murphy

                            Photos taken at BSDCan 2007 by Scott Murphy

                          • BSDCan-2007 Photos - Bjoern A. Zeeb
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-05-24
                            Tags: bsdcan, bsdcan2007, photos, bjoern a zeeb

                            Photos taken at BSDCan 2007 by Bjoern A. Zeeb

                          • BSDCan-2007 Photos - Randi Harper
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-05-24
                            Tags: bsdcan, bsdcan2007, photos, randi harper, freebsdgirl

                            Photos taken at BSDCan 2007 by Randi Harper

                          • BSDCan-2007 Photos - Dru Lavigne
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-05-24
                            Tags: bsdcan, bsdcan2007, photos, dru lavigne

                            Photos taken at BSDCan 2007 by Dru Lavigne

                          • The FreeBSD Security Officer function
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-05-20
                            Tags: bsdcan, bsdcan2007, pdf, freebsd, security officer, simon l nielsen
                            Files: PDF version (252 Kb, 29 pages)

                            "FreeBSD Security Officer function" at BSDCAN 2007 by Simon L. Nielsen (FreeBSD Deputy Security Officer)

                          • FreeBSD Portsnap
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2007-05-20
                            Tags: bsdcan, bsdcan2007, pdf, portsnap, freebsd, colin percival
                            Files: PDF version (1.3 Mb, 88 pages)

                            "FreeBSD Portsnap - What (it is), Why (it was written), and How (it works)" by Colin Percival (cperciva@FreeBSD.org) (Note: use ^L to get back in non-fullscreen mode)

                          bsdcan2004

                          bsdcan2006

                          bsdcan2007

                          bsdcan2008

                          • Michael W. Lucas
                            Source: bsdtalk
                            Added: 2008-06-15
                            Tags: bsdtalk, interview, bsdcan2008, michael lucas
                            Files: MP3 version (6 Mb, 12 minutes), Ogg version (12 minutes)

                            Interview with Michael W. Lucas at BSDCan 2008. We talk about some of his books and strategies for writing technical publications.

                          • A Few FreeBSD Core Team Members
                            Source: bsdtalk
                            Added: 2008-06-05
                            Tags: bsdtalk, interview, bsdcan2008, freebsd core, warner losh, george neville-neil murray stokely, hiroki sato, robert watson, brooks davis, philip paeps
                            Files: MP3 version (12 Mb, 26 minutes), Ogg version (26 minutes)

                            An interview with a few of the FreeBSD Core Team members: Warner Losh, George V. Neville-Neil, Murray Stokeley, Hiroki Sato, Robert Watson, Brooks Davis, and Philip Paeps. The interview was recorded at BSDCan2008 in Ottawa, Cananda.

                          • Sean Cody from Frantic Films VFX
                            Source: bsdtalk
                            Added: 2008-05-31
                            Tags: bsdtalk, interview, bsdcan2008, frantic films, sean cody
                            Files: MP3 version (6 Mb, 13 minutes), Ogg version (13 minutes)

                            Interview with Sean Cody at BSDCan2008. We talk about his use of BSD at a visual effects studio.

                          • Dan Langille
                            Source: bsdtalk
                            Added: 2008-03-22
                            Tags: bsdtalk, interview, afilias, bsdcan2008, dan langille
                            Files: MP3 version (10 Mb, 22 minutes), Ogg version (22 minutes)

                            Interview with Dan Langille. We talk about his new job with Afilias, and BSDCan 2008.

                          • Daniel Braniss
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-28
                            Tags: bsdcan, bsdcan2008, presentation, iscsi, daniel braniss
                            Files: PDF file (30 pages, 1.4 Mb)

                            iSCSI not an Apple appliance. iSCSI is not an Apple appliance. The i in iSCSI stands for internet, some say for insecure, personally I like to think interesting. I'll try to share the road followed from RFC-3720 to the actual working driver, the challenges, the frustrations.

                          • Scott Ullrich, Chris Buechler - pfSense Tutorial
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-28
                            Tags: bsdcan, bsdcan2008, tutorial, freebsd, pfsense, scott ullrich, chris buechler
                            Files: PDF file (91 pages, 4.1 Kb)

                            pfSense Tutorial From Zero to Hero with pfSense pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices. This tutorial is being presented by the founders of the pfSense project, Chris Buechler and Scott Ullrich. The session will start with an introduction to the project, hardware sizing and selection, installation, firewalling concepts and basic configuration, and continue to cover all the most popular features of the system. Common usage scenarios, deployment considerations, step by step configuration guidance, and best practices will be covered for each feature. Most configurations will be demonstrated in a live lab environment. Attendees are assumed to have basic knowledge of TCP/IP and firewalling concepts, however no in-depth knowledge in these areas or prior knowledge of pfSense or FreeBSD is necessary.

                          • Bjoern A. Zeeb - BSDCan08 devsummit summary
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-28
                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, writeup, bjoern a zeeb

                            200805DevSummit - BSDCan 2008 FreeBSD Developer summit summary

                          • Rafal Jaworowski - FreeBSD Embedded Report
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, embedded, rafal jaworowski
                            Files: PDF file (6 pages, 58 Kb)

                            FreeBSD Embedded Report

                          • Robert Watson - TCP SMP Scalability
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, smp, robert watson
                            Files: PDF file (8 pages, 70 Kb)

                            TCP SMP Scalability

                          • Erwin Lansing - What's happening in the world of ports and portmgr
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-24
                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, portmgr, erwin lansing
                            Files: PDF file (14 pages, 146 Kb)

                            What's happening in the world of ports and portmgr

                          • Kern Sibbald - Bacula
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, bacula, kern sibbald
                            Files: PDF file (30 pages, 505 Kb)

                            Bacula The Open Source Enterprise Backup Solution The Bacula project started in January 2000 with several goals, one of which was the ability to backup any client from a Palm to a mainframe computer. Bacula is available under a GPL license. Bacula uses several distinct components, each communicating via TCP/IP, to achieve a very scalable and robust solution to backups. Kern is one of the original project founders and still one of the most productive Bacula developers.

                          • Warner Losh - FreeBSD/mips
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, freebsd, mips, embedded, warner losh
                            Files: PDF file (19 pages, 1.3 Mb)

                            FreeBSD/mips Embedding FreeBSD FreeBSD now runs on the MIPS platform. FreeBSD/mips supports MIPS-32 and MIPS-64 targets, including SMP for multicore support. FreeBSD/mips is targeted at the embedded MIPS marketplace. FreeBSD has run on the MIPS platform for many years. Juniper ported FreeBSD to the Mips platform in the late 1990's. However, concern about intellectual property issues kept Juniper from contributing the port back to FreeBSD until recently. The contributed port was a 64-bit mips port. In the mean time, many efforts were made to bring FreeBSD to the mips platform. The first substantial effort to bring FreeBSD to the Mips platform was done by Juli Mallet. This effort made it to single user, but never further than that. This effort was abandoned due to a change in Juli's life. The port languished. Two years ago at BSDcan, as my involvement with FreeBSD/arm was growing, I tried to rally the troops into doing a FreeBSD/mips port. My efforts resulted in what has been commonly called the "mips2" effort. The name comes from the choice of //depot/projects/mips2 to host the work in perforce. A number of people worked on the earliest versions of the port, but it too languished and seemed destined to suffer the same fate as earlier efforts. Then, two individuals stood up and started working on the port. Wojciech A. Koszek and Oleksandr Tymoshenko pulled in code from the prior efforts. Through their efforts of stabilizing this code, the port to the single user stage and ported it to three different platforms. Others ported it to a few more. Snapshots of this work were released from time to time. Cavium Networks picked up one of these snapshots and ported it to their multicore mips64 network processor. Cavium has kindly donated much of their work to the comminuty. In December, I started at Cisco systems. My first job was to merge all the divergent variants of FreeBSD/mips and get it into shape to push into the tree. With luck, this should be in the tree before I give my talk. In parallel to this, other advances in the embedded support for FreeBSD have been happening as well. I'll talk about new device drivers, new subsystems, and new build tools that help to support the embedded developer.

                          • Kris Moore - Building self-contained PBIs from Ports (Automagically)
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, pc-bsd, ports, pbi, kris moore
                            Files: PDF file (26 pages, 120 Kb)

                            Building self-contained PBIs from Ports (Automagically) Creating a self-contained application from the ports tree PC-BSD provides a user-friendly desktop experience, for experts and casual users alike. PC-BSD is 100% FreeBSD under the hood, while providing desktop essentials, such as a graphical installation system, point-n-click package-management using the PBI system, and easy to use system management tools; All integrated into an easy to use K Desktop Environment (KDE). The PBI (Push Button Installer) format is the cornerstone of the PC-BSD desktop, which allows users to install applications in a self-contained format, free from dependency problems, and compile issues that stop most casual users from desktop adoption. The PBI format also provides power and flexibility in user interaction, and scripting support, which allows applications to be fine-tuned to the best possible user experience. This talk would go over in some detail our new PBI building system, which converts a FreeBSD port, such as FireFox, into a standalone self-contained PBI installer for PC-BSD desktops. The presentation will be divided into two main sections: The Push Button Installer (PBI) Format The basics of the PBI format The PBI format construction Add & Remove scripting support within PBI Building PBIs from Ports "Auto-magically" The PBI build server & standalone software Module creation & configuration Converting messy ports into PBIs

                          • John Pertalion - An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, openbsd, openvpn, john pertalion
                            Files: PDF file (26 pages, 127 Kb)

                            An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD Solving the problem At Appalachian State University, we utilize an open source VPN to allow faculty, staff and vendors secure access to Appalachian State University's internal network from any location that has an Internet connection. To implement our virtual private network project, we needed a secure VPN that is flexible enough to work with our existing network registration and LDAP authentication systems, has simple client installation, is redundant, allows multiple VPN server instances for special site-to-site tunnels and unique configurations, and can run on multiple platforms. Using OpenVPN running on OpenBSD, we met those requirements and added a distributed administration system that allows select users to allow VPN access to specific computers for external users and vendors without requiring intervention from our network or security personnel. Our presentation will start with a quick overview of OpenVPN and OpenBSD and then detail the specifics of our VPN implementation. Dissatisfied with IPSec for road warrior VPN usage we went looking for a better solution. We had hopped that we could find a solution that would run on multiple platforms, was flexible and worked well. We found OpenVPN and have been pleased. Initially we ran it on RHEL. We migrated to OpenBSD for pf functionality and general security concerns. ...and because we like OpenBSD. Our presentation will focus on the specifics of our VPN implementation. We will quickly cover the basics of OpenVPN and the most used features of OpenBSD. Moving along we will cover multiple authentication methods, redundancy, running multiple instances, integration with our netreg system, how pf has extended functionality, embedding in appliances, and client configuration. The system has proven helpful with providing vendor access where needed and we'll cover this aspect as well. Time permitting we will cover current enhancement efforts and future plans. OpenVPN has been called the "Swiss army knife" of VPN solutions. We hope our presentation leaves participants with that feeling.

                          • Ivan Voras - "finstall" - the new FreeBSD installer
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, freebsd, installer, ivan voras
                            Files: PDF file (39 pages, 1.1 Mb)

                            "finstall" - the new FreeBSD installer A graphical installer for FreeBSD The "finstall" project, sponsored by Google as a Summer of Code 2007 project, is an attempt to create a user-friendly graphical installer for FreeBSD, with enough strong technical features to appeal to the more professional users. A long term goal for it is to be a replacement for sysinstall, and as such should support almost all of the features present in sysinstall, as well as add support for new FreeBSD features such as GEOM, ZFS, etc. This talk will describe the architecture of "finstall" and focus on its lesser known features such as remote installation. "finstall" is funded by Google SoC as a possible long-term replacement for sysinstall, as a "LiveCD" with the whole FreeBSD base system on the CD, with X11 and XFCE4 GUI. In the talk I intend to describe what I did so far, and what are the future plans for it. This includes the installer GUI, the backend (which has the potential to become a generic FreeBSD configuration backend) and the assorted tools developed for finstall ("LiveCD" creation scripts). More information on finstall can be found here: http://wiki.freebsd.org/finstall.

                          • Poul-Henning Kamp - Measured (almost) does Air Traffic Control
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-26
                            Tags: bsdcan, bsdcan2008, slides, air traffic control, scada, poul-henning kamp
                            Files: PDF file (46 pages, 7.7 Mb)

                            Measured (almost) does Air Traffic Control Monitoring weird hardware reliably The new Danish Air Traffic Control system, CASIMO, prompted the development on a modular and general software platform for data collection, control and monitoring of "weird hardware" of all sorts. The talk will present the "measured" daemon, and detail some of the uses it has been put to, as an, admittedly peripheral, component of the ATC system. Many "SCADA" systems suffer from lack of usable interfaces for external access to the data. Measured takes the opposite point of view and makes real-time situation available, and accepts control instructions as ASCII text stream over TCP connections. Several examples of how this can be used will be demonstrated. Measured will run on any FreeBSD system, but has not been ported to other UNIX variants yet, and it is perfect for that "intelligent house" project of yours. I believe I gave a WIP presentation of this about two years ago.

                          • Chris Lattner - BSD licensed C++ compiler
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, bsdl, llvm, chris lattner
                            Files: PDF file (33 pages, 5.8 Mb)

                            BSD licensed C++ compiler LLVM is a suite of carefully designed open source libraries that implement compiler components (like language front-ends, code generators, aggressive optimizers, Just-In-Time compiler support, debug support, link-time optimization, etc.). The goal of the LLVM project is to build these components in a way that allows them to be combined together to create familiar tools (like a C compiler), interesting new tools (like an OpenGL JIT compiler), and many other things we haven't thought of yet. Because LLVM is under continuous development, clients of these components naturally benefit from improvements in the libraries. This talk gives an overview of LLVM's design and approach to compiler construction, and gives several example applications. It describes applications of LLVM technology to llvm-gcc (a C/C++/Objective C compiler based on the GNU GCC front-end), the OpenGL stack in Mac OS/X Leopard, and Clang. Among other things, the Clang+LLVM Compiler provides a fully BSD-Licensed C and Objective-C compiler (with C++ in development) which compiles code several times faster than GCC, produces code that is faster than GCC in many cases, produces better warnings and error messages, and supports many other applications (e.g. static analysis and refactoring).

                          • Robert Watson - BSDCan 2008 - Closing
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, robert watson
                            Files: PDF file (55 pages, 428 Kb)

                            Closing Beer, prizes, secrets, Works In Progress The traditional closing... with some new and interesting twists. Sleep in if you must, but don't miss this session.

                          • Leslie Hawthorn - Google SoC
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, google, summer of code, leslie hawthorn
                            Files: PDF file (44 pages, 2.2 Mb)

                            Google SoC Summer of Code In this talk, I will briefly discuss some general ways Google's Open Source Team contributes to the wider community. The rest of the talk will explore some highlights of the Google Summer of Code program, our initiative to get university students involved in Open Source development. I will cover the program's inception, lessons learned over time and tips for success in the program for both mentors and students. In particular, the talk will detail some experiences of the *BSD mentoring organizations involved in the program as a case study in successfully managing the program from the Open Source project's perspective. Any Google Summer of Code participants in the audience are welcome and encouraged to chime in with their own insights.

                          • Pawel Jakub Dawidek - A closer look at the ZFS file system
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, zfs, freebsd, pawel jakub dawidek
                            Files: PDF file (33 pages, 150 Kb)

                            A closer look at the ZFS file system simple administration, transactional semantics, end-to-end data integrity SUN's ZFS file system became part of FreeBSD on 6th April 2007. ZFS is a new kind of file system that provides simple administration, transactional semantics, end-to-end data integrity, and immense scalability. ZFS is not an incremental improvement to existing technology; it is a fundamentally new approach to data management. We've blown away 20 years of obsolete assumptions, eliminated complexity at the source, and created a storage system that's actually a pleasure to use. ZFS presents a pooled storage model that completely eliminates the concept of volumes and the associated problems of partitions, provisioning, wasted bandwidth and stranded storage. Thousands of file systems can draw from a common storage pool, each one consuming only as much space as it actually needs. The combined I/O bandwidth of all devices in the pool is available to all filesystems at all times. All operations are copy-on-write transactions, so the on-disk state is always valid. There is no need to fsck(1M) a ZFS file system, ever. Every block is checksummed to prevent silent data corruption, and the data is self-healing in replicated (mirrored or RAID) configurations. If one copy is damaged, ZFS detects it and uses another copy to repair it.

                          • Rafal Jaworowski - Interfacing embedded FreeBSD with U-Boot
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, embedded, freebsd, u-boot, rafal jaworowski
                            Files: PDF file (26 pages, 300 Kb)

                            Interfacing embedded FreeBSD with U-Boot Working with the de facto standard for an initial level boot loader In the embedded world U-Boot is a de facto standard for an initial level boot loader (firmware). It runs on a great number of platforms and architectures, and is open source. This talk covers the development work on integrating FreeBSD with U-Boot-based systems. Starting with an overview of differences between booting an all-purpose desktop computer vs. embedded system, FreeBSD booting concepts are explained along with requirements for the underlying firmware. Historical attempts to interface FreeBSD with this firmware are mentioned and explanation given on why they failed or proved incomplete. Finally, the recently developed approach to integrate FreeBSD and U-Boot is presented, with implementation details and particular attention on how it's been made architecture and platform independent, and how loader(8) has been bound to it.

                          • John Baldwin - Introduction to Debugging the FreeBSD Kernel
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, paper, debugging, freebsd, john baldwin
                            Files: slides, PDF file (26 pages, 113 Kb), paper, PDF file (15 pages, 121 Kb)

                            Introduction to Debugging the FreeBSD Kernel Just like every other piece of software, the FreeBSD kernel has bugs. Debugging a kernel is a bit different from debugging a userland program as there is nothing underneath the kernel to provide debugging facilities such as ptrace() or procfs. This paper will give a brief overview of some of the tools available for investigating bugs in the FreeBSD kernel. It will cover the in-kernel debugger DDB and the external debugger kgdb which is used to perform post-mortem analysis on kernel crash dumps. Introduction to Debugging the FreeBSD Kernel Basic crash messages, what a crash looks like typical panic() invocation page fault example "live" debugging with DDB stack traces ps deadlock examples show lockchain show sleepchain Adding new DDB commands KGDB inspecting processes and threads working with kernel modules using scripts to extend examining crashdumps using utilities ps, netstat, etc. debugging strategies kernel crashes system hangs

                          • John Birrell - DTrace for FreeBSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, dtrace, freebsd, john birrell
                            Files: PDF file (49 pages, 148 Kb)

                            DTrace for FreeBSD What on earth is that system doing?! DTrace is a comprehensive dynamic tracing facility originally developed for Solaris that can be used by administrators and developers on live production systems to examine the behavior of both user programs and of the operating system itself. DTrace enables users to explore their system to understand how it works, track down performance problems across many layers of software, or locate the cause of aberrant behavior. DTrace lets users create their own custom programs to dynamically instrument the system and provide immediate, concise answers to arbitrary questions you can formulate using the DTrace D programming language. This talk discusses the port of the DTrace facility to FreeBSD and demonstrates examples on a live FreeBSD system. Introduction to the D language - probes, predicates and actions. dtrace(8) and libdtrace - the userland side of the DTrace story. The DTrace kernel module, it's ioctl interface to userland and the provider infrastructure in the kernel. DTrace kernel hooks and the problem of code licensed under Sun's CDDL. What does a DTrace probe actually do? DTrace safety and how it is implemented. Build system changes to add CTF (Compact C Type Format) data to objects, shared libraries and executables. The DTrace test suite. A brief list of things to do to port the DTrace facility to other BSD-derived operating systems.

                          • Matthieu Herrb - X.org
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, x.org, matthieu herrb
                            Files: PDF file (30 pages, 1.6 Mb)

                            X.org upcoming plans The X.Org project provides an open source implementation of the X Window System. The development work is being done in conjunction with the freedesktop.org community. The X.Org Foundation is the educational non-profit corporation whose Board serves this effort, and whose Members lead this work. The X window system has been changing a lot in the recent years, and still changing. This talk will present this evolution, summarizing what has already been done and showing the current roadmap for future evolutions, with some focus on how *BSD kernels can be affected by the developments done with Linux as the primary target.

                          • Adrian Chad - What Not To Do When Writing Network Applications
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, network applications, adrian chad
                            Files: PDF file (73 pages, 190 Kb)

                            What Not To Do When Writing Network Applications The lessons learnt working with not-so-high-performance network applications This talk will look at issues which face the modern network application developer, from the point of view of poorly-designed examples. This will cover internal code structure and dataflow, interaction with the TCP stack, IO scheduling in high and low latency environments and high-availability considerations. In essence, this presentation should be seen as a checklist of what not to do when writing network applications. Plenty of examples of well designed network applications exist in the open and closed source world today. Unfortunately there are just as many examples of fast network applications as there are "fast but workload specific"; sometimes failing miserably in handling the general case. This may be due to explicit design (eg Varnish) but many are simply due to the designer not fully appreciating the wide variance in "networks" - and their network application degrades ungracefully when under duress. My aim in this presentation is to touch on a wide number of issues which face network application programmers - most of which seem not "application related" to the newcomer - such as including pipelining into network communication, managing a balance between accepting new requests and servicing existing requests, or providing back-pressure to a L4 loadbalancer in case of traffic bursts. Various schemes for working with these issues will be presented, and hopefully participants will walk away with more of an understanding about how the network, application and operating systems interact.

                          • Brooks Davis - Using FreeBSD to Promote Open Source Development Methods
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, abstract, software development, brooks davis
                            Files: PDF file (2 pages, 72 Kb), PDF file (33 pages, 1 Mb)

                            Using FreeBSD to Promote Open Source Development Methods In this talk we present Aerosource, an initiative to bring Open Source Software development methods to internal software developers at The Aerospace Corporation. Within Aerosource, FreeBSD is used in several key roles. First, we run most of our tools on top of FreeBSD. Second, the ports collection (both official ports and custom internal ones) eases our administrative burden. Third, the FreeBSD project serves as an example and role model for the results that can be achieved by an Open Source Software projects. We discuss the development infrastructure we have built for Aerosource based largely on BSD licensed software including FreeBSD, PostgreSQL, Apache, and Trac. We will also discuss our custom management tools including our system for managing our custom internal ports. Finally, we will cover our development successes and how we use projects like FreeBSD as exemplars of OSS development.

                          • Randall Stewart - SCTP what it is and how to use it
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, abstract, freebsd, sctp, randall stewart
                            Files: PDF file (10 pages, 130 Kb)

                            SCTP - SCTP what it is and how to use it This talk will introduce the attendee into the interesting world of SCTP. We will first discuss the new and different features that SCTP (a new transport in FreeBSD 7.0) provide to the user. Then we will shift gears and discuss the extended socket API that is available to SCTP users and will cover such items as: The two socket programming models Extended system calls that support the SCTP feature set. What model may fit you best

                          • Rafal Jaworowski - Porting FreeBSD/ARM to Marvell Orion System-On-Chip
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, freebsd, arm, marvell orion, rafal jaworowski
                            Files: PDF file (25 pages, 193 Kb)

                            Porting FreeBSD/ARM to Marvell Orion System-On-Chip This talk covers the development work on porting the FreeBSD/ARM to Marvell Orion family of highly integrated chips. ARM architecture is widely adopted in the embedded devices, and since the architecture can be licensed, many implementation variations exist: Orion is a derivative compliant with the ARMv5TE definition, it provides a rich set of on-chip peripherals. Present state of the FreeBSD support for ARM is explained, areas for improvement highlighted and its overall shape and condition presented. The main discussion covers scope of the Orion port (what integrated peripherals required new development, what was adapted from existing code base); design decisions are explained for the most critical items, and implementation details revealed. Summary notes are given on general porting methodology, debugging techniques and difficulties encountered during such undertaking.

                          • Dan Langille - BSDCan 2008 - Opening session
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, dan langille
                            Files: PDF file (17 pages, 500 Kb)

                            Opening session Welcome to BSDCan 2008 Traditional greetings

                          bsdcan2009

                          • Chris Buechler and Scott Ullrich - pfSense: 2.0 and beyond
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, pfsense, chris buechler, scott ullrich
                            Files: Slides (36 pages, 3.2 Mb)

                            pfSense: 2.0 and beyond From firewall distribution to appliance building platform pfSense is a BSD licensed customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. This session will start with an introduction to the project and its common uses, which have expanded considerably beyond firewalling. We will cover much of the new functionality coming in the 2.0 release, which contains significant enhancements to nearly every portion of the system as well as numerous new features. While the primary function of the project is a firewalling and routing platform, with changes coming in pfSense 2.0, it has also become an appliance building framework enabling the creation of customized special purpose appliances. The m0n0wall code where pfSense originated has proved popular for this purpose, with AskoziaPBX and FreeNAS also based upon it, in addition to a number of commercial solutions. The goal of this appliance building framework is to enable creation of projects such as these without having to fork and maintain another code base. The existing appliances, including a DNS server using TinyDNS, VoIP with FreeSWITCH, and others will be discussed. For those interested in creating appliances, an overview of the process will be provided along with references for additional information.

                          • Luigi Rizzo - GEOM based disk schedulers for FreeBSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
                            Files: Slides (40 pages, 430 Kb)

                            GEOM based disk schedulers for FreeBSD The high cost of seek operations makes the throughput of disk devices very sensitive to the offered workload. A disk scheduler can then help reorder requests to improve the overall throughput of the device, or improve the service guarantees for individual users, or both. Research results in recent years have introduced, and proven the effectiveness of, a technique called "anticipatory scheduling". The basic idea behind this technique is that, in some cases, requests that cause a seek should not be served immediately; instead, the scheduler should wait for a short period of time in case other requests arrive that do not require a seek to be served. With many common workloads, dominated by sequential synchronous requests, the potential loss of throughput caused by the disk idling times is more than balanced by the overall reduction of seeks. While a fair amount of research on disk scheduling has been conducted on FreeBSD, the results were never integrated in the OS, perhaps because the various prototype implementations were very device-specific and operated within the device drivers. Ironically, anticipatory schedulers are instead a standard part of Linux kernels. This talk has two major contributions: First, we will show how, thanks to the flexibility of the GEOM architecture, an anticipatory disk scheduling framework has been implemented in FreeBSD with little or no modification to a GENERIC kernel. While these schedulers operate slightly above the layer where one would naturally put a scheduler, they can still achieve substantial performance improvements over the standard disk scheduler; in particular, even the simplest anticipatory schedulers can prevent the complete trashing of the disk performance that often occurs in presence of multiple processes accessing the disk. Secondly, we will discuss how the basic anticipatory scheduling technique can be used not only to improve the overall throughput of the disk, but also to give service guarantees to individual disk clients, a feature that is extremely important in practice e.g., when serving applications with pseudo-real-time constraints such as audio or video streaming ones. A prototype implementation of the scheduler that will be covered in the presentation is available at http://info.iet.unipi.it/~luigi/FreeBSD/

                          • Constantine A. Murenin - Quiet Computing with BSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, openbsd, hardware sensors, constantine murenin
                            Files: Slides (16 pages, 264 Kb)

                            Quiet Computing with BSD Programming system hardware monitors for quiet computing In this talk, we will present a detailed overview of the features and common problems of microprocessor system hardware monitors as they relate to the topic of silent computing. In a nutshell, the topic of programmable fan control will be explored. Silent computing is an important subject as its practice reduces the amount of unnecessary stress and improves the motivation of the workforce, at home and in the office. Attendees will gain knowledge on how to effectively programme the chips to minimise fan noise and avoid system failure or shutdown during temperature fluctuations, as well as some basic principles regarding quiet computing. Shortly before the talk, a patch for programming the most popular chips (like those from Winbond) will be released for the OpenBSD operating system, although the talk itself will be more specific to the microprocessor system hardware monitors themselves, as opposed to the interfacing with thereof in modern operating systems like OpenBSD, NetBSD, DragonFly BSD and FreeBSD.

                          • Fernando Gont - Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, bsd, security assessment, fernado gont
                            Files: Proposal (3 pages, 93 Kb), Security Assessment of the Internet Protocol (63 pages, 660 Kb), Security Assessment of the Transmission Control Protocol (TCP) (130 pages, 1.4 Mb), Slides (64 pages, 473 Kb)

                            Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies Fernando Gont will present the results of security assessment of the TCP and IP protocols carried out on behalf of the United Kingdom's Centre for the Protection of National Infrastructure (Centre for the Protection of National Infrastructure). His presentation will provide an overview of the aforementioned project, and will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems with respect to the aforementioned issues. During the last twenty years, many vulnerabilities have been identified in the TCP/IP stacks of a number of systems. The discovery of these vulnerabilities led in most cases to reports being published by a number of CSIRTs and vendors, which helped to raise awareness about the threats and the best possible mitigations known at the time the reports were published. For some reason, much of the effort of the security community on the Internet protocols did not result in official documents (RFCs) being issued by the organization in charge of the standardization of the communication protocols in use by the Internet: the Internet Engineering Task Force (IETF). This basically led to a situation in which "known" security problems have not always been addressed by all vendors. In addition, in many cases vendors have implemented quick "fixes" to the identified vulnerabilities without a careful analysis of their effectiveness and their impact on interoperability. As a result, producing a secure TCP/IP implementation nowadays is a very difficult task, in large part because of the hard task of identifying relevant documentation and differentiating between that which provides correct advisory, and that which provides misleading advisory based on inaccurate or wrong assumptions. During 2006, the United Kingdom's Centre for the Protection of National Infrastructure embarked itself in an ambitious and arduous project: performing a security assessment of the TCP and IP protocols. The project did not limit itself to an analysis of the relevant IETF specifications, but also included an analysis of common implementation strategies found in the most popular TCP and IP implementations. The result of the project was a set of documents which identifies possible threats for the TCP and IP protocols and, where possible, proposes counter-measures to mitigate the identified threats. This presentation will will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems.

                          • Randi Harper - Automating FreeBSD Installations
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, pxe, sysinstall, randi harper
                            Files: Slides (14 pages, 33 Kb)

                            Automating FreeBSD Installations PXE Booting and install.cfg Demystified This paper will provide an explanation of the tools involved in performing an automated FreeBSD install and a live demonstration of the process. FreeBSD's sysinstall provides a powerful and flexible mechanism for automated installs but doesn't get used very often because of a lack of documentation.

                          • Brooks Davis - Isolating Cluster Jobs for Performance and Predictability
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, cluster, brooks davis
                            Files: Slides (27 pages, 1.4 Mb)

                            Isolating Cluster Jobs for Performance and Predictability At The Aerospace Corporation, we run a large FreeBSD based computing cluster to support engineering applications. These applications come in all shapes, sizes, and qualities of implementation. To support them and our diverse userbase we have been searching for ways to isolate jobs from one another in ways that are more effective than Unix time sharing and more fine grained than allocating whole nodes to jobs. In this talk we discuss the problem space and our efforts so far. These efforts include implementation of partial file systems virtualization and CPU isolation using CPU sets.

                          • John Baldwin - Multiple Passes of the FreeBSD Device Tree
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, device tree, john baldwin
                            Files: Paper (8 pages, 103 Kb), Slides (15 pages, 60 Kb)

                            Multiple Passes of the FreeBSD Device Tree The existing device driver framework in FreeBSD works fairly well for many tasks. However, there are a few problems that are not easily solved with the current design. These problems include having "real" device drivers for low-level hardware such as clocks and interrupt controllers, proper resource discovery and management, and allowing most drivers to always probe and attach in an environment where interrupts are enabled. I propose extending the device driver framework to support multiple passes over the device tree during boot. This would allow certain classes of drivers to be attached earlier and perform boot-time setup before other drivers are probed and attached. This in turn can be used to develop solutions to the earlier list of problems.

                          • Colin Percival - scrypt: A new key derivation function
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, scrypt, colin percival
                            Files: Paper (16 pages, 201 Kb), Slides (21 pages, 556 Kb)

                            scrypt: A new key derivation function Doing our best to thwart TLAs armed with ASICs Password-based key derivation functions are used for two primary purposes: First, to hash passwords so that an attacker who gains access to a password file does not immediately possess the passwords contained therewithin; and second, to generate cryptographic keys to be used for encrypting or authenticating data. In both cases, if passwords do not have sufficient entropy, an attacker with the relevant data can perform a brute force attack, hashing potential passwords repeatedly until the correct key is found. While commonly used key derivation functions, such as Kamp's iterated MD5, Provos and Mazieres' bcrypt, and RSA Laboratories' PBKDF1 and PBKDF2 make an attempt to increase the difficulty of brute-force attacks, they all require very little memory, making them ideally suited to attack by custom hardware. In this talk, I will introduce the concepts of memory-hard and sequential memory-hard functions, and argue that key derivation functions should be sequential memory-hard. I will present a key derivation function which, subject to common assumptions about cryptographic hash functions, is provably sequential memory-hard, and a variation which appears to be stronger (but not provably so). Finally, I will provide some estimates of the cost of performing brute force attacks on a variety of password strengths and key derivation functions.

                          • George Neville-Neil - Thinking about thinking in code
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, keynote, bsd, george neville-neil
                            Files: Slides (137 pages, 4.0 Mb)

                            Thinking about thinking in code Proposed keynote talk This is not a talk that's specific to any BSD but is a more general talk about how we think about coding and how our thinking changes the way we code. I compare how we built systems to how other industries build their products and talk about what we can learn from how we work and from how others work as well.

                          • Stephen Borrill - Building products with NetBSD - thin-clients
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, netbsd, thin client, stephen borrill
                            Files: Slides (60 pages, 499 Kb)

                            Building products with NetBSD - thin-clients NetBSD: delivering the goods This talk will discuss what thin-clients are, why they are useful and why NetBSD is good choice to build such a device. This talk will provide information on some alternatives and the strengths and weaknesses of NetBSD when used in such a device. It will discuss problems that needed to be addressed such as how to get a device with rich functionality running from a small amount of flash storage, as well as recent developments in NetBSD that have helped improve the product.

                          • Cat Allman and Leslie Hawthorn - Getting Started in Free and Open Source
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, getting started, cat allman, leslie hawthorn
                            Files: Slides (25 pages, 893 Kb)

                            Getting Started in Free and Open Source Interested in getting involved? But don't really know where or how to start? The talk is called "Getting Started in Free and Open Source". It's a talk for beginners who are interested to getting involved but don't really know where or how to start. We cover the basics of: -why you might want to get involved -what you can get out of participating -more than coding is needed -how to chose a project -how to get started -etiquette of lists and other communication -dos and don't of joining a community

                          • Warner Losh - Tracking FreeBSD in a commercial Environment
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, commercial environment, waner losh
                            Files: Slides (10 pages, 104 Kb), Paper (45 pages, 624 Kb)

                            Tracking FreeBSD in a commercial Environment How to stay current while staying sane The FreeBSD project publishes two lines of source code: current and stable. All changes must first be committed to current and then are merged into stable. Commercial organizations wishing to use FreeBSD in their products must be aware of this policy. Four different strategies have developed for tracking FreeBSD over time. A company can choose to run only unmodified release versions of FreeBSD. A company may choose to import FreeBSD's sources once and then never merge newer versions. A company can choose to import each new stable branch as it is created, adding its own changes to that branch, as well as integrating new versions from FreeBSD from time to time. A company can track FreeBSD's current branch, adding to it their changes as well as newer FreeBSD changes. Which method a company chooses depends on the needs of the company. These methods are explored in detail, and their advantages and disadvantages are discussed. Tracking FreeBSD's ports and packages is not discussed. Companies building products based upon FreeBSD have many choices in how to use the projects sources and binaries. The choices range from using unmodified binaries from FreeBSD's releases, to tracking modify FreeBSD heavily and tracking FreeBSD's evolution in a merged tree. Some companies may only need to maintain a stable version of FreeBSD with more bug fixes or customizations than the FreeBSD project wishes to place in that branch. Some companies also wish to contribute some subset of their changes back to the FreeBSD project. FreeBSD provides an excellent base technology with which to base products. It is a proven leader in performance, reliability and scalability. The technology also offers a very business friendly license that allows companies to pick and choose which changes they wish to contribute to the community rather than forcing all changes to be contributed back, or attaching other undesirable license conditions to the code. However, the FreeBSD project does not focus on integration of its technology into customized commercial products. Instead, the project focuses on producing a good, reliable, fast and scalable operating system and associated packages. The project maintains two lines of development. A current branch, where the main development of the project takes place, and a stable branch which is managed for stability and reliability. While the project maintains documentation on the system, including its development model, relatively little guidance has been given to companies in how to integrate FreeBSD into their products with a minimum of trouble. Developing a sensible strategy to deal with both these portions of FreeBSD requires careful planning and analysis. FreeBSD's lack of guidelines to companies leaves it up to them to develop a strategy. FreeBSD's development model differs from some of the other Free and Open Source projects. People familiar with those systems often discover that methods that were well suited to them may not work as well with FreeBSD's development model. These two issues cause many companies to make poor decisions without understanding the problems that lie in their future. Very little formal guidance exists for companies wishing to integrate FreeBSD into their products. Some email threads can be located via a Google search that could help companies, but many of them are full of contradictory information, and it is very disorganized. While the information about the FreeBSD development process is in the FreeBSD handbook, the implications of that process for companies integrating FreeBSD into their products are not discussed.

                          • Kris Moore - PC-BSD - Making FreeBSD on the desktop a reality
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, pc-bsd, freebsd, kris moore
                            Files: Slides (35 pages, 512 Kb), Paper (9 pages, 351 Kb)

                            PC-BSD - Making FreeBSD on the desktop a reality FreeBSD on the Desktop While FreeBSD is a all-around great operating system, it is greatly lagging behind in desktop appeal. Why is this? In this talk, we will take a look at some of the desktop drawbacks of FreeBSD, and how are are attempting to fix them through PC-BSD. FreeBSD has a reputation for its rock-solid reliability, and top-notch performance in the server world, but is noticeably absent when it comes to the vast market of desktop computing. Why is this? FreeBSD offers many, if not almost all of the same open-source packages and software that can be found in the more popular Linux desktop distributions, yet even with the speed and reliability FreeBSD offers, a relative few number of users are deploying it on their desktops. In this presentation we will take a look at some of the reasons why FreeBSD has not been as widely adopted in the desktop market as it has on the server side. Several of the desktop weaknesses of FreeBSD will be shown, along with how we are trying to fix these short-comings through a desktop-centric version of FreeBSD, known as PC-BSD. We will also take a look at the package management system employed by all open-source operating systems alike, and some of the pitfalls it brings, which may hinder widespread desktop adoption.

                          • Sean Bruno - Implementation of TARGET_MODE applications
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, firewire, sean bruno
                            Files: Slides (22 pages, 72 Kb)

                            Implementation of TARGET_MODE applications How we used TARGET_MODE in the kernel to create and interesting product This presentation will cover a real world implementation of the TARGET_MODE infrastructure in the kernel (stable/6). Topics to include: drivers used (isp, aic7xxx, firewire). scsi_target userland code vs kernel drivers missing drivers (4/8G isp support, iSCSI target) Target Mode describes a feature within certain drivers that allows a FreeBSD system to emulate a Target in the SCSI sense of the word. By recompiling your kernel with this feature enabled, it permits one to turn a FreeBSD system into an external hard disk. This feature of the FreeBSD kernel provides many interesting implementations and is highly desirable to many organizations whom run FreeBSD as their platform. I have been tasked with the maintenance of a proprietary target driver that interfaces with the FreeBSD kernel to do offsite data mirroring at the block level. This talk will discuss the implementation of that kernel mode driver and the process my employer went through to implement a robust and flexible appliance. Since I took over the implementation, we have implemented U160 SCSI(via aic7xxx), 2G Fibre Channel(via isp) and Firewire 400 (via sbp_targ). Each driver has it's own subtleties and requirements. I personally enhanced the existing Firewire target driver and was able to get some interesting results. I hope to demonstrate a functional Firewire 400/800 target and show how useful this application can be for the embedded space. Also, I wish to demonstrate the need for iSCSI. USB and 4/8G Fibre Channel target implementations that use the TARGET_MODE infrastructure that is currently in place to allow others to expand their various interface types. The presentation should consist of a high level overview, followed by detailed implementation instructions with regards to the Firewire implementation and finish up with a hands-on demonstration with a FreeBSD PC flipped into TARGET_MODE and a Mac.

                          • George Neville-Neil - Understanding and Tuning SCHED_ULE
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, sched_ule, george neville-neil
                            Files: Slides (29 pages, 228 Kb)

                            Understanding and Tuning SCHED_ULE With the advent of widespread SMP and multicore CPU architectures it was necessary to implement a new scheduler in the FreeBSD operating system. The SCHEDULE scheduler was added for the 5 series of FreeBSD releases and has now matured to the point where it is the default scheduler in the 7.1 release. While scheduling processes was a difficult enough task in the uniprocessor world, moving to multiple processors, and multiple cores, has significantly increased the number of problems that await engineers who wish to squeeze every last ounce of performance out of their system. This talk will cover the basic design of SCHEDULE and focus a great deal of attention on how to tune the scheduler for different workloads, using the sysctl interfaces that have been provided for that purpose. Understanding and tuning a scheduler used to be done only by operating systems designers and perhaps a small minority of engineers focusing on esoteric high performance systems. With the advent of widespread multi-processor and multi-core architectures it has become necessary for more users and administrators to decide how to tune their systems for the best performance. The SCHEDULE scheduler in FreeBSD provides a set of sysctl interfaces for tuning the scheduler at run time, but in order to use these interfaces effectively the scheduling process must first be understood. This presentation will give an overview of how SCHEDULE works and then will show several examples of tuning the system with the interfaces provided. The goal of modifying the scheduler's parameters is to change the overall performance of programs on the system. One of the first problems presented to the person who wants to tune the scheduler is how to measure the effects of their changes. Simply tweaking the parameters and hoping that that will help is not going to lead to good results. In our recent experiments we have used the top(1) program to measure our results.

                          • Lawrence Stewart - Improving the FreeBSD TCP Implementation
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, freebsd, tcp, lawrence stewart
                            Files: Slides (38 pages, 2.1 Mb)

                            Improving the FreeBSD TCP Implementation. An update on all things TCP in FreeBSD and how they affect you. My involvement in improving the FreeBSD TCP stack has continued this past year, with much of the work targeted at FreeBSD 8. This talk will cover what these changes entail, why they are of interest to the FreeBSD community and how they help to improve our TCP implementation. It has been a busy year since attending my inaugural BSDCan in 2008, where I talked about some of my work with TCP in FreeBSD. I have continued the work on TCP analysis/debugging tools and integrating modular congestion control into FreeBSD as part of the NewTCP research project. I will provide a progress update on this work. Additionally, a grant win from the FreeBSD Foundation to undertake a project titled "Improving the FreeBSD TCP Implementation" at Swinburne University's Centre for Advanced Internet Architectures has been progressing well. The project focuses on bringing TCP Appropriate Byte Counting (RFC 3465), reassembly queue auto-tuning and integration of low-level analysis/debugging tools to the base system, all of which I will also discuss.

                          • Joerg Sonnenberger - Journaling FFS with WAPBL
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, netbsd, wapbl, ffs, joerg sonnenberger
                            Files: Slides (24 pages, 10 Kb)

                            Journaling FFS with WAPBL NetBSD 5 is the first NetBSD release with a journaling filesystem. This lecture introduces the structure of the Fast File System, the modifications for WAPBL and specific constraints of the implementation. The Fast File System (FFS) has been used in the BSD land for more than two decades. The original implementation offered two operational modes: safe and slow (sync) unsafe and fast (async) One decade ago, Kirk McKusick introduced the soft dependency mechanism to offset the performance impact without risk of mortal peril on the first crash. With the advent of Terabyte hard disks, the need for a file system check (fsck) after a crash becomes finally unacceptable. Even a background fsck like supported on FreeBSD consumes lots of CPU time and IO bandwidth. Based on a donation from Wasabi Systems, Write Ahead Physical Block Logging (WAPBL) provides journaling for FFS with similar or better performance than soft dependencies during normal operation. Recovery time after crashes depends on the amount of outstanding IO operations and normally takes a few seconds. This lecture gives a short overview of FFS and the consistency constraints for meta data updates. It introduces the WAPBL changes, both in terms of the on-disk format and the implementation in NetBSD. Finally the implementation is compared to the design of comparable file systems and specific issues of and plans for the current implementation are discussed.

                          • Ivan Voras - Remote and mass management of systems with finstall
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
                            Files: Slides (24 pages, 377 Kb)

                            Remote and mass management of systems with finstall Automated management on a largish scale An important part of the "finstall" project, created as a graphical installer for FreeBSD, is a configuration server that can be used to remotely administer and configure arbitrary systems. It allows for remote scripting of administration tasks and is flexible enough to support complete reconfiguration of running systems. The finstall project has two major parts - the front-end and the back-end. The front-end is just a GUI allowing the users to install the system in a convenient way. The back-end is a network-enabled XML-RPC server that is used by the front-end to perform its tasks. It can be used as a stand-alone configuration daemon. This talk will describe a way to make use of this property of finstall to remotely manage large groups of systems.

                          • Mike Silbersack - Detecting TCP regressions with tcpdiff
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, tcpdiff, freebsd, mike silbersack
                            Files: Slides (33 pages, 89 Kb)

                            Detecting TCP regressions with tcpdiff Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. The initial version of tcpdiff presented at NYCBSDCon 2008 demonstrated that it could be used to detect at least two major TCP bugs that were introduced into FreeBSD in the past few years. The work from that presentation can be viewed at http://www.silby.com/nycbsdcon08/. For BSDCan 2009, I hope to fix a number of bugs in tcpdiff, make it easier to use, set up nightly tests of FreeBSD, and improve it so that additional known bugs can be detected. Additionally, I plan to run it on OSes other than FreeBSD.

                          • Philip Paeps - Crypto Acceleration on FreeBSD
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, crypto acceleration, freebsd, philip paeps
                            Files: Slides (28 pages, 361 Kb)

                            Crypto Acceleration on FreeBSD As more and more services on the internet become cryptographically secured, the load of cryptography on systems becomes heavier and heavier. Crypto acceleration hardware is available in different forms for different workloads. Embedded communications processors from VIA and AMD have limited acceleration facilities in silicon and various manufacturers build hardware for accelerating secure web traffic and IPSEC VPN tunnels. This talk gives an overview of FreeBSD's crypto framework in the kernel and how it can be used together with OpenSSL to leverage acceleration hardware. Some numbers will be presented to demonstrate how acceleration can improve performance - and how it can curiously bring a system to a grinding halt. Philip originally started playing with crypto acceleration when he saw the "crypto block" in one of his Soekris boards. As usual, addiction was instant and by the grace of the "you touch it, you own it" principle, he has been fiddling the crypto framework more than is good for him.

                          • Sean Bruno - Firewire BoF Plugfest
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, firewire, plugfest, sean bruno
                            Files: Slides (1 page, 37 Kb)

                            Firewire BoF Plugfest Debugging and testing of Firewire products with FreeBSD Come one come all to a Firewire plugfest. Let's debug and test together and see if we can't knock out some features and bugs. A hands-on testing and debugging session of the Firewire stack in FreeBSD. Everyone who wishes to attend should bring their Firewire devices, ext Drives and Cameras, and their Laptops. I will be debugging and capturing data points to enhance and improve features in the Firewire stack. We should be able to knock out quite a bunch of bugs if folks can bring their various Firewire devices along with their various PCs. Even if your Firewire device works perfectly, bring it by so it can be documented as supported by the Firewire team!

                          • Peter Hansteen - Building the Network You Need with PF, the OpenBSD packet filter
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, tutorial, pf, openbsd, peter hansteen
                            Files: Slides (68 pages, 2.5 Mb)

                            Building the Network You Need with PF, the OpenBSD packet filter. Building the network you need is the central theme for any network admin. This tutorial is for aspiring or seasoned network professionals with at least a basic knowledge of networking in general and TCP/IP particular. The session aims at teaching tools and techniques to make sure you build your network to work the way it's supposed to, keeping you in charge. Central to the toolbox is the OpenBSD PF packet filter, supplemented with tools that interact with it. Whether you are a greybeard looking for ways to optimize your setups or a greenhorn just starting out, this session will give you valuable insight into the inner life of your network and provide pointers to how to use that knowledge to build the network you need. The session will also offer some fresh information on changes introduced in OpenBSD 4.5, the most recent version of PF and OpenBSD. The tutorial is loosely based on Hansteen's recent book, /The Book of PF/ (No Starch Press), with updates and adaptations based on developments since the book's publication date.

                          • George Neville-Neil - Networking from the Bottom Up: Device Drivers
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, tutorial, device drivers, george neville-neil
                            Files: PDF file (68 pages, 480 Kb)

                            Networking from the Bottom Up: Device Drivers. In this tutorial I will describe how to write and maintain network drivers in FreeBSD and use the example of the Intel Gigabit Ethernet driver (igb) throughout the course. Students will learn the basic data structures and APIs necessary to implement a network driver in FreeBSD. The tutorial is general enough that it can be applied to other BSDs, and likely to other embedded and UNIX like systems while being specific enough that given a device and a manual the student should be able to develop a working driver on their own. This is the first of a series of lectures on network that I am developing over the next year or so.

                          bsdcan2010

                          bsdcan2011

                          bsdcan2012

                          bsdcertification

                          bsdcontr

                          bsdcontr2007

                          bsdjobs

                          bsdl

                          • Chris Lattner - BSD licensed C++ compiler
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, bsdl, llvm, chris lattner
                            Files: PDF file (33 pages, 5.8 Mb)

                            BSD licensed C++ compiler LLVM is a suite of carefully designed open source libraries that implement compiler components (like language front-ends, code generators, aggressive optimizers, Just-In-Time compiler support, debug support, link-time optimization, etc.). The goal of the LLVM project is to build these components in a way that allows them to be combined together to create familiar tools (like a C compiler), interesting new tools (like an OpenGL JIT compiler), and many other things we haven't thought of yet. Because LLVM is under continuous development, clients of these components naturally benefit from improvements in the libraries. This talk gives an overview of LLVM's design and approach to compiler construction, and gives several example applications. It describes applications of LLVM technology to llvm-gcc (a C/C++/Objective C compiler based on the GNU GCC front-end), the OpenGL stack in Mac OS/X Leopard, and Clang. Among other things, the Clang+LLVM Compiler provides a fully BSD-Licensed C and Objective-C compiler (with C++ in development) which compiles code several times faster than GCC, produces code that is faster than GCC in many cases, produces better warnings and error messages, and supports many other applications (e.g. static analysis and refactoring).

                          bsdnexus

                          bsdtalk

                          cat allman

                          ccc

                          • COMPLETE Hard Disk Encryption with FreeBSD
                            Source: 22nd Chaos Communication Congress
                            Added: 2006-08-23
                            Tags: ccc, ccc2005, ccc22, presentation, freebsd, harddisk encryption, marc schiesser
                            Files: Slides (679Kb), Bittorrent link (37Kb)

                            COMPLETE Hard Disk Encryption with FreeBSD, by Marc Schiesser Learn how to effectively protect not only your data but also your applications. Most technologies and techniques intended for securing digital data focus on protection while the machine is turned on mostly by defending against remote attacks. An attacker with physical access to the machine, however, can easily circumvent these defenses by reading out the contents of the storage medium on a different, fully accessible system or even compromise program code on it in order to leak encrypted information. Especially for mobile users, that threat is real. And for those carrying around sensitive data, the risk is most likely high. This talk will introduce a method of mitigating that particular risk by protecting not only the data through encryption, but also the applications and the operating system from being compromised while the machine is turned off.

                          ccc2005

                          • COMPLETE Hard Disk Encryption with FreeBSD
                            Source: 22nd Chaos Communication Congress
                            Added: 2006-08-23
                            Tags: ccc, ccc2005, ccc22, presentation, freebsd, harddisk encryption, marc schiesser
                            Files: Slides (679Kb), Bittorrent link (37Kb)

                            COMPLETE Hard Disk Encryption with FreeBSD, by Marc Schiesser Learn how to effectively protect not only your data but also your applications. Most technologies and techniques intended for securing digital data focus on protection while the machine is turned on mostly by defending against remote attacks. An attacker with physical access to the machine, however, can easily circumvent these defenses by reading out the contents of the storage medium on a different, fully accessible system or even compromise program code on it in order to leak encrypted information. Especially for mobile users, that threat is real. And for those carrying around sensitive data, the risk is most likely high. This talk will introduce a method of mitigating that particular risk by protecting not only the data through encryption, but also the applications and the operating system from being compromised while the machine is turned off.

                          ccc22

                          • COMPLETE Hard Disk Encryption with FreeBSD
                            Source: 22nd Chaos Communication Congress
                            Added: 2006-08-23
                            Tags: ccc, ccc2005, ccc22, presentation, freebsd, harddisk encryption, marc schiesser
                            Files: Slides (679Kb), Bittorrent link (37Kb)

                            COMPLETE Hard Disk Encryption with FreeBSD, by Marc Schiesser Learn how to effectively protect not only your data but also your applications. Most technologies and techniques intended for securing digital data focus on protection while the machine is turned on mostly by defending against remote attacks. An attacker with physical access to the machine, however, can easily circumvent these defenses by reading out the contents of the storage medium on a different, fully accessible system or even compromise program code on it in order to leak encrypted information. Especially for mobile users, that threat is real. And for those carrying around sensitive data, the risk is most likely high. This talk will introduce a method of mitigating that particular risk by protecting not only the data through encryption, but also the applications and the operating system from being compromised while the machine is turned off.

                          cfengine

                          • Configuration Management with Cfengine
                            Source: New York City *BSD User Group
                            Added: 2008-07-03
                            Tags: nycbug, presentation, configuration management, cfengine
                            Files: MP3 version (58 minutes, 6 Mb)

                            Configuration Management with Cfengine Cfengine is a policy-based configuration management system. Its primary function is to provide automated configuration and maintenance of computers, from a policy specification. The cfengine project was started in 1993 as a reaction to the complexity and non-portability of shell scripting for Unix configuration management, and continues today. The aim was to absorb frequently used coding paradigms into a declarative, domain-specific language that would offer self-documenting configuration. about the speaker: Steven Kreuzer has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.

                          chess griffin

                          chris buechler

                          • Chris Buechler and Scott Ullrich - pfSense: 2.0 and beyond
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2009-05-25
                            Tags: bsdcan, bsdcan2009, presentation, pfsense, chris buechler, scott ullrich
                            Files: Slides (36 pages, 3.2 Mb)

                            pfSense: 2.0 and beyond From firewall distribution to appliance building platform pfSense is a BSD licensed customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. This session will start with an introduction to the project and its common uses, which have expanded considerably beyond firewalling. We will cover much of the new functionality coming in the 2.0 release, which contains significant enhancements to nearly every portion of the system as well as numerous new features. While the primary function of the project is a firewalling and routing platform, with changes coming in pfSense 2.0, it has also become an appliance building framework enabling the creation of customized special purpose appliances. The m0n0wall code where pfSense originated has proved popular for this purpose, with AskoziaPBX and FreeNAS also based upon it, in addition to a number of commercial solutions. The goal of this appliance building framework is to enable creation of projects such as these without having to fork and maintain another code base. The existing appliances, including a DNS server using TinyDNS, VoIP with FreeSWITCH, and others will be discussed. For those interested in creating appliances, an overview of the process will be provided along with references for additional information.

                          • Scott Ullrich, Chris Buechler - pfSense Tutorial
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-28
                            Tags: bsdcan, bsdcan2008, tutorial, freebsd, pfsense, scott ullrich, chris buechler
                            Files: PDF file (91 pages, 4.1 Kb)

                            pfSense Tutorial From Zero to Hero with pfSense pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices. This tutorial is being presented by the founders of the pfSense project, Chris Buechler and Scott Ullrich. The session will start with an introduction to the project, hardware sizing and selection, installation, firewalling concepts and basic configuration, and continue to cover all the most popular features of the system. Common usage scenarios, deployment considerations, step by step configuration guidance, and best practices will be covered for each feature. Most configurations will be demonstrated in a live lab environment. Attendees are assumed to have basic knowledge of TCP/IP and firewalling concepts, however no in-depth knowledge in these areas or prior knowledge of pfSense or FreeBSD is necessary.

                          chris lattner

                          • Chris Lattner - BSD licensed C++ compiler
                            Source: BSDCan - The Technical BSD Conference
                            Added: 2008-05-21
                            Tags: bsdcan, bsdcan2008, slides, bsdl, llvm, chris lattner
                            Files: PDF file (33 pages, 5.8 Mb)

                            BSD licensed C++ compiler LLVM is a suite of carefully designed open source libraries that implement compiler components (like language front-ends, code generators, aggressive optimizers, Just-In-Time compiler support, debug support, link-time optimization, etc.). The goal of the LLVM project is to build these components in a way that allows them to be combined together to create familiar tools (like a C compiler), interesting new tools (like an OpenGL JIT compiler), and many other things we haven't thought of yet. Because LLVM is under continuous development, clients of these components naturally benefit from improvements in the libraries. This talk gives an overview of LLVM's design and approach to compiler construction, and gives several example applications. It describes applications of LLVM technology to llvm-gcc (a C/C++/Objective C compiler based on the GNU GCC front-end), the OpenGL stack in Mac OS/X Leopard, and Clang. Among other things, the Clang+LLVM Compiler provides a fully BSD-Licensed C and Objective-C compiler (with C++ in development) which compiles code several times faster than GCC, produces code that is faster than GCC in many cases, produces better warnings and error messages, and supports many other applications (e.g. static analysis and refactoring).

                          christian bruffer

                          christian laursen

                          christoph badura

                            christoph egger

                            cisco

                            claes wikstrom

                            claudio jeker

                            cli

                            • Why I like the CLI
                              Source: bsdtalk
                              Added: 2007-09-01
                              Tags: bsdtalk, cli, will backman
                              Files: MP3 version (6 Mb, 12 minutes), Ogg version (12 minutes)

                              Why I like the CLI: Uses minimal resources. Less space, less memory, fewer dependencies. Transparency. GUI hides internals, limits options. Similar between Unix-like systems. GUI tools seem to change every week. Remote management. SSH rocks. Everything is text. Configs, devices, output. CLI is natural complement. Pipes and scripts. One time is hard, a thousand times is easy. Only need a few tools. Grep, sed, awk, vi, cron. Text config files. Easy to version, share, and comment. Requires reading skills instead of clicking skills. Much faster when you know what you are doing.

                            clocks

                              cluster

                              • FreeBSD, Building a Computing Cluster
                                Source: YouTube bsdconferences channel
                                Added: 2008-December-06
                                Tags: youtube, meetbsd, meetbsd2007, freebsd, cluster, performance, brooks davis
                                Files: Flash (47:51)

                                "Reflections on Building a High-Performance Computing Cluster using FreeBSD", Brooks Davis at MeetBSD 2007 in Warsaw, Poland. clive URL: http://www.youtube.com/watch?v=BpsRb9fJ4Ds

                              • Isolating Cluster Jobs for Performance and Predictability, Brooks Davis, MeetBSD 2008
                                Source: YouTube bsdconferences channel
                                Added: 2008-December-06
                                Tags: youtube, meetbsd, meetbsd2008, cluster, performance, brooks davis
                                Files: Flash (43:40)

                                Isolating Cluster Jobs for Performance and Predictability by Brooks Davis, The Aerospace Corporation, MeetBSD November 15, 2008 clive URL: http://www.youtube.com/watch?v=0uBFLJm7IHc

                              • EuroBSDCon 2008 - Brooks Davis - Isolating cluster jobs for performance and predictability
                                Source: EuroBSDCon
                                Added: 2008-October-22
                                Tags: eurobsdcon, eurobsdcon2008, freebsd, cluster, brooks davis
                                Files: OGG (1 byte, 51 minutes), MP3 (1 byte, 51 minutes), PDF (1 byte, n pages)

                                The Aerospace Corporation operates a federally funded research and development center in support of national-security, civil and commercial space programs. Many of our 2400+ engineers use a variety of computing technologies to support their work. Applications range from small models which are easily handled by desktops to parameter studies involving thousands of cpu hours and traditional, large scale parallel codes such as computational fluid dynamics and molecular modeling applications. Our primary resources used to support these large applications are computing clusters. Our current primary cluster, the Fellowship cluster consists of 352 dual-processor nodes with a total of 14xx cores. Two additional clusters, beginning at 150 dual-processor nodes each are being constructed to augment Fellowship. As in In any multiuser computing environment with limited resources, user competition for resources is a significant burden. Users want everything they need to do their job, right now. Unfortunately, other users may need those resources at the same time. Thus, systems to arbitrate this resource contention are necessary. On Fellowship we have deployed the Sun Grid Engine scheduler which scheduled batch jobs across the nodes. In the next section we discuss the performance problems that can occur when sharing resources in a high performance computing cluster. We then discuss range of possibilities to address these problems. We then explain the solutions we are investigating and describe our experiments with them. We then conclude with a discussion of future work.

                              • Brooks Davis - Isolating Cluster Jobs for Performance and Predictability
                                Source: BSDCan - The Technical BSD Conference
                                Added: 2009-05-25
                                Tags: bsdcan, bsdcan2009, presentation, freebsd, cluster, brooks davis
                                Files: Slides (27 pages, 1.4 Mb)

                                Isolating Cluster Jobs for Performance and Predictability At The Aerospace Corporation, we run a large FreeBSD based computing cluster to support engineering applications. These applications come in all shapes, sizes, and qualities of implementation. To support them and our diverse userbase we have been searching for ways to isolate jobs from one another in ways that are more effective than Unix time sharing and more fine grained than allocating whole nodes to jobs. In this talk we discuss the problem space and our efforts so far. These efforts include implementation of partial file systems virtualization and CPU isolation using CPU sets.

                              clusters

                                cms pipes

                                  codeweavers

                                  colin percival

                                  • Colin Percival - scrypt: A new key derivation function
                                    Source: BSDCan - The Technical BSD Conference
                                    Added: 2009-05-25
                                    Tags: bsdcan, bsdcan2009, presentation, scrypt, colin percival
                                    Files: Paper (16 pages, 201 Kb), Slides (21 pages, 556 Kb)

                                    scrypt: A new key derivation function Doing our best to thwart TLAs armed with ASICs Password-based key derivation functions are used for two primary purposes: First, to hash passwords so that an attacker who gains access to a password file does not immediately possess the passwords contained therewithin; and second, to generate cryptographic keys to be used for encrypting or authenticating data. In both cases, if passwords do not have sufficient entropy, an attacker with the relevant data can perform a brute force attack, hashing potential passwords repeatedly until the correct key is found. While commonly used key derivation functions, such as Kamp's iterated MD5, Provos and Mazieres' bcrypt, and RSA Laboratories' PBKDF1 and PBKDF2 make an attempt to increase the difficulty of brute-force attacks, they all require very little memory, making them ideally suited to attack by custom hardware. In this talk, I will introduce the concepts of memory-hard and sequential memory-hard functions, and argue that key derivation functions should be sequential memory-hard. I will present a key derivation function which, subject to common assumptions about cryptographic hash functions, is provably sequential memory-hard, and a variation which appears to be stronger (but not provably so). Finally, I will provide some estimates of the cost of performing brute force attacks on a variety of password strengths and key derivation functions.

                                  • FreeBSD Portsnap
                                    Source: BSDCan - The Technical BSD Conference
                                    Added: 2007-05-20
                                    Tags: bsdcan, bsdcan2007, pdf, portsnap, freebsd, colin percival
                                    Files: PDF version (1.3 Mb, 88 pages)

                                    "FreeBSD Portsnap - What (it is), Why (it was written), and How (it works)" by Colin Percival (cperciva@FreeBSD.org) (Note: use ^L to get back in non-fullscreen mode)

                                  commercial environment

                                  • Warner Losh - Tracking FreeBSD in a commercial Environment
                                    Source: BSDCan - The Technical BSD Conference
                                    Added: 2009-05-25
                                    Tags: bsdcan, bsdcan2009, presentation, freebsd, commercial environment, waner losh
                                    Files: Slides (10 pages, 104 Kb), Paper (45 pages, 624 Kb)

                                    Tracking FreeBSD in a commercial Environment How to stay current while staying sane The FreeBSD project publishes two lines of source code: current and stable. All changes must first be committed to current and then are merged into stable. Commercial organizations wishing to use FreeBSD in their products must be aware of this policy. Four different strategies have developed for tracking FreeBSD over time. A company can choose to run only unmodified release versions of FreeBSD. A company may choose to import FreeBSD's sources once and then never merge newer versions. A company can choose to import each new stable branch as it is created, adding its own changes to that branch, as well as integrating new versions from FreeBSD from time to time. A company can track FreeBSD's current branch, adding to it their changes as well as newer FreeBSD changes. Which method a company chooses depends on the needs of the company. These methods are explored in detail, and their advantages and disadvantages are discussed. Tracking FreeBSD's ports and packages is not discussed. Companies building products based upon FreeBSD have many choices in how to use the projects sources and binaries. The choices range from using unmodified binaries from FreeBSD's releases, to tracking modify FreeBSD heavily and tracking FreeBSD's evolution in a merged tree. Some companies may only need to maintain a stable version of FreeBSD with more bug fixes or customizations than the FreeBSD project wishes to place in that branch. Some companies also wish to contribute some subset of their changes back to the FreeBSD project. FreeBSD provides an excellent base technology with which to base products. It is a proven leader in performance, reliability and scalability. The technology also offers a very business friendly license that allows companies to pick and choose which changes they wish to contribute to the community rather than forcing all changes to be contributed back, or attaching other undesirable license conditions to the code. However, the FreeBSD project does not focus on integration of its technology into customized commercial products. Instead, the project focuses on producing a good, reliable, fast and scalable operating system and associated packages. The project maintains two lines of development. A current branch, where the main development of the project takes place, and a stable branch which is managed for stability and reliability. While the project maintains documentation on the system, including its development model, relatively little guidance has been given to companies in how to integrate FreeBSD into their products with a minimum of trouble. Developing a sensible strategy to deal with both these portions of FreeBSD requires careful planning and analysis. FreeBSD's lack of guidelines to companies leaves it up to them to develop a strategy. FreeBSD's development model differs from some of the other Free and Open Source projects. People familiar with those systems often discover that methods that were well suited to them may not work as well with FreeBSD's development model. These two issues cause many companies to make poor decisions without understanding the problems that lie in their future. Very little formal guidance exists for companies wishing to integrate FreeBSD into their products. Some email threads can be located via a Google search that could help companies, but many of them are full of contradictory information, and it is very disorganized. While the information about the FreeBSD development process is in the FreeBSD handbook, the implications of that process for companies integrating FreeBSD into their products are not discussed.

                                  configuration management

                                  • Configuration Management with Cfengine
                                    Source: New York City *BSD User Group
                                    Added: 2008-07-03
                                    Tags: nycbug, presentation, configuration management, cfengine
                                    Files: MP3 version (58 minutes, 6 Mb)

                                    Configuration Management with Cfengine Cfengine is a policy-based configuration management system. Its primary function is to provide automated configuration and maintenance of computers, from a policy specification. The cfengine project was started in 1993 as a reaction to the complexity and non-portability of shell scripting for Unix configuration management, and continues today. The aim was to absorb frequently used coding paradigms into a declarative, domain-specific language that would offer self-documenting configuration. about the speaker: Steven Kreuzer has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.

                                  constantine murenin

                                  • EuroBSDCon 2008 - Constantine Murenin - OpenBSD Hardware Sensors Framework
                                    Source: EuroBSDCon
                                    Added: 2008-October-22
                                    Tags: eurobsdcon, eurobsdcon2008, presentation, openbsd, hardware sensors, constantine murenin
                                    Files: PDF (539395 bytes, 38 pages)

                                    In this talk, we will discuss the past and present history and the design principles of the OpenBSD hardware sensors framework. Sensors framework provides a unified interface for storing, registering and accessing information about hardware monitoring sensors. Sensor types include, but are not limited to, temperature, voltage, fan RPM, time offset and logical drive status. The framework spans sensor_attach(9), sysctl(3), sysctl(8), sensorsd(8), ntpd(8), snmpd(8) and more than 67 drivers, ranging from I2C temperature sensors and Super I/O hardware monitors to IPMI, RAID and SCSI enclosures. Several third-party tools are also available, for example, a plug-in for Nagios and ports/sysutils/symon. Originally based on some ideas from NetBSD, the framework has sustained many improvements in OpenBSD, and was ported and committed to FreeBSD and DragonFly BSD. Constantine A. Murenin is an MMath graduate student at the David R. Cheriton School of Computer Science at the University of Waterloo (CA). Prior to his graduate appointment, Constantine attended and subsequently graduated from East Carolina University (US) and De Montfort University (UK), receiving two bachelor degrees in computer science, with honors and honours respectively. A FreeBSD Google Summer of Code 2007 Student, OpenBSD Committer and Mozilla Contributor, Constantine's interests range from standards compliance and usability at all levels, to quiet computing and hardware monitoring. http://Constantine.SU/

                                  • Constantine A. Murenin - Quiet Computing with BSD
                                    Source: BSDCan - The Technical BSD Conference
                                    Added: 2009-05-25
                                    Tags: bsdcan, bsdcan2009, presentation, openbsd, hardware sensors, constantine murenin
                                    Files: Slides (16 pages, 264 Kb)

                                    Quiet Computing with BSD Programming system hardware monitors for quiet computing In this talk, we will present a detailed overview of the features and common problems of microprocessor system hardware monitors as they relate to the topic of silent computing. In a nutshell, the topic of programmable fan control will be explored. Silent computing is an important subject as its practice reduces the amount of unnecessary stress and improves the motivation of the workforce, at home and in the office. Attendees will gain knowledge on how to effectively programme the chips to minimise fan noise and avoid system failure or shutdown during temperature fluctuations, as well as some basic principles regarding quiet computing. Shortly before the talk, a patch for programming the most popular chips (like those from Winbond) will be released for the OpenBSD operating system, although the talk itself will be more specific to the microprocessor system hardware monitors themselves, as opposed to the interfacing with thereof in modern operating systems like OpenBSD, NetBSD, DragonFly BSD and FreeBSD.

                                  consultancy

                                  contikios

                                  corey benninger

                                    counters

                                    • Hardware Performance Monitoring Counters
                                      Source: New York City *BSD User Group
                                      Added: 2008-November-16
                                      Tags: nycbug, presentation, george neville-neil, counters
                                      Files: MP3 version (4 Mb)

                                      Many modern CPUs provide on chip counters for performance events such as retiring instructions and cache misses. The hwpmc driver and libraries in FreeBSD give systems administrators and programmers access to APIs which make it possible to measure performance without modifying source code and with minimal intrusion into application execution. This talk will be a brief introduction to HWPMC, and how to use it. Bio: George Neville-Neil is the co-author with Kirk McKusick of The Design and Implementation of the FreeBSD Operating System. He works on networking an operating systems for fun and profit.

                                    course

                                    cover

                                      crossover

                                      crypto acceleration

                                      • Philip Paeps - Crypto Acceleration on FreeBSD
                                        Source: BSDCan - The Technical BSD Conference
                                        Added: 2009-05-25
                                        Tags: bsdcan, bsdcan2009, presentation, crypto acceleration, freebsd, philip paeps
                                        Files: Slides (28 pages, 361 Kb)

                                        Crypto Acceleration on FreeBSD As more and more services on the internet become cryptographically secured, the load of cryptography on systems becomes heavier and heavier. Crypto acceleration hardware is available in different forms for different workloads. Embedded communications processors from VIA and AMD have limited acceleration facilities in silicon and various manufacturers build hardware for accelerating secure web traffic and IPSEC VPN tunnels. This talk gives an overview of FreeBSD's crypto framework in the kernel and how it can be used together with OpenSSL to leverage acceleration hardware. Some numbers will be presented to demonstrate how acceleration can improve performance - and how it can curiously bring a system to a grinding halt. Philip originally started playing with crypto acceleration when he saw the "crypto block" in one of his Soekris boards. As usual, addiction was instant and by the grace of the "you touch it, you own it" principle, he has been fiddling the crypto framework more than is good for him.

                                      cryptography

                                      • Using Cryptography to Improve Web Application Performance and Security
                                        Source: New York City *BSD User Group
                                        Added: 2007-09-12
                                        Tags: nycbug, presentation, cryptography, nick galbreath
                                        Files: MP3 version (18Mb)

                                        Cryptography has a reputation of slowing down applications. However if done correctly, it can actually be used to improve performance by storing high-value/high-cost results "in public." In addition the same techniques can solve common security problems such as authorization, parameter scanning, and parameter rewriting. All are welcome - no previous experience with cryptography is required, and the techniques will be presented in a programming-language neutral format. Nick Galbreath have been working on high performance servers and web security at various high profile startups since 1994 (most recently Right Media). He holds a Master degree of Mathematics from Boston University, and published a book on cryptography. He currently lives in the Lower East Side.

                                      cvs

                                      • Ray Lai: on OpenCVS
                                        Source: New York City *BSD User Group
                                        Added: 2007-04-06
                                        Tags: nycbug, presentation, cvs, openbsd, ray lai
                                        Files: MP3 version

                                        This presentation was inspired by the recent Subversion presentation. It will talk about the origins of OpenRCS and OpenCVS, its real-world usage in the OpenBSD project, and why OpenBSD will continue to use CVS. Ray is an OpenBSD developer who uses Subversion by day, CVS by night. Taking the phrase "complexity is the enemy of security" to heart, he believes that the beauty of UNIX's security is in its simplicity.

                                      daemonforums

                                      damien miller

                                        dan langille

                                        daniel braniss

                                        daniel seuffert

                                        • Fosdem 2006: BSD
                                          Source: Source21.nl
                                          Added: 2006-06-05
                                          Tags: source21, interview, daniel seuffert
                                          Files:

                                          We talk with Daniel Seuffert about BSD. Several flavours of BSD were represented in a joint BSD booth: OpenBSD, FreeBSD, NetBSD and MirOS. Daniel is representative of the FreeBSD project and among other things talks about the different operating systems that are build on top of FreeBSD. For instance, there are two distributions called PC-BSD and DesktopBSD that are targeted towards desktop users. There also is a version that specializes on security entitled TrustedBSD.

                                        danish

                                        david gwynne

                                        davis

                                          dcbsdcon

                                          dcbsdcon2009

                                          debian

                                          deborah norling

                                          debugging

                                          • Detangling and debugging
                                            Source: YouTube bsdconferences channel
                                            Added: 2008-December-06
                                            Tags: youtube, meetbsd, meetbsd2007, debugging, philip paeps
                                            Files: Flash (18:36)

                                            "Detangling and debugging: friends in unexpected places", Philip Paeps at MeetBSD 2007 in Warsaw, Poland. clive URL: http://www.youtube.com/watch?v=G8Fm8mgPyDc

                                          • John Baldwin - Introduction to Debugging the FreeBSD Kernel
                                            Source: BSDCan - The Technical BSD Conference
                                            Added: 2008-05-21
                                            Tags: bsdcan, bsdcan2008, slides, paper, debugging, freebsd, john baldwin
                                            Files: slides, PDF file (26 pages, 113 Kb), paper, PDF file (15 pages, 121 Kb)

                                            Introduction to Debugging the FreeBSD Kernel Just like every other piece of software, the FreeBSD kernel has bugs. Debugging a kernel is a bit different from debugging a userland program as there is nothing underneath the kernel to provide debugging facilities such as ptrace() or procfs. This paper will give a brief overview of some of the tools available for investigating bugs in the FreeBSD kernel. It will cover the in-kernel debugger DDB and the external debugger kgdb which is used to perform post-mortem analysis on kernel crash dumps. Introduction to Debugging the FreeBSD Kernel Basic crash messages, what a crash looks like typical panic() invocation page fault example "live" debugging with DDB stack traces ps deadlock examples show lockchain show sleepchain Adding new DDB commands KGDB inspecting processes and threads working with kernel modules using scripts to extend examining crashdumps using utilities ps, netstat, etc. debugging strategies kernel crashes system hangs

                                          denialofservice

                                          • Steven Kreuzer on Denial of Service Mitigation Techniques
                                            Source: New York City *BSD User Group
                                            Added: 2007-06-08
                                            Tags: nycbug, presentation, denialofservice, steven kreuzer
                                            Files: MP3 version (10Mb)

                                            Protecting your servers, workstations and networks can only go so far. Attacks which consume your available Internet-facing bandwidth, or overpower your CPU, can still take you offline. His presentation will discuss techniques for mitigating the effects of such attacks on servers designed to provide network intensive services such as HTTP or routing. About the speaker Steven Kreuzer is currently employed by Right Media as a Systems Administrator focusing on building and managing high transaction infrastructures around the globe. He has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.

                                          design and implementation of the freebsd operating system

                                          desktop

                                          • James Cornell
                                            Source: bsdtalk
                                            Added: 2008-04-08
                                            Tags: bsdtalk, interview, desktop, james cornell
                                            Files: MP3 version (9 Mb, 20 minutes), Ogg version (9 minutes)

                                            Another interview with Sysadmin James Cornell. We talk about BSD, OpenSolaris, and Linux on the desktop.

                                          • EuroBSDCon 2008 - Hauke Fath - Managing BSD desktop clients - Fencing in the herd
                                            Source: EuroBSDCon
                                            Added: 2008-October-22
                                            Tags: eurobsdcon, eurobsdcon2008, bsd, desktop, hauke fath
                                            Files: OGG (1 byte, 50 minutes), MP3 (1 byte, 50 minutes), PDF (1 byte, n pages)

                                            The members of the BSD family have traditionally prospered off the desktop, as operating systems on servers and embedded systems. The advent of MacOS X has marked a change, and moved the desktop more into focus. Modern desktop systems create a richer software landscape, with more diverse requirements, than their server counterparts. User demands, software package interdependencies and frequent security issues result in a change rate that can put a considerable load on the admin staff. Without central management tools, previously identical installations diverge quickly. This paper looks at concepts and strategies for managing tens to hundreds of modern, Unix-like desktop clients. The available management tools range from simple, image-based software distribution, mainly used for setting up uniform clients, to "intelligent" rule-based engines capable of search-and-replace operations on configuration files. We will briefly compare their properties and limitations, then take a closer look at Radmind, a suite for file level administration of Unix clients. Radmind has been in use in the Institute of Telecommunication at Technische Universitt Darmstadt for over three years, managing NetBSD and Debian Linux clients in the labs as well as faculty members' machines. We will explore the Radmind suite's underlying concepts and functionality. In order to see how the concept holds up, we will discuss real-world scenarios from the system life-cycle of Installation, configuration changes, security updates, component updates, and system upgrades. Hauke Fath works as a systems administrator for the Institut fr Nachrichtentechnik (telecommunication) at Technische Universitt Darmstadt. He has been using NetBSD since 1994, when he first booted a NetBSD 1.0A kernel on a Macintosh SE/30. NetBSD helped shaping his career by causing a slow drift from application programmer's work towards systems and network administration. Hauke Fath holds a MS in Physics and became a NetBSD developer in late 2006. Keywords: Managing Unix desktop clients, software distribution, tripwire

                                          device drivers

                                          • George Neville-Neil - Networking from the Bottom Up: Device Drivers
                                            Source: BSDCan - The Technical BSD Conference
                                            Added: 2009-05-25
                                            Tags: bsdcan, bsdcan2009, tutorial, device drivers, george neville-neil
                                            Files: PDF file (68 pages, 480 Kb)

                                            Networking from the Bottom Up: Device Drivers. In this tutorial I will describe how to write and maintain network drivers in FreeBSD and use the example of the Intel Gigabit Ethernet driver (igb) throughout the course. Students will learn the basic data structures and APIs necessary to implement a network driver in FreeBSD. The tutorial is general enough that it can be applied to other BSDs, and likely to other embedded and UNIX like systems while being specific enough that given a device and a manual the student should be able to develop a working driver on their own. This is the first of a series of lectures on network that I am developing over the next year or so.

                                          device tree

                                          • John Baldwin - Multiple Passes of the FreeBSD Device Tree
                                            Source: BSDCan - The Technical BSD Conference
                                            Added: 2009-05-25
                                            Tags: bsdcan, bsdcan2009, presentation, freebsd, device tree, john baldwin
                                            Files: Paper (8 pages, 103 Kb), Slides (15 pages, 60 Kb)

                                            Multiple Passes of the FreeBSD Device Tree The existing device driver framework in FreeBSD works fairly well for many tasks. However, there are a few problems that are not easily solved with the current design. These problems include having "real" device drivers for low-level hardware such as clocks and interrupt controllers, proper resource discovery and management, and allowing most drivers to always probe and attach in an environment where interrupts are enabled. I propose extending the device driver framework to support multiple passes over the device tree during boot. This would allow certain classes of drivers to be attached earlier and perform boot-time setup before other drivers are probed and attached. This in turn can be used to develop solutions to the earlier list of problems.

                                          devsummit

                                          devsummit2008

                                          devsummit2012

                                          diana bruce

                                          diane bruce

                                          dikshie fauzie

                                            dimitri vasileva

                                            diomidis spinellis

                                            discussion

                                            disk schedulers

                                            • Luigi Rizzo - GEOM based disk schedulers for FreeBSD
                                              Source: BSDCan - The Technical BSD Conference
                                              Added: 2009-05-25
                                              Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
                                              Files: Slides (40 pages, 430 Kb)

                                              GEOM based disk schedulers for FreeBSD The high cost of seek operations makes the throughput of disk devices very sensitive to the offered workload. A disk scheduler can then help reorder requests to improve the overall throughput of the device, or improve the service guarantees for individual users, or both. Research results in recent years have introduced, and proven the effectiveness of, a technique called "anticipatory scheduling". The basic idea behind this technique is that, in some cases, requests that cause a seek should not be served immediately; instead, the scheduler should wait for a short period of time in case other requests arrive that do not require a seek to be served. With many common workloads, dominated by sequential synchronous requests, the potential loss of throughput caused by the disk idling times is more than balanced by the overall reduction of seeks. While a fair amount of research on disk scheduling has been conducted on FreeBSD, the results were never integrated in the OS, perhaps because the various prototype implementations were very device-specific and operated within the device drivers. Ironically, anticipatory schedulers are instead a standard part of Linux kernels. This talk has two major contributions: First, we will show how, thanks to the flexibility of the GEOM architecture, an anticipatory disk scheduling framework has been implemented in FreeBSD with little or no modification to a GENERIC kernel. While these schedulers operate slightly above the layer where one would naturally put a scheduler, they can still achieve substantial performance improvements over the standard disk scheduler; in particular, even the simplest anticipatory schedulers can prevent the complete trashing of the disk performance that often occurs in presence of multiple processes accessing the disk. Secondly, we will discuss how the basic anticipatory scheduling technique can be used not only to improve the overall throughput of the disk, but also to give service guarantees to individual disk clients, a feature that is extremely important in practice e.g., when serving applications with pseudo-real-time constraints such as audio or video streaming ones. A prototype implementation of the scheduler that will be covered in the presentation is available at http://info.iet.unipi.it/~luigi/FreeBSD/

                                            dnssec

                                              documentation

                                              domidis spinellis

                                              dragonflybsd

                                              • Justin Sherrill of the DragonFlyBSD Digest
                                                Source: bsdtalk
                                                Added: 2009-01-19
                                                Tags: bsdtalk, interview, dragonflybsd, justin sherril
                                                Files: MP3 version (10 Mb, 22 minutes), Ogg version (22 minutes)

                                                Interview with Justin Sherrill of the DragonFlyBSD Digest, which can be found at http://www.shiningsilence.com/dbsdlog/

                                              • Matthew Dillon
                                                Source: bsdtalk
                                                Added: 2007-08-16
                                                Tags: bsdtalk, interview, dragonflybsd, mattew dillon
                                                Files: MP3 version (10 Mb, 20 minutes), Ogg version (20 minutes)

                                                Interview with DragonflyBSD's Matthew Dillon. We talk about the 1.10 release and the design of a new filesystem.

                                              • DragonFlyBSD Developer Matthew Dillon
                                                Source: bsdtalk
                                                Added: 2007-02-08
                                                Tags: bsdtalk, interview, dragonflybsd, mathew dillon
                                                Files: MP3 version (12 Mb, 24 minutes), Ogg version (24 minutes)

                                                Interview with DragonFlyBSD developer Matthew Dillon. We talk about the 1.8 release.

                                              • EuroBSDCon 2008 - Aggelos Economopoulos - An MP-capable network stack for DragonFlyBSD with minimal use of locks
                                                Source: EuroBSDCon
                                                Added: 2008-October-22
                                                Tags: eurobsdcon, eurobsdcon2008, dragonflybsd, mp, network stack, aggelos economopoulos
                                                Files: OGG (1 byte, 42 minutes), MP3 (1 byte, 42 minutes), PDF (1 byte, n pages)

                                                Given the modern trend towards multi-core shared memory multiprocessors, it is inconceivable for production OS kernels not to be reentrant. The typical approach for allowing multiple execution contexts to simultaneously execute in kernel mode has been to use fine-grained locking for synchronising access to shared resources. While this technique has been proven efficient, empirical evidence suggests that the resulting locking rules tend to be cumbersome even for the experienced kernel programmer, leading to bugs that are hard to diagnose. Moreover, scaling to more processors requires extensive use of locks, which may impose unnecessary locking overhead for small scale multiprocessor systems. This talk will describe the typical approach and then discuss the alternative approach taken in the DragonFlyBSD network stack. We will give an overview of the various protocol threads employed for network I/O processing and the common-case code paths for packet reception and transmission. Additionally, we'll need to make a passing reference to DragonFlyBSD's message passing model. This should establish a baseline, allowing us to focus on the recent work by the author to eliminate use of the Big Giant Lock in the performance-critical paths for the TCP and UDP protocols. The decision to constrain this work on the two by far most widely-used transport protocols was made in order to (a) limit the amount of work necessary and (b) explore the effectiveness of the approach on the cases that matter at this point in time.

                                              dru lavigne

                                              dtrace

                                              • DTrace
                                                Source: YouTube bsdconferences channel
                                                Added: 2008-December-07
                                                Tags: youtube, meetbsd, meetbsd2007, dtrace, polish, slawomir zak
                                                Files: Flash (1:04:23)

                                                "DTrace - Monitoring i strojenie systemu w XXI wieku", Slawomir Zak at MeetBSD 2007 in Warsaw, Poland. clive URL: http://www.youtube.com/watch?v=5VK6tV4y3r0

                                              • John Birrell - DTrace for FreeBSD
                                                Source: BSDCan - The Technical BSD Conference
                                                Added: 2008-05-21
                                                Tags: bsdcan, bsdcan2008, slides, dtrace, freebsd, john birrell
                                                Files: PDF file (49 pages, 148 Kb)

                                                DTrace for FreeBSD What on earth is that system doing?! DTrace is a comprehensive dynamic tracing facility originally developed for Solaris that can be used by administrators and developers on live production systems to examine the behavior of both user programs and of the operating system itself. DTrace enables users to explore their system to understand how it works, track down performance problems across many layers of software, or locate the cause of aberrant behavior. DTrace lets users create their own custom programs to dynamically instrument the system and provide immediate, concise answers to arbitrary questions you can formulate using the DTrace D programming language. This talk discusses the port of the DTrace facility to FreeBSD and demonstrates examples on a live FreeBSD system. Introduction to the D language - probes, predicates and actions. dtrace(8) and libdtrace - the userland side of the DTrace story. The DTrace kernel module, it's ioctl interface to userland and the provider infrastructure in the kernel. DTrace kernel hooks and the problem of code licensed under Sun's CDDL. What does a DTrace probe actually do? DTrace safety and how it is implemented. Build system changes to add CTF (Compact C Type Format) data to objects, shared libraries and executables. The DTrace test suite. A brief list of things to do to port the DTrace facility to other BSD-derived operating systems.

                                              ed kikkert

                                                ed maste

                                                edd barrett

                                                • EuroBSDCon 2008 - Edd Barret - Modern Typesetting on BSD
                                                  Source: EuroBSDCon
                                                  Added: 2008-October-22
                                                  Tags: eurobsdcon, eurobsdcon2008, typesetting, bsd, edd barrett
                                                  Files: OGG (1 byte, 33 minutes), MP3 (1 byte, 33 minutes), PDF (1 byte, n pages)

                                                  Edd Barrett will speak about using the BSD Platform as a means of typesetting from a practical standpoint at EuroBSDcon 2008. Edd Barrett does not wish to go into the technicalities of each typesetter, but rather state which are good for certain types of document, and which tools (ports and packages), integrate well with the available typesetters. Edd Barrett os a student from the UK, currently on "placement year" as a systems administrator for Bournemouth University. Open Source *NIX has been his platform of choice for many years and he has been using OpenBSD for about 3 years now, simply because it is small, clean, correct and secure. Just recently he has started developing things I want or need for OpenBSD.

                                                eeepc

                                                • BSD on a eeePC 900A
                                                  Source: bsdtalk
                                                  Added: 2008-November-16
                                                  Tags: bsdtalk, eeepc
                                                  Files: MP3 version (5 Mb, 10 minutes), Ogg version (10 minutes)

                                                  I look forward to attending MeetBSD this weekend. A brief description of my first attempts to get BSD on a eeePC 900A. I try OpenBSD 4.4, DragonFlyBSD 2.0.1, PC-BSD 7.0.1, and FreeBSD 7.

                                                eiichi muramoto

                                                  einar th einarsson

                                                  eirik Overby

                                                  embed

                                                  • EuroBSDCon 2008 - Paeps Philip - How-to embed FreeBSD
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, embed, freebsd, philip paeps
                                                    Files: OGG (1 byte, 43 minutes), MP3 (1 byte, 43 minutes), PDF (1 byte, 17 pages)

                                                    This paper provides a how-to embed FreeBSD. A console server built form an AT91RM9200 based ARM system will be explored. This paper will talk about the selection of hardware. It will explore creating images for the target system, as well as concentrate on different alternatives for deploying the system. A number of different options exist today, and no comprehensive guide for navigating through the choices exists today. This paper will explore the different alternatives that exist today for producing images targeted at different size requirements. The differing choices for storage in an embedded environment are explored. The techniques used to access rich debugging environments are discussed.

                                                  embedded

                                                  • Embedded FreeBSD
                                                    Source: YouTube bsdconferences channel
                                                    Added: 2008-December-07
                                                    Tags: youtube, meetbsd, meetbsd2007, embedded, freebsd, polish, rafal jaworowski
                                                    Files: Flash (1:11:09)

                                                    "FreeBSD do zabudowy czyli nie tylko pecety", Rafal Jaworowski at MeetBSD 2007 in Warsaw, Poland. clive URL: http://www.youtube.com/watch?v=2HcIJvJX4y8

                                                  • Embedding FreeBSD, MeetBSD 2008
                                                    Source: YouTube bsdconferences channel
                                                    Added: 2008-December-06
                                                    Tags: youtube, meetbsd, meetbsd2008, embedded, freebsd, philip paeps, warner losh
                                                    Files: Flash (38:56)

                                                    Embedding FreeBSD by Warner Losh and Philip Paeps, MeetBSD November 15, 2008 clive URL: http://www.youtube.com/watch?v=Fc3xYrxvIU0

                                                  • Rafal Jaworowski - FreeBSD Embedded Report
                                                    Source: BSDCan - The Technical BSD Conference
                                                    Added: 2008-05-26
                                                    Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, embedded, rafal jaworowski
                                                    Files: PDF file (6 pages, 58 Kb)

                                                    FreeBSD Embedded Report

                                                  • Warner Losh - FreeBSD/mips
                                                    Source: BSDCan - The Technical BSD Conference
                                                    Added: 2008-05-26
                                                    Tags: bsdcan, bsdcan2008, slides, freebsd, mips, embedded, warner losh
                                                    Files: PDF file (19 pages, 1.3 Mb)

                                                    FreeBSD/mips Embedding FreeBSD FreeBSD now runs on the MIPS platform. FreeBSD/mips supports MIPS-32 and MIPS-64 targets, including SMP for multicore support. FreeBSD/mips is targeted at the embedded MIPS marketplace. FreeBSD has run on the MIPS platform for many years. Juniper ported FreeBSD to the Mips platform in the late 1990's. However, concern about intellectual property issues kept Juniper from contributing the port back to FreeBSD until recently. The contributed port was a 64-bit mips port. In the mean time, many efforts were made to bring FreeBSD to the mips platform. The first substantial effort to bring FreeBSD to the Mips platform was done by Juli Mallet. This effort made it to single user, but never further than that. This effort was abandoned due to a change in Juli's life. The port languished. Two years ago at BSDcan, as my involvement with FreeBSD/arm was growing, I tried to rally the troops into doing a FreeBSD/mips port. My efforts resulted in what has been commonly called the "mips2" effort. The name comes from the choice of //depot/projects/mips2 to host the work in perforce. A number of people worked on the earliest versions of the port, but it too languished and seemed destined to suffer the same fate as earlier efforts. Then, two individuals stood up and started working on the port. Wojciech A. Koszek and Oleksandr Tymoshenko pulled in code from the prior efforts. Through their efforts of stabilizing this code, the port to the single user stage and ported it to three different platforms. Others ported it to a few more. Snapshots of this work were released from time to time. Cavium Networks picked up one of these snapshots and ported it to their multicore mips64 network processor. Cavium has kindly donated much of their work to the comminuty. In December, I started at Cisco systems. My first job was to merge all the divergent variants of FreeBSD/mips and get it into shape to push into the tree. With luck, this should be in the tree before I give my talk. In parallel to this, other advances in the embedded support for FreeBSD have been happening as well. I'll talk about new device drivers, new subsystems, and new build tools that help to support the embedded developer.

                                                  • Rafal Jaworowski - Interfacing embedded FreeBSD with U-Boot
                                                    Source: BSDCan - The Technical BSD Conference
                                                    Added: 2008-05-21
                                                    Tags: bsdcan, bsdcan2008, slides, embedded, freebsd, u-boot, rafal jaworowski
                                                    Files: PDF file (26 pages, 300 Kb)

                                                    Interfacing embedded FreeBSD with U-Boot Working with the de facto standard for an initial level boot loader In the embedded world U-Boot is a de facto standard for an initial level boot loader (firmware). It runs on a great number of platforms and architectures, and is open source. This talk covers the development work on integrating FreeBSD with U-Boot-based systems. Starting with an overview of differences between booting an all-purpose desktop computer vs. embedded system, FreeBSD booting concepts are explained along with requirements for the underlying firmware. Historical attempts to interface FreeBSD with this firmware are mentioned and explanation given on why they failed or proved incomplete. Finally, the recently developed approach to integrate FreeBSD and U-Boot is presented, with implementation details and particular attention on how it's been made architecture and platform independent, and how loader(8) has been bound to it.

                                                  embedding freebsd

                                                  emc lab

                                                  emulab

                                                  encryption

                                                  engineering applications

                                                  • EuroBSDCon 2008 - Pedro Giffuni - Working with Engineering Applications in FreeBSD
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, engineering applications, pedro giffuni
                                                    Files: OGG (1 byte, 51 minutes), MP3 (1 byte, 51 minutes), PDF (1 byte, n pages)

                                                    In recent years, traditional branches of engineering like Civil, Chemical, Mechanical, Electrical and Industrial Engineering are requiring extensive computing facilities for their needs. Several well known labs (Sandia, Lawrence Livermore) rely on huge clusters to do all types of complex analysis that were unthinkable a couple of decades ago. While the free BSD variants share the environment with traditional UNIX systems, frequently used for such computations, it was not common to find adequate free software packages to carry complex calculations. Eventually commercial versions of important math related packages started to appear for the Linux platform. Even when the big packages were distant, the BSDs learned and adapted in resourceful ways: Matlab and Mathematica, running under Linux emulation, demanded functionality from the BSDs and NetBSD implemented a signal trampoline to be able to run AutoCAD with IRIX binary compatibility. A notable project that was always available under a free license was Berkeley's Spice circuit analysis program, however it was an exception rather than the rule. Even when the scientific community pressed for a while to get other important tools like NASA's FEA package Nastran under a free license, the objective of being able to access and enhance open scientific tools was elusive. About a decade ago the situation started to improve: FreeBSD's ports system started growing exponentially, first with a high content in the math category, afterwards with a CAD section and after sustained growth in those categories a science section was created. This growth was mostly pushed by Universities and their research projects and in general are not well known with respect to the commercial counterparts. I started porting math/engineering code for FreeBSD around 1996. Back then it was absolutely unthinkable for a Mechanical Engineer to depend only on FreeBSD for it's daily work. The situation nowadays is different: there are some very high quality engineering analysis packages like EDF's Code Aster, with more than 12 years of professional development, that just can't be ignored. A Finite Element package, like Code Aster, can easily cost 5000 US$, is priced according to the maximum problem size it can solve, can require yearly licenses, and is rarely available with source code. In NASTRAN's case the source code is only available for US citizens under a yearly fee. Free software does have serious limitations though; just like in office applications there are proprietary CAD formats or sometimes the package simply doesn't have the required functionality. Having the sources, of course, always has the advantage of being able to implement (or pay for) some specific functionality you might need. Many commercial packages have been recently ported to Linux, but even when they gain some of the advantages of an open environment they still have yet another limitation: they have been very slow to make use of the multicored features of the new processors in the market, a huge limitation now that the speed war between processors has been limited by the overheating problem. The objective of the talk is to give an overview of several CAD/CAE packages that have been made available recently as part of FreeBSD's ports system and the decisions that were made to port them. BRLCAD and Varkon are two CAD utilities that made a transition from closed source to an open environment and in the process in the process of getting ported to BSD have gained greater portability and general "bug" fixes critical for their consolidation as usable and maintainable projects. There are also some tricks that have not been well documented: it is possible to enable threads and some extra optimizations on some packages, and it is also possible to replace the standard BLAS library with the faster GOTO BLAS without rebuilding the package. It is also possible to build the packages optimized for a clustered environment, but perhaps what is most interesting of all is how all the packages interrelate with each other and can turn FreeBSD into a complete enginering environment. No OS distribution so far is offering all the engineering specific utilities offered through FreeBSD's ports system: from design to visualization, passing through analysis FreeBSD is becoming an option that can't be ignored, and best of all, it is an effort that will benefit not only FreeBSD but the wider audience. Pedro F. Giffuni M. Sc. Industrial Engineering - University of Pittsburgh Mechanical Engineer - Universidad Nacional de Colombia I was born in Bogota, Colombia but I am an Italian citizen. My experience with computers started when I was about 12 years old With the TRS-80 Color Computer first using Basic and the OS-9. I studied electronics for 3 years but became tired of worrying about "whatever happened to electrons in there" and moved to Mechanical Engineering. For a while I rested from the computer world until the Internet came stepping along. I started using FreeBSD around 1995 and soon fell in love with the idea of being able to install a complete version of UNIX from the net with just one floppy. After submitting a the 999th port to the FreeBSD project Walnut Creek was kind enough to give me a subscription for several years to FreeBSD's CD-ROM. Since then I've been on and off porting software packages or fixing the bugs I have caused while porting them. Of course there has always been great respect for the other BSDs and their wonderful license and while I've given up on the idea of one day seeing a "UnifiedBSD" I am glad to see different approaches sharing ideas in a healthful environment. Keywords: BSD, engineering, CAE, CAD, math, mechanical, FreeBSD ports

                                                  enterprise security

                                                  • Matthew Burnside: Integrated Enterprise Security Mgmt
                                                    Source: New York City *BSD User Group
                                                    Added: 2007-03-09
                                                    Tags: mp3, presentation, enterprise security, matthew burnside
                                                    Files: MP3 version

                                                    Integrated Enterprise Security Management Security policies are a key component in protecting enterprise networks. But, while there are many diverse defensive options available, current models and mechanisms for mechanically-enforced security policies are limited to traditional admission-based access control. Defensive capabilities include among others logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, while policy enforcement is essentially limited to one-off access control. Furthermore, access-control mechanisms operate independently on each service, which can (and often does) lead to inconsistent or incorrect application of the intended system-wide policy. We propose a new scheme for global security policies. Every policy decision is made with near-global knowledge, and re-evaluated as global knowledge changes. Using a variety of actuators, we make the full array of defensive capabilities available to the global policy. Our goal is a coherent, enterprise-wide response to any network threat. Biography Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His main research interests are in computer security, trust management, and network anonymity.

                                                  erwin lansing

                                                  eurobsdcon

                                                  • Joerg Sonnenberger
                                                    Source: bsdtalk
                                                    Added: 2007-November-18
                                                    Tags: bsdtalk, interview, eurobsdcon, eurobsdcon2007, michael dexter, joerg sonnenberger
                                                    Files: MP3 version (8 Mb, 17 minutes), Ogg version (17 minutes)

                                                    Michael Dexter sent me an interview he recorded on behalf of BSDTalk with Joerg Sonnenberger at EuroBSDCon 2007.

                                                  • Sidsel Jensen from EuroBSDCon
                                                    Source: bsdtalk
                                                    Added: 2007-06-25
                                                    Tags: bsdtalk, interview, eurobsdcon, eurobsdcon2007, sidsel jensen
                                                    Files: MP3 version (5 Mb, 9 minutes), Ogg version (9 minutes)

                                                    Interview with Sidsel Jensen from www.eurobsdcon.org.

                                                  • EuroBSDCon Organizer Massimiliano Stucchi
                                                    Source: bsdtalk
                                                    Added: 2006-November-03
                                                    Tags: bsdtalk, interview, eurobsdcon, eurobsdcon2006, massimiliano stucchi
                                                    Files: MP3 version (4 Mb, 8 minutes), Ogg version (8 minutes)

                                                    Interview with EuroBSDCon organizer Massimiliano Stucchi.

                                                  • EuroBSDCon 2008 - Paeps Philip - How-to embed FreeBSD
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, embed, freebsd, philip paeps
                                                    Files: OGG (1 byte, 43 minutes), MP3 (1 byte, 43 minutes), PDF (1 byte, 17 pages)

                                                    This paper provides a how-to embed FreeBSD. A console server built form an AT91RM9200 based ARM system will be explored. This paper will talk about the selection of hardware. It will explore creating images for the target system, as well as concentrate on different alternatives for deploying the system. A number of different options exist today, and no comprehensive guide for navigating through the choices exists today. This paper will explore the different alternatives that exist today for producing images targeted at different size requirements. The differing choices for storage in an embedded environment are explored. The techniques used to access rich debugging environments are discussed.

                                                  • EuroBSDCon 2008 - George Neville-Neil - Multicast Performance in FreeBSD
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, multicast, freebsd, george neville-neil
                                                    Files: OGG (1 byte, 39 minutes), MP3 (1 byte, 39 minutes), PDF (1 byte, n pages)

                                                    In the past ten years most of the research in network protocols has gone into TCP, leaving UDP to languish as a local configuration protocol. While the majority of Internet traffic is TCP, UDP remains the only IP protocol that works over multicast and as such has some specific, and interesting uses in some areas of computing. In 2008 we undertook a study of the performance of UDP multicast on both 1Gbps and 10Gbps Ethernet networks in order to see if changing the physical layer of the network would give a linear decrease in packet latency. To measure the possible gains we developed a new network protocol test program, mctest, which is capable of recording packet round trip times from many hosts simultaneously and which we believe accurately represents how many environments use multicast. The mctest program has been integrated into FreeBSD and is now being used to verify the proper operation of multicast on various pieces of 10Gbps hardware.

                                                  • EuroBSDCon 2008 - Pedro Giffuni - Working with Engineering Applications in FreeBSD
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, engineering applications, pedro giffuni
                                                    Files: OGG (1 byte, 51 minutes), MP3 (1 byte, 51 minutes), PDF (1 byte, n pages)

                                                    In recent years, traditional branches of engineering like Civil, Chemical, Mechanical, Electrical and Industrial Engineering are requiring extensive computing facilities for their needs. Several well known labs (Sandia, Lawrence Livermore) rely on huge clusters to do all types of complex analysis that were unthinkable a couple of decades ago. While the free BSD variants share the environment with traditional UNIX systems, frequently used for such computations, it was not common to find adequate free software packages to carry complex calculations. Eventually commercial versions of important math related packages started to appear for the Linux platform. Even when the big packages were distant, the BSDs learned and adapted in resourceful ways: Matlab and Mathematica, running under Linux emulation, demanded functionality from the BSDs and NetBSD implemented a signal trampoline to be able to run AutoCAD with IRIX binary compatibility. A notable project that was always available under a free license was Berkeley's Spice circuit analysis program, however it was an exception rather than the rule. Even when the scientific community pressed for a while to get other important tools like NASA's FEA package Nastran under a free license, the objective of being able to access and enhance open scientific tools was elusive. About a decade ago the situation started to improve: FreeBSD's ports system started growing exponentially, first with a high content in the math category, afterwards with a CAD section and after sustained growth in those categories a science section was created. This growth was mostly pushed by Universities and their research projects and in general are not well known with respect to the commercial counterparts. I started porting math/engineering code for FreeBSD around 1996. Back then it was absolutely unthinkable for a Mechanical Engineer to depend only on FreeBSD for it's daily work. The situation nowadays is different: there are some very high quality engineering analysis packages like EDF's Code Aster, with more than 12 years of professional development, that just can't be ignored. A Finite Element package, like Code Aster, can easily cost 5000 US$, is priced according to the maximum problem size it can solve, can require yearly licenses, and is rarely available with source code. In NASTRAN's case the source code is only available for US citizens under a yearly fee. Free software does have serious limitations though; just like in office applications there are proprietary CAD formats or sometimes the package simply doesn't have the required functionality. Having the sources, of course, always has the advantage of being able to implement (or pay for) some specific functionality you might need. Many commercial packages have been recently ported to Linux, but even when they gain some of the advantages of an open environment they still have yet another limitation: they have been very slow to make use of the multicored features of the new processors in the market, a huge limitation now that the speed war between processors has been limited by the overheating problem. The objective of the talk is to give an overview of several CAD/CAE packages that have been made available recently as part of FreeBSD's ports system and the decisions that were made to port them. BRLCAD and Varkon are two CAD utilities that made a transition from closed source to an open environment and in the process in the process of getting ported to BSD have gained greater portability and general "bug" fixes critical for their consolidation as usable and maintainable projects. There are also some tricks that have not been well documented: it is possible to enable threads and some extra optimizations on some packages, and it is also possible to replace the standard BLAS library with the faster GOTO BLAS without rebuilding the package. It is also possible to build the packages optimized for a clustered environment, but perhaps what is most interesting of all is how all the packages interrelate with each other and can turn FreeBSD into a complete enginering environment. No OS distribution so far is offering all the engineering specific utilities offered through FreeBSD's ports system: from design to visualization, passing through analysis FreeBSD is becoming an option that can't be ignored, and best of all, it is an effort that will benefit not only FreeBSD but the wider audience. Pedro F. Giffuni M. Sc. Industrial Engineering - University of Pittsburgh Mechanical Engineer - Universidad Nacional de Colombia I was born in Bogota, Colombia but I am an Italian citizen. My experience with computers started when I was about 12 years old With the TRS-80 Color Computer first using Basic and the OS-9. I studied electronics for 3 years but became tired of worrying about "whatever happened to electrons in there" and moved to Mechanical Engineering. For a while I rested from the computer world until the Internet came stepping along. I started using FreeBSD around 1995 and soon fell in love with the idea of being able to install a complete version of UNIX from the net with just one floppy. After submitting a the 999th port to the FreeBSD project Walnut Creek was kind enough to give me a subscription for several years to FreeBSD's CD-ROM. Since then I've been on and off porting software packages or fixing the bugs I have caused while porting them. Of course there has always been great respect for the other BSDs and their wonderful license and while I've given up on the idea of one day seeing a "UnifiedBSD" I am glad to see different approaches sharing ideas in a healthful environment. Keywords: BSD, engineering, CAE, CAD, math, mechanical, FreeBSD ports

                                                  • EuroBSDCon 2008 - Constantine Murenin - OpenBSD Hardware Sensors Framework
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, presentation, openbsd, hardware sensors, constantine murenin
                                                    Files: PDF (539395 bytes, 38 pages)

                                                    In this talk, we will discuss the past and present history and the design principles of the OpenBSD hardware sensors framework. Sensors framework provides a unified interface for storing, registering and accessing information about hardware monitoring sensors. Sensor types include, but are not limited to, temperature, voltage, fan RPM, time offset and logical drive status. The framework spans sensor_attach(9), sysctl(3), sysctl(8), sensorsd(8), ntpd(8), snmpd(8) and more than 67 drivers, ranging from I2C temperature sensors and Super I/O hardware monitors to IPMI, RAID and SCSI enclosures. Several third-party tools are also available, for example, a plug-in for Nagios and ports/sysutils/symon. Originally based on some ideas from NetBSD, the framework has sustained many improvements in OpenBSD, and was ported and committed to FreeBSD and DragonFly BSD. Constantine A. Murenin is an MMath graduate student at the David R. Cheriton School of Computer Science at the University of Waterloo (CA). Prior to his graduate appointment, Constantine attended and subsequently graduated from East Carolina University (US) and De Montfort University (UK), receiving two bachelor degrees in computer science, with honors and honours respectively. A FreeBSD Google Summer of Code 2007 Student, OpenBSD Committer and Mozilla Contributor, Constantine's interests range from standards compliance and usability at all levels, to quiet computing and hardware monitoring. http://Constantine.SU/

                                                  • EuroBSDCon 2008 - Ion-Mihai Tetcu - Improving FreeBSD ports/packages quality
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, ports, packages, ion-mihai tetcu
                                                    Files: OGG (1 byte, 56 minutes), MP3 (1 byte, 56 minutes), PDF (1 byte, n pages)

                                                    This talk is focused on ways to improve the quality of FreeBSD's ports and packages and it's partially based on the 5 months experience of writing and running the consecutive versions of "QA Tindy". Ion-Mihai "IOnut" Tetcu is a 28 years old FreeBSD ports committer and maintains about 40 ports scattered in the Ports Tree. He lives in Bucharest, Romania where he runs and co-owns an IT company and he's a member of Romanian FreeBSD and FreeUnix User Group (RoFUG). His non-IT interests include history, philosophy and mountain climbing.

                                                  • EuroBSDCon 2008 - Yvan Vanhullebus - IPSec tools: past, present and future
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, ipsec, yvan vanhullebus
                                                    Files: OGG (1 byte, 46 minutes), MP3 (1 byte, 46 minutes), PDF (1 byte, n pages)

                                                    The first part will explain what have been major changes since Manu's presentation at Bale's EuroBSDCon, including more detailed informations on changes which have a significant impact on administrator's bad habits (why the common way of doing it is bad, why it was sometimes needed in the past, how to do it the good way now, why this is far better), on both the UserLand (ipsec-tools project) and maybe in [Free|Net]BSD kernels/ IPSec stacks. The second part will talk about the future of the project. News of the next major version (which may be out or about to be out when we'll be ate EuroBSDCon), news works which are planned or which are done but not yet public, but also news about the team: it's new members, new tools, what we would like to do in tue future, a Yvan VANHULLEBUS works as an R&D security engineer for NETASQ since 2000, where he works on FreeBSD OS. He started to work on KAME's IPSec stack in 2001, provided many patches for various parts of the stack, then became one of the maintainers of ipsec-tools project, a fork of KAME's userland daemon. He became a NetBSD developper when ipsec-tools was migrated to NetBSD's CVS.

                                                  • EuroBSDCon 2008 Keynote - George Neville-Neil - Thinking about thinking code
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, george neville-neil
                                                    Files: OGG (1 byte, 37 minutes), MP3 (1 byte, 37 minutes), PDF (1 byte, n pages)

                                                    EuroBSDCon 2008 Keynote - George Neville-Neil - Thinking about thinking code

                                                  • EuroBSDCon 2008 - Robert Watson - FreeBSD Network Stack Performance Optimizations for Modern Hardware
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, network stack, hardware, robert watson
                                                    Files: OGG (1 byte, 53 minutes), MP3 (1 byte, 53 minutes), PDF (1 byte, n pages)

                                                    The arrival of high CPU core density, with commodity quad-core notebooks and 32-core servers, combined with 10gbps networking have transformed network design principles for operating systems. This talk will describe changes in the FreeBSD 6.x, 7.x, and forthcoming 8.x network stacks required to exploit multiple cores and serve 10gbps networks. The goal of the session will be to introduce the audience to general strategies used to improve performance, their rationales, and their impact on applications and users: Introduction to the SMPng Project and the follow-on Netperf Project Workloads and performance measurement Efficient primitives to support modern network stacks Multi-core and cache-aware network memory allocator Fine-grained network stack locking Load-balancing and contention-avoidance across multiple CPUs CPU affinity for network stack data structures TCP performance enhancements including TSO, LRO, and TOE Zero-copy Berkely Packet Filter (BPF) buffers Direct network stack dispatch from interrupt handlers Multiple input and output queues Robert Watson is a researcher at the University of Cambridge Computer Laboratory investinging operating system and network security. Prior to joining the Computer Laboratory to work on a PhD, he was Senior Principal Scientist at McAfee Research, now SPARTA ISSO, a leading security research and development organization, directing government and commercial research contracts for customers that include DARPA, the US Navy, and Apple Computer. His research interests include operating system security, network stack structure and performance, and windowing system structure. He is also a member of the FreeBSD Core Team and president of the FreeBSD Foundation.

                                                  • EuroBSDCon 2008 - Martin Schuette - Improved NetBSD Syslogd
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, netbsd, syslogd, martin schuette
                                                    Files: OGG (1 byte, 42 minutes), MP3 (1 byte, 42 minutes), PDF (1 byte, n pages)

                                                    Martin Schuette has three main goals, defined by three internet drafts to implement: TLS transport is the most obvious improvement: it provides a reliable network transport with data encryption and peer authentication. To make full use of this a buffering mechanism to bridge temporary network errors is implemented as well. Syslog-protocol extends the message format to use a complete timestamp, include a fully qualified domain name, and allow UTF-8 messages. It also offers a structured data field to unambiguously encode application dependent information. Syslog-sign will allow any syslog sender to digitally sign its messages, so their integrity can be verified later. This enable the detection of loss, deletion or other manipulation syslog data after network transfer or archiving on storage media. Martin Schuette is a student of computer science in Potsdam, Germany, and has been working as a part-time system administrator for BSD servers since 2004. In 2007 Martin Schuette already gave a talk on Syslog at the Chemnitze Linux-Tage (http://chemnitzer.linux-tage.de/2007/vortraege/detail.html?idx=547 in german; for a newer english version see these slides for a seminar talk: http://fara.cs.uni-potsdam.de/~mschuett/uni/syslog-protocols-080522.pdf).

                                                  • EuroBSDCon 2008 - Aggelos Economopoulos - An MP-capable network stack for DragonFlyBSD with minimal use of locks
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, dragonflybsd, mp, network stack, aggelos economopoulos
                                                    Files: OGG (1 byte, 42 minutes), MP3 (1 byte, 42 minutes), PDF (1 byte, n pages)

                                                    Given the modern trend towards multi-core shared memory multiprocessors, it is inconceivable for production OS kernels not to be reentrant. The typical approach for allowing multiple execution contexts to simultaneously execute in kernel mode has been to use fine-grained locking for synchronising access to shared resources. While this technique has been proven efficient, empirical evidence suggests that the resulting locking rules tend to be cumbersome even for the experienced kernel programmer, leading to bugs that are hard to diagnose. Moreover, scaling to more processors requires extensive use of locks, which may impose unnecessary locking overhead for small scale multiprocessor systems. This talk will describe the typical approach and then discuss the alternative approach taken in the DragonFlyBSD network stack. We will give an overview of the various protocol threads employed for network I/O processing and the common-case code paths for packet reception and transmission. Additionally, we'll need to make a passing reference to DragonFlyBSD's message passing model. This should establish a baseline, allowing us to focus on the recent work by the author to eliminate use of the Big Giant Lock in the performance-critical paths for the TCP and UDP protocols. The decision to constrain this work on the two by far most widely-used transport protocols was made in order to (a) limit the amount of work necessary and (b) explore the effectiveness of the approach on the cases that matter at this point in time.

                                                  • EuroBSDCon 2008 - Edd Barret - Modern Typesetting on BSD
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, typesetting, bsd, edd barrett
                                                    Files: OGG (1 byte, 33 minutes), MP3 (1 byte, 33 minutes), PDF (1 byte, n pages)

                                                    Edd Barrett will speak about using the BSD Platform as a means of typesetting from a practical standpoint at EuroBSDcon 2008. Edd Barrett does not wish to go into the technicalities of each typesetter, but rather state which are good for certain types of document, and which tools (ports and packages), integrate well with the available typesetters. Edd Barrett os a student from the UK, currently on "placement year" as a systems administrator for Bournemouth University. Open Source *NIX has been his platform of choice for many years and he has been using OpenBSD for about 3 years now, simply because it is small, clean, correct and secure. Just recently he has started developing things I want or need for OpenBSD.

                                                  • EuroBSDCon 2008 - Michael Dexter - Zen and the Art of Multiplicity Maintenance: An applied survey of BSD-licensed multiplicity strategies from chroot to mult
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, bsd, michael dexter
                                                    Files: OGG (1 byte, 38 minutes), MP3 (1 byte, 38 minutes), PDF (1 byte, n pages)

                                                    Many BSD-licensed strategies of various levels of maturity exist to implement multiplicity, herein defined as the introduction of plurality to traditionally singular computing environments via isolation, virtualization, or other method. For example, the chroot utility introduces an additional isolated root execution environment within that of the host; or an emulator provides highly-isolated virtual systems that can run complete native or foreign operating systems. Motivations for multiplicity vary, but a demonstrable desire exists for users to obtain root or run a foreign binary or operating system. We propose a hands-on survey of portable and integrated BSD-licensed multiplicity strategies applicable to the FreeBSD, OpenBSD, DragonFlyBSD and NetBSD operating systems on the i386 architecture. We will also address three oft-coupled disciplines: software storage devices, the installation of operating system and userlands in multiplicity environments plus the management of select multiplicity environments. Finally we will comment on each strategies potential limits of isolation, compatibility, independence and potential overhead in comparison to traditional systems. Keywords: multiplicity, virtualization, chroot, jail, hypervisor, xen, compat. Michael Dexter has used Unix systems since 1991 and BSD-licensed multiplicity strategies for over five years. He is the Program Manager at the BSD Fund and Project Manager of the BSD.lv Project.

                                                  • EuroBSDCon 2008 - Nick Barkas - Dynamic memory allocation for dirhash in UFS2
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, ufs2, nick barkas
                                                    Files: OGG (1 byte, 32 minutes), MP3 (1 byte, 32 minutes), PDF (1 byte, n pages)

                                                    Hello My name is Nick Barkas. I'm a master's student studying scientific computing at Kungliga Tekniska hgskolan (KTH) in Stockholm, Sweden. I have just begun work on a Google Summer of Code project with FreeBSD: Dynamic memory allocation for dirhash in UFS2 . I would like to present my results from this project at EuroBSDCon this year. This project is very much a work in progress now so it is a bit difficult to summarize what I would ultimately present. I will try to describe an outline, though. First I will give background information on dirhash: an explanation of the directory data structure in UFS2, how directory lookups in this structure necessitate a linear search, and how dirhash speeds these lookups up without having to change anything about the directory data structure. Next I will explain the current limitation that dirhash's maximum memory use must be manually specified by administrators, or left at a small conservative default of 2MB. I will explain some different methods I will have explored to try and make this maximum memory limit dynamically increase and decrease as the system has more or less free memory, and which method I will have ultimately settled on and implemented. Then I'll present some test results of performance of operations on very large directories with and without dynamic memory allocation enabled for dirhash. Next I will talk about how speed gains from dirhash are limited by the fact that the hash tables exist only in memory and must be recreated after each system boot, as big directories are scanned for the first time, or even have to be recreated for a directory that has not been scanned in some time if its dirhash has been discarded to free memory. These problems can be eliminated by using an on-disk index for directory entries. I will talk about some of the challenges of implementing on-disk indexing, such as remaining backwards compatible with older versions of UFS2 and interoperating properly with softupdates. Then, if my SoC project has permitted me time to work on this aspect of it, I will explain some possible methods for adding directory indexing to UFS2 that meets these challenges, and which of those ideas I will have implemented. Finally I will present results of some benchmarks on this filesystem with indices, and compare to performance with dirhash, and with no indices or dirhashes. Keywords: dirhash, ufs2, filesystems, performance tuning

                                                  • EuroBSDCon 2008 - Paul Richards - eXtreme Programming: FreeBSD a case study
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, extreme programming, paul richards
                                                    Files: OGG (1 byte, 54 minutes), MP3 (1 byte, 54 minutes), PDF (1 byte, n pages)

                                                    Traditional project management methodologies are typically based on the waterfall model where there are distinct phases: requirements capture, design, implementation, testing, delivery. Once a project has moved on to the next phase there is no going back. The end result is often a late project that no-one wants anymore because the requirements have fundamentally changed by the time the project is delivered.

                                                  • EuroBSDCon 2008 - Hauke Fath - Managing BSD desktop clients - Fencing in the herd
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, bsd, desktop, hauke fath
                                                    Files: OGG (1 byte, 50 minutes), MP3 (1 byte, 50 minutes), PDF (1 byte, n pages)

                                                    The members of the BSD family have traditionally prospered off the desktop, as operating systems on servers and embedded systems. The advent of MacOS X has marked a change, and moved the desktop more into focus. Modern desktop systems create a richer software landscape, with more diverse requirements, than their server counterparts. User demands, software package interdependencies and frequent security issues result in a change rate that can put a considerable load on the admin staff. Without central management tools, previously identical installations diverge quickly. This paper looks at concepts and strategies for managing tens to hundreds of modern, Unix-like desktop clients. The available management tools range from simple, image-based software distribution, mainly used for setting up uniform clients, to "intelligent" rule-based engines capable of search-and-replace operations on configuration files. We will briefly compare their properties and limitations, then take a closer look at Radmind, a suite for file level administration of Unix clients. Radmind has been in use in the Institute of Telecommunication at Technische Universitt Darmstadt for over three years, managing NetBSD and Debian Linux clients in the labs as well as faculty members' machines. We will explore the Radmind suite's underlying concepts and functionality. In order to see how the concept holds up, we will discuss real-world scenarios from the system life-cycle of Installation, configuration changes, security updates, component updates, and system upgrades. Hauke Fath works as a systems administrator for the Institut fr Nachrichtentechnik (telecommunication) at Technische Universitt Darmstadt. He has been using NetBSD since 1994, when he first booted a NetBSD 1.0A kernel on a Macintosh SE/30. NetBSD helped shaping his career by causing a slow drift from application programmer's work towards systems and network administration. Hauke Fath holds a MS in Physics and became a NetBSD developer in late 2006. Keywords: Managing Unix desktop clients, software distribution, tripwire

                                                  • EuroBSDCon 2008 - Joerg Sonnenberger - Sleeping beauty - NetBSD on Modern Laptops
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, netbsd, laptops, joerg sonnenberger
                                                    Files: OGG (1 byte, 54 minutes), MP3 (1 byte, 54 minutes), PDF (1 byte, n pages)

                                                    This paper discusses the NetBSD Power Management Framework (PMF) and related changes to the kernel. The outlined changes allow NetBSD to support essential functions like suspend-to-RAM on most post-Y2K X86 machines. They are also the fundation for intelligent handling of device activity by enabling devices on-demand. This work is still progressing. Many of the features will be available in the up-coming NetBSD 5.0 release The NetBSD kernel is widely regarded to be one of the cleanest and most portable Operating System kernels available. For various reasons it is also assumed that NetBSD only runs well on older hardware. In the summer of 2006 Charles Hannum, one of the founders of NetBSD, left with a long mail mentioning as important issues the lack of proper power management and suspendto- RAM support. One year later, Jared D. McNeill posted a plan for attacking this issue based on ideas derived from the Windows Driver Model. This plan would evolve into the new NetBSD Power Management Framework (PMF for short).

                                                  • EuroBSDCon 2008 - Brooks Davis - Isolating cluster jobs for performance and predictability
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, cluster, brooks davis
                                                    Files: OGG (1 byte, 51 minutes), MP3 (1 byte, 51 minutes), PDF (1 byte, n pages)

                                                    The Aerospace Corporation operates a federally funded research and development center in support of national-security, civil and commercial space programs. Many of our 2400+ engineers use a variety of computing technologies to support their work. Applications range from small models which are easily handled by desktops to parameter studies involving thousands of cpu hours and traditional, large scale parallel codes such as computational fluid dynamics and molecular modeling applications. Our primary resources used to support these large applications are computing clusters. Our current primary cluster, the Fellowship cluster consists of 352 dual-processor nodes with a total of 14xx cores. Two additional clusters, beginning at 150 dual-processor nodes each are being constructed to augment Fellowship. As in In any multiuser computing environment with limited resources, user competition for resources is a significant burden. Users want everything they need to do their job, right now. Unfortunately, other users may need those resources at the same time. Thus, systems to arbitrate this resource contention are necessary. On Fellowship we have deployed the Sun Grid Engine scheduler which scheduled batch jobs across the nodes. In the next section we discuss the performance problems that can occur when sharing resources in a high performance computing cluster. We then discuss range of possibilities to address these problems. We then explain the solutions we are investigating and describe our experiments with them. We then conclude with a discussion of future work.

                                                  • EuroBSDCon 2008 - Russel Sutherland - UTORvpn: A BSD based VPN service for the masses
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, vpn, russel sutherland
                                                    Files: OGG (1 byte, 52 minutes), MP3 (1 byte, 52 minutes), PDF (1 byte, n pages)

                                                    The University of Toronto is a large educational institutional with over 70,000 students and 10,000 staff and faculty. For the past three years, we have developed and implemented a ubiquitous VPN service, based up on OpenVPN and FreeBSD. The service has over 3000 active customers, with up to 35 simultaneous users. The system supports, Linux, Mac OS X and Windows XP/Vista/2000 clients. Tools have been developed to create a central CA which enables users to log in to a secure server and get their customized client, certificates and configuration. The NSIS installer is used to generate the customized windows installers. Similar packages are generated for the various Unix based clients. Additional WWW/PHP based tools, have been developed to monitor and log usage of the service, using standard graphs, alarms for excessive use and a certificate revocation mechanism. The system has been integrated into the local identity management system (Kerberos/LDAP) in order to authorize and authenticate users upon initiation and per session usage. All code is Open Source and freely available.

                                                  • EuroBSDCon 2008 - George Neville-Neil - Four years of summer of code
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, google soc, george neville-neil
                                                    Files: OGG (1 byte, 27 minutes), MP3 (1 byte, 27 minutes), PDF (1 byte, n pages)

                                                    The Google Summer of Code is a program designed to provide students with real world experience contributing to open source projects during the summer break in university studies. Each year Google selects a number of open source projects to act as mentoring organizations. Students are invited to submit project proposals for the open source projects that are most interesting to them. FreeBSD was one of the projects selected to participate in the inaugural Summer of Code in 2005 and we have participated each year since then. Over the past 4 years a total of 79 students have participated in the program and it has become a very significant source of new committers to FreeBSD. This talk will examine in detail the selection criteria for projects, the impact that successful projects have had, and some suggestions for how we can better leverage this program in the future.

                                                  • EuroBSDCon 2008 - Anttii Kantee - Converting kernel file systems to services
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, anttii kantee
                                                    Files: OGG (1 byte, 55 minutes), MP3 (1 byte, 55 minutes), PDF (1 byte, n pages)

                                                    ABSD/UNIX operating system is traditionally split into two pieces: the kernel and userspace. Historically the reasons for this were clear: the UNIX kernel was a simple entity. However, over time the kernel has grown more and more complex. Currently, most of the same functionality is available both in userspace and the kernel, but under different names. Examples include synchronization routines and threading support. For instance, to lock a mutex in the NetBSD kernel, the call is mutex_enter(), while in userspace the routine which does exactly the same thing is known as pthread_mutex_enter(). Taking another classic example, a BSD style OS has malloc()/free() available both in userspace and the kernel, but with different linkage (the kernel malloc interface is currently being widely deprecated, though). This imposes a completely arbitrary division between the kernel and userspace. Most functionality provided by an opearating system should be treated as a service instead of explicitly pinning it down as a userspace daemon or a kernel driver. Currently, due to the arbitrarily difference in programming interface names, functionality must be explicitly ported between the kernel and userspace if it is to run in one or the other environment. By unifying the environments where possible, the arbitrary division is weakened and porting between these environments becomes simpler. Antti Kantee has been a NetBSD developer for many many moons. He has managed to work on quite a few bits and pieces of a BSD system: userland utilities, the pkgsrc packaging system, networking, virtual memory, device drivers, hardware support and file systems. See also http://www.netbsd.org/docs/puffs/rump.htm

                                                  • EuroBSDCon 2008 - Matthieu Herrb - Input handling in wscons and X.Org
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, wscons, x.org, matthieu herrb
                                                    Files: OGG (1 byte, 57 minutes), MP3 (1 byte, 57 minutes), PDF (1 byte, n pages)

                                                    This talk will present the different layers that handle input, from the key that gets pressed or the mouse motion to the applications, all the way through the kernel drivers, X drivers and libraries, in the case of the OpenBSD/NetBSD wscons driver and the current and future X.Org server. It will cover stuff like keyboard mappings, touch-screen calibration, multi-pointer X or input coordinates transformations. It will show some problems of current implementations and try to show how current evolutions can solve them. Matthieu Herrb is maintaing X on OpenBSD. I've been using X on various systems (SunOS, NetBSD, OpenBSD, Mac OS X,...) since 1989. He has been a member of the XFree86 Core Team for a short period in 2003 and is now a member of the X.Org Foundation BoD. Matthieu Herrb works at LAAS a research laborarory of the French National Research Agency (CNRS) both on robotics and network security.

                                                  • EuroBSDCon 2007 Videos
                                                    Source: EuroBSDCon
                                                    Added: 2007-October-10
                                                    Tags: eurobsdcon, eurobsdcon2007, videos
                                                    Files: Antti Kantee - ReFUSE: Userspace FUSE Reimplementation Using puffs (197 Mb), Brooks Davis - Using FreeBSD to Promote Open Source Development Methods (92 Mb), Claudio Jeker - Routing on OpenBSD (394 Mb), George Neville-Neil - Network Protocol Testing in FreeBSD and in General (271 Kb), John P Hartmann - Real Men's Pipes - When UNIX meets the mainframe mindset (315 Mb), Kirk Mckusick - A Brief History of the BSD Fast Filesystem (251 Mb), Pawel Jakub - FreeBSD/ZFS - last word in operating/file systems (203 Mb), Pierre Yves Ritschard - Load Balancing (219 Mb), Ryan Bickhart - Transparent TCP-to-SCTP Translation Shim Layer (376 Mb), Soren Straarup - An ARM from shoulder to hand (141 Mb), Sam Leffler - Long Distance Wireless (for Emerging Regions) (248 Mb), Sam Smith - Fighting "Technical fires" (147 Mb), Simon L Nielsen - The FreeBSD Security Officer function (195 Kb), Stephen Borrill - Building products with NetBSD - thin-clients (364 Mb), Steven Murdoch - Hot or Not: Fingerprinting hosts through clock skew (235 Mb), Yvan VanHullebus - NETASQ and BSD: a success story (382 Mb), Gregers Petersen - Open Source - is it something new? (285 Mb)

                                                    EuroBSDCon 2007 Papers

                                                  • EuroBSDCon 2007 Papers
                                                    Source: EuroBSDCon
                                                    Added: 2007-October-05
                                                    Tags: eurobsdcon, eurobsdcon2007, papers
                                                    Files: Antti Kantee - ReFUSE: Userspace FUSE Reimplementation Using puffs (102 Kb), Brooks Davis - Using FreeBSD to Promote Open Source Development Methods (989 Kb), Brooks Davis - Building clusters with FreeBSD (2.2 Mb), Claudio Jeker - Routing on OpenBSD (1.3 Mb), George Neville-Neil - Network Protocol Testing in FreeBSD and in General (251 Kb), Isaac Levy - FreeBSD jail(8) Overview, the Secure Virtual Server (120 Mb), John P Hartmann - Real Men's Pipes - When UNIX meets the mainframe mindset (382 Kb), John P Hartmann - CMS Pipelines Explained (118 Kb), Kirk Mckusick - A Brief History of the BSD Fast Filesystem (145 Kb), Marc Balmer - Supporting Radio Clocks in OpenBSD (304 Kb), Marko Zec - Network stack virtualization for FreeBSD 7.0 (401 Kb), Pawel Jakub - FreeBSD/ZFS - last word in operating/file systems (337 Kb), Peter Hansteen - Firewalling with OpenBSD's PF packet filter (531 Kb), Pierre Yves Ritschard - Load Balancing (23 Kb), Robert Watson - FreeBSD Advanced Security Features (152 Kb), Ryan Bickhart - Transparent TCP-to-SCTP Translation Shim Layer (491 Kb), Ryan Bickhart - Transparent TCP-to-SCTP Translation Shim Layer (692 Kb), Soren Straarup - An ARM from shoulder to hand (307 Kb), Sam Leffler - Long Distance Wireless (for Emerging Regions) (19 Mb), Sam Smith - Fighting "Technical fires" (1.4 Mb), Simon L Nielsen - The FreeBSD Security Officer function (251 Kb), Stephen Borrill - Building products with NetBSD - thin-clients (407 Kb), Steven Murdoch - Hot or Not: Fingerprinting hosts through clock skew (6.1 Mb), Yvan VanHullebus - NETASQ and BSD: a success story (2.4 Mb)

                                                    EuroBSDCon 2007 Papers

                                                  • EuroBSDCon 2007 Photos
                                                    Source: EuroBSDCon
                                                    Added: 2007-09-26
                                                    Tags: eurobsdcon, eurobsdcon2007, photos, flickr
                                                    Files: Ed Kikkert - EuroBSDCon 2007 taken place in Copenhagen, Denmark 14-15 September 2007 at the Symbion Science Park, Tom (Snow) - Foto's taken bij Tom and Robert of www.snow.nl, Rick van der Zwet, Peternmhansteen, Eystein.aarseth - Photos from EuroBSDCon in Copenhagen, Denmark, september 2007

                                                    EuroBSDCon 2007 Photos by various people

                                                  • Andre Opperman - The papers I write for EuroBSDCon 05
                                                    Source: EuroBSDCon
                                                    Added: 2007-01-14
                                                    Tags: eurobsdcon, eurobsdcon2005, paper, freebsd, networking, andre opperman
                                                    Files: New Networking Features in FreeBSD 6 (92 Kb), Optimizing the FreeBSD IP and TCP Stack (1 Mb)

                                                    The papers I write for EuroBSDCon 05 on New Networking Feature in FreeBSD 6.0 and Optimizing FreeBSD IP and TCP in 7-CURRENT

                                                  • Robert Watson's Slides from EuroBSDCon 2004
                                                    Source: Robert Watson
                                                    Added: 2007-01-14
                                                    Tags: eurobsdcon, eurobsdcon2004, slides, trustedbsd, freebsd, mac, robert watson
                                                    Files: TrustedBSD MAC Framework on FreeBSD and Darwin (270 Kb)

                                                    Robert Watson will describe the design and application of the TrustedBSD MAC Framework, a flexible kernel security framework developed on FreeBSD, and recently experimentally ported to Apple's Darwin operating system. The MAC Framework permits loadable access control kernel modules to be loaded, modifying the security behavior of the operating system, including SEBSD, a port of the SELinux FLASK/TE security model to FreeBSD.

                                                  • Robert Watson's Slides from EuroBSDCon 2006 and FreeBSD Developer Summit
                                                    Source: Robert Watson
                                                    Added: 2007-01-14
                                                    Tags: eurobsdcon, eurobsdcon2006, robert watson
                                                    Files: TrustedBSD presentation on Audit and priv(9) (Developer Summit) (166 Kb), How the FreeBSD Project Works (EuroBSDCon 2006 Full Conference) (4.4 Mb)

                                                    EuroBSDCon 2006 took place in Milan, Italy, and not only offered excellent food on a flexible schedule, but also an interesting array of talks on work spanning the BSD's. On this page, you can find my slides from the FreeBSD developer summit and full conference. Status report on the TrustedBSD Project: introduction and status regarding Audit, plus a TODO list; introduction to the priv(9) work recently merged to 7.x. The FreeBSD Project is one of the oldest and most successful open source operating system projects, seeing wide deployment across the IT industry. From the root name servers, to top tier ISPs, to core router operating systems, to firewalls, to embedded appliances, you can't use a networked computer for ten minutes without using FreeBSD dozens of times. Part of FreeBSD's reputation for quality and reliability comes from the nature of its development organization--driven by a hundreds of highly skilled volunteers, from high school students to university professors. And unlike most open source projects, the FreeBSD Project has developers who have been working on the same source base for over twenty years. But how does this organization work? Who pays the bandwidth bills, runs the web servers, writes the documentation, writes the code, and calls the shots? And how can developers in a dozen time zones reach agreement on the time of day, let alone a kernel architecture? This presentation will attempt to provide, in 45 minutes, a brief if entertaining snapshot into what makes FreeBSD run.

                                                  • Robert Watson's Slides from EuroBSDCon 2005
                                                    Source: Robert Watson
                                                    Added: 2007-01-14
                                                    Tags: eurobsdcon, eurobsdcon2005, slides, freebsd, smp, robert watson, poul-henning kamp, ed maste
                                                    Files: Introduction to Multithreading and Multiprocessing in the FreeBSD SMPng Network Stack (370 Kb)

                                                    EuroBSDCon 2005 took place in Basel, Switzerland in November, 2005. Due to an injury, I was unable to attend the conference itself, and my talks were presented in absentia by Poul-Henning Kamp and Ed Maste, who have my greatest appreciation! The FreeBSD SMPng Project has spent the past five years redesigning and reimplementing SMP support for the FreeBSD operating system, moving from a Giant-locked kernel to a fine-grained locking implementation with greater kernel threading and parallelism. This paper introduces the FreeBSD SMPng Project, its architectural goals and implementation approach. It then explores the impact of SMPng on the FreeBSD network stack, including strategies for integrating SMP support into the network stack, locking approaches, optimizations, and challenges.

                                                  • EuroBSDCon 2006 pictures
                                                    Source: EuroBSDCon
                                                    Added: 2006-November-14
                                                    Tags: eurobsdcon, eurobsdcon2006, photos, christian laursen

                                                    EuroBSDCon 2006 pictures by Christian Laursen

                                                  • EuroBSDCon 2006 pictures
                                                    Source: EuroBSDCon
                                                    Added: 2006-November-14
                                                    Tags: eurobsdcon, eurobsdcon2006, photos, erwin lansing

                                                    EuroBSDCon 2006 pictures by Erwin Lansing (erwin@)

                                                  eurobsdcon2004

                                                  eurobsdcon2005

                                                  eurobsdcon2006

                                                  eurobsdcon2007

                                                  eurobsdcon2008

                                                  • EuroBSDCon 2008 - Paeps Philip - How-to embed FreeBSD
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, embed, freebsd, philip paeps
                                                    Files: OGG (1 byte, 43 minutes), MP3 (1 byte, 43 minutes), PDF (1 byte, 17 pages)

                                                    This paper provides a how-to embed FreeBSD. A console server built form an AT91RM9200 based ARM system will be explored. This paper will talk about the selection of hardware. It will explore creating images for the target system, as well as concentrate on different alternatives for deploying the system. A number of different options exist today, and no comprehensive guide for navigating through the choices exists today. This paper will explore the different alternatives that exist today for producing images targeted at different size requirements. The differing choices for storage in an embedded environment are explored. The techniques used to access rich debugging environments are discussed.

                                                  • EuroBSDCon 2008 - George Neville-Neil - Multicast Performance in FreeBSD
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, multicast, freebsd, george neville-neil
                                                    Files: OGG (1 byte, 39 minutes), MP3 (1 byte, 39 minutes), PDF (1 byte, n pages)

                                                    In the past ten years most of the research in network protocols has gone into TCP, leaving UDP to languish as a local configuration protocol. While the majority of Internet traffic is TCP, UDP remains the only IP protocol that works over multicast and as such has some specific, and interesting uses in some areas of computing. In 2008 we undertook a study of the performance of UDP multicast on both 1Gbps and 10Gbps Ethernet networks in order to see if changing the physical layer of the network would give a linear decrease in packet latency. To measure the possible gains we developed a new network protocol test program, mctest, which is capable of recording packet round trip times from many hosts simultaneously and which we believe accurately represents how many environments use multicast. The mctest program has been integrated into FreeBSD and is now being used to verify the proper operation of multicast on various pieces of 10Gbps hardware.

                                                  • EuroBSDCon 2008 - Pedro Giffuni - Working with Engineering Applications in FreeBSD
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, engineering applications, pedro giffuni
                                                    Files: OGG (1 byte, 51 minutes), MP3 (1 byte, 51 minutes), PDF (1 byte, n pages)

                                                    In recent years, traditional branches of engineering like Civil, Chemical, Mechanical, Electrical and Industrial Engineering are requiring extensive computing facilities for their needs. Several well known labs (Sandia, Lawrence Livermore) rely on huge clusters to do all types of complex analysis that were unthinkable a couple of decades ago. While the free BSD variants share the environment with traditional UNIX systems, frequently used for such computations, it was not common to find adequate free software packages to carry complex calculations. Eventually commercial versions of important math related packages started to appear for the Linux platform. Even when the big packages were distant, the BSDs learned and adapted in resourceful ways: Matlab and Mathematica, running under Linux emulation, demanded functionality from the BSDs and NetBSD implemented a signal trampoline to be able to run AutoCAD with IRIX binary compatibility. A notable project that was always available under a free license was Berkeley's Spice circuit analysis program, however it was an exception rather than the rule. Even when the scientific community pressed for a while to get other important tools like NASA's FEA package Nastran under a free license, the objective of being able to access and enhance open scientific tools was elusive. About a decade ago the situation started to improve: FreeBSD's ports system started growing exponentially, first with a high content in the math category, afterwards with a CAD section and after sustained growth in those categories a science section was created. This growth was mostly pushed by Universities and their research projects and in general are not well known with respect to the commercial counterparts. I started porting math/engineering code for FreeBSD around 1996. Back then it was absolutely unthinkable for a Mechanical Engineer to depend only on FreeBSD for it's daily work. The situation nowadays is different: there are some very high quality engineering analysis packages like EDF's Code Aster, with more than 12 years of professional development, that just can't be ignored. A Finite Element package, like Code Aster, can easily cost 5000 US$, is priced according to the maximum problem size it can solve, can require yearly licenses, and is rarely available with source code. In NASTRAN's case the source code is only available for US citizens under a yearly fee. Free software does have serious limitations though; just like in office applications there are proprietary CAD formats or sometimes the package simply doesn't have the required functionality. Having the sources, of course, always has the advantage of being able to implement (or pay for) some specific functionality you might need. Many commercial packages have been recently ported to Linux, but even when they gain some of the advantages of an open environment they still have yet another limitation: they have been very slow to make use of the multicored features of the new processors in the market, a huge limitation now that the speed war between processors has been limited by the overheating problem. The objective of the talk is to give an overview of several CAD/CAE packages that have been made available recently as part of FreeBSD's ports system and the decisions that were made to port them. BRLCAD and Varkon are two CAD utilities that made a transition from closed source to an open environment and in the process in the process of getting ported to BSD have gained greater portability and general "bug" fixes critical for their consolidation as usable and maintainable projects. There are also some tricks that have not been well documented: it is possible to enable threads and some extra optimizations on some packages, and it is also possible to replace the standard BLAS library with the faster GOTO BLAS without rebuilding the package. It is also possible to build the packages optimized for a clustered environment, but perhaps what is most interesting of all is how all the packages interrelate with each other and can turn FreeBSD into a complete enginering environment. No OS distribution so far is offering all the engineering specific utilities offered through FreeBSD's ports system: from design to visualization, passing through analysis FreeBSD is becoming an option that can't be ignored, and best of all, it is an effort that will benefit not only FreeBSD but the wider audience. Pedro F. Giffuni M. Sc. Industrial Engineering - University of Pittsburgh Mechanical Engineer - Universidad Nacional de Colombia I was born in Bogota, Colombia but I am an Italian citizen. My experience with computers started when I was about 12 years old With the TRS-80 Color Computer first using Basic and the OS-9. I studied electronics for 3 years but became tired of worrying about "whatever happened to electrons in there" and moved to Mechanical Engineering. For a while I rested from the computer world until the Internet came stepping along. I started using FreeBSD around 1995 and soon fell in love with the idea of being able to install a complete version of UNIX from the net with just one floppy. After submitting a the 999th port to the FreeBSD project Walnut Creek was kind enough to give me a subscription for several years to FreeBSD's CD-ROM. Since then I've been on and off porting software packages or fixing the bugs I have caused while porting them. Of course there has always been great respect for the other BSDs and their wonderful license and while I've given up on the idea of one day seeing a "UnifiedBSD" I am glad to see different approaches sharing ideas in a healthful environment. Keywords: BSD, engineering, CAE, CAD, math, mechanical, FreeBSD ports

                                                  • EuroBSDCon 2008 - Constantine Murenin - OpenBSD Hardware Sensors Framework
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, presentation, openbsd, hardware sensors, constantine murenin
                                                    Files: PDF (539395 bytes, 38 pages)

                                                    In this talk, we will discuss the past and present history and the design principles of the OpenBSD hardware sensors framework. Sensors framework provides a unified interface for storing, registering and accessing information about hardware monitoring sensors. Sensor types include, but are not limited to, temperature, voltage, fan RPM, time offset and logical drive status. The framework spans sensor_attach(9), sysctl(3), sysctl(8), sensorsd(8), ntpd(8), snmpd(8) and more than 67 drivers, ranging from I2C temperature sensors and Super I/O hardware monitors to IPMI, RAID and SCSI enclosures. Several third-party tools are also available, for example, a plug-in for Nagios and ports/sysutils/symon. Originally based on some ideas from NetBSD, the framework has sustained many improvements in OpenBSD, and was ported and committed to FreeBSD and DragonFly BSD. Constantine A. Murenin is an MMath graduate student at the David R. Cheriton School of Computer Science at the University of Waterloo (CA). Prior to his graduate appointment, Constantine attended and subsequently graduated from East Carolina University (US) and De Montfort University (UK), receiving two bachelor degrees in computer science, with honors and honours respectively. A FreeBSD Google Summer of Code 2007 Student, OpenBSD Committer and Mozilla Contributor, Constantine's interests range from standards compliance and usability at all levels, to quiet computing and hardware monitoring. http://Constantine.SU/

                                                  • EuroBSDCon 2008 - Ion-Mihai Tetcu - Improving FreeBSD ports/packages quality
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, ports, packages, ion-mihai tetcu
                                                    Files: OGG (1 byte, 56 minutes), MP3 (1 byte, 56 minutes), PDF (1 byte, n pages)

                                                    This talk is focused on ways to improve the quality of FreeBSD's ports and packages and it's partially based on the 5 months experience of writing and running the consecutive versions of "QA Tindy". Ion-Mihai "IOnut" Tetcu is a 28 years old FreeBSD ports committer and maintains about 40 ports scattered in the Ports Tree. He lives in Bucharest, Romania where he runs and co-owns an IT company and he's a member of Romanian FreeBSD and FreeUnix User Group (RoFUG). His non-IT interests include history, philosophy and mountain climbing.

                                                  • EuroBSDCon 2008 - Yvan Vanhullebus - IPSec tools: past, present and future
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, ipsec, yvan vanhullebus
                                                    Files: OGG (1 byte, 46 minutes), MP3 (1 byte, 46 minutes), PDF (1 byte, n pages)

                                                    The first part will explain what have been major changes since Manu's presentation at Bale's EuroBSDCon, including more detailed informations on changes which have a significant impact on administrator's bad habits (why the common way of doing it is bad, why it was sometimes needed in the past, how to do it the good way now, why this is far better), on both the UserLand (ipsec-tools project) and maybe in [Free|Net]BSD kernels/ IPSec stacks. The second part will talk about the future of the project. News of the next major version (which may be out or about to be out when we'll be ate EuroBSDCon), news works which are planned or which are done but not yet public, but also news about the team: it's new members, new tools, what we would like to do in tue future, a Yvan VANHULLEBUS works as an R&D security engineer for NETASQ since 2000, where he works on FreeBSD OS. He started to work on KAME's IPSec stack in 2001, provided many patches for various parts of the stack, then became one of the maintainers of ipsec-tools project, a fork of KAME's userland daemon. He became a NetBSD developper when ipsec-tools was migrated to NetBSD's CVS.

                                                  • EuroBSDCon 2008 Keynote - George Neville-Neil - Thinking about thinking code
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, george neville-neil
                                                    Files: OGG (1 byte, 37 minutes), MP3 (1 byte, 37 minutes), PDF (1 byte, n pages)

                                                    EuroBSDCon 2008 Keynote - George Neville-Neil - Thinking about thinking code

                                                  • EuroBSDCon 2008 - Robert Watson - FreeBSD Network Stack Performance Optimizations for Modern Hardware
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, network stack, hardware, robert watson
                                                    Files: OGG (1 byte, 53 minutes), MP3 (1 byte, 53 minutes), PDF (1 byte, n pages)

                                                    The arrival of high CPU core density, with commodity quad-core notebooks and 32-core servers, combined with 10gbps networking have transformed network design principles for operating systems. This talk will describe changes in the FreeBSD 6.x, 7.x, and forthcoming 8.x network stacks required to exploit multiple cores and serve 10gbps networks. The goal of the session will be to introduce the audience to general strategies used to improve performance, their rationales, and their impact on applications and users: Introduction to the SMPng Project and the follow-on Netperf Project Workloads and performance measurement Efficient primitives to support modern network stacks Multi-core and cache-aware network memory allocator Fine-grained network stack locking Load-balancing and contention-avoidance across multiple CPUs CPU affinity for network stack data structures TCP performance enhancements including TSO, LRO, and TOE Zero-copy Berkely Packet Filter (BPF) buffers Direct network stack dispatch from interrupt handlers Multiple input and output queues Robert Watson is a researcher at the University of Cambridge Computer Laboratory investinging operating system and network security. Prior to joining the Computer Laboratory to work on a PhD, he was Senior Principal Scientist at McAfee Research, now SPARTA ISSO, a leading security research and development organization, directing government and commercial research contracts for customers that include DARPA, the US Navy, and Apple Computer. His research interests include operating system security, network stack structure and performance, and windowing system structure. He is also a member of the FreeBSD Core Team and president of the FreeBSD Foundation.

                                                  • EuroBSDCon 2008 - Martin Schuette - Improved NetBSD Syslogd
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, netbsd, syslogd, martin schuette
                                                    Files: OGG (1 byte, 42 minutes), MP3 (1 byte, 42 minutes), PDF (1 byte, n pages)

                                                    Martin Schuette has three main goals, defined by three internet drafts to implement: TLS transport is the most obvious improvement: it provides a reliable network transport with data encryption and peer authentication. To make full use of this a buffering mechanism to bridge temporary network errors is implemented as well. Syslog-protocol extends the message format to use a complete timestamp, include a fully qualified domain name, and allow UTF-8 messages. It also offers a structured data field to unambiguously encode application dependent information. Syslog-sign will allow any syslog sender to digitally sign its messages, so their integrity can be verified later. This enable the detection of loss, deletion or other manipulation syslog data after network transfer or archiving on storage media. Martin Schuette is a student of computer science in Potsdam, Germany, and has been working as a part-time system administrator for BSD servers since 2004. In 2007 Martin Schuette already gave a talk on Syslog at the Chemnitze Linux-Tage (http://chemnitzer.linux-tage.de/2007/vortraege/detail.html?idx=547 in german; for a newer english version see these slides for a seminar talk: http://fara.cs.uni-potsdam.de/~mschuett/uni/syslog-protocols-080522.pdf).

                                                  • EuroBSDCon 2008 - Aggelos Economopoulos - An MP-capable network stack for DragonFlyBSD with minimal use of locks
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, dragonflybsd, mp, network stack, aggelos economopoulos
                                                    Files: OGG (1 byte, 42 minutes), MP3 (1 byte, 42 minutes), PDF (1 byte, n pages)

                                                    Given the modern trend towards multi-core shared memory multiprocessors, it is inconceivable for production OS kernels not to be reentrant. The typical approach for allowing multiple execution contexts to simultaneously execute in kernel mode has been to use fine-grained locking for synchronising access to shared resources. While this technique has been proven efficient, empirical evidence suggests that the resulting locking rules tend to be cumbersome even for the experienced kernel programmer, leading to bugs that are hard to diagnose. Moreover, scaling to more processors requires extensive use of locks, which may impose unnecessary locking overhead for small scale multiprocessor systems. This talk will describe the typical approach and then discuss the alternative approach taken in the DragonFlyBSD network stack. We will give an overview of the various protocol threads employed for network I/O processing and the common-case code paths for packet reception and transmission. Additionally, we'll need to make a passing reference to DragonFlyBSD's message passing model. This should establish a baseline, allowing us to focus on the recent work by the author to eliminate use of the Big Giant Lock in the performance-critical paths for the TCP and UDP protocols. The decision to constrain this work on the two by far most widely-used transport protocols was made in order to (a) limit the amount of work necessary and (b) explore the effectiveness of the approach on the cases that matter at this point in time.

                                                  • EuroBSDCon 2008 - Edd Barret - Modern Typesetting on BSD
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, typesetting, bsd, edd barrett
                                                    Files: OGG (1 byte, 33 minutes), MP3 (1 byte, 33 minutes), PDF (1 byte, n pages)

                                                    Edd Barrett will speak about using the BSD Platform as a means of typesetting from a practical standpoint at EuroBSDcon 2008. Edd Barrett does not wish to go into the technicalities of each typesetter, but rather state which are good for certain types of document, and which tools (ports and packages), integrate well with the available typesetters. Edd Barrett os a student from the UK, currently on "placement year" as a systems administrator for Bournemouth University. Open Source *NIX has been his platform of choice for many years and he has been using OpenBSD for about 3 years now, simply because it is small, clean, correct and secure. Just recently he has started developing things I want or need for OpenBSD.

                                                  • EuroBSDCon 2008 - Michael Dexter - Zen and the Art of Multiplicity Maintenance: An applied survey of BSD-licensed multiplicity strategies from chroot to mult
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, bsd, michael dexter
                                                    Files: OGG (1 byte, 38 minutes), MP3 (1 byte, 38 minutes), PDF (1 byte, n pages)

                                                    Many BSD-licensed strategies of various levels of maturity exist to implement multiplicity, herein defined as the introduction of plurality to traditionally singular computing environments via isolation, virtualization, or other method. For example, the chroot utility introduces an additional isolated root execution environment within that of the host; or an emulator provides highly-isolated virtual systems that can run complete native or foreign operating systems. Motivations for multiplicity vary, but a demonstrable desire exists for users to obtain root or run a foreign binary or operating system. We propose a hands-on survey of portable and integrated BSD-licensed multiplicity strategies applicable to the FreeBSD, OpenBSD, DragonFlyBSD and NetBSD operating systems on the i386 architecture. We will also address three oft-coupled disciplines: software storage devices, the installation of operating system and userlands in multiplicity environments plus the management of select multiplicity environments. Finally we will comment on each strategies potential limits of isolation, compatibility, independence and potential overhead in comparison to traditional systems. Keywords: multiplicity, virtualization, chroot, jail, hypervisor, xen, compat. Michael Dexter has used Unix systems since 1991 and BSD-licensed multiplicity strategies for over five years. He is the Program Manager at the BSD Fund and Project Manager of the BSD.lv Project.

                                                  • EuroBSDCon 2008 - Nick Barkas - Dynamic memory allocation for dirhash in UFS2
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, ufs2, nick barkas
                                                    Files: OGG (1 byte, 32 minutes), MP3 (1 byte, 32 minutes), PDF (1 byte, n pages)

                                                    Hello My name is Nick Barkas. I'm a master's student studying scientific computing at Kungliga Tekniska hgskolan (KTH) in Stockholm, Sweden. I have just begun work on a Google Summer of Code project with FreeBSD: Dynamic memory allocation for dirhash in UFS2 . I would like to present my results from this project at EuroBSDCon this year. This project is very much a work in progress now so it is a bit difficult to summarize what I would ultimately present. I will try to describe an outline, though. First I will give background information on dirhash: an explanation of the directory data structure in UFS2, how directory lookups in this structure necessitate a linear search, and how dirhash speeds these lookups up without having to change anything about the directory data structure. Next I will explain the current limitation that dirhash's maximum memory use must be manually specified by administrators, or left at a small conservative default of 2MB. I will explain some different methods I will have explored to try and make this maximum memory limit dynamically increase and decrease as the system has more or less free memory, and which method I will have ultimately settled on and implemented. Then I'll present some test results of performance of operations on very large directories with and without dynamic memory allocation enabled for dirhash. Next I will talk about how speed gains from dirhash are limited by the fact that the hash tables exist only in memory and must be recreated after each system boot, as big directories are scanned for the first time, or even have to be recreated for a directory that has not been scanned in some time if its dirhash has been discarded to free memory. These problems can be eliminated by using an on-disk index for directory entries. I will talk about some of the challenges of implementing on-disk indexing, such as remaining backwards compatible with older versions of UFS2 and interoperating properly with softupdates. Then, if my SoC project has permitted me time to work on this aspect of it, I will explain some possible methods for adding directory indexing to UFS2 that meets these challenges, and which of those ideas I will have implemented. Finally I will present results of some benchmarks on this filesystem with indices, and compare to performance with dirhash, and with no indices or dirhashes. Keywords: dirhash, ufs2, filesystems, performance tuning

                                                  • EuroBSDCon 2008 - Paul Richards - eXtreme Programming: FreeBSD a case study
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, extreme programming, paul richards
                                                    Files: OGG (1 byte, 54 minutes), MP3 (1 byte, 54 minutes), PDF (1 byte, n pages)

                                                    Traditional project management methodologies are typically based on the waterfall model where there are distinct phases: requirements capture, design, implementation, testing, delivery. Once a project has moved on to the next phase there is no going back. The end result is often a late project that no-one wants anymore because the requirements have fundamentally changed by the time the project is delivered.

                                                  • EuroBSDCon 2008 - Hauke Fath - Managing BSD desktop clients - Fencing in the herd
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, bsd, desktop, hauke fath
                                                    Files: OGG (1 byte, 50 minutes), MP3 (1 byte, 50 minutes), PDF (1 byte, n pages)

                                                    The members of the BSD family have traditionally prospered off the desktop, as operating systems on servers and embedded systems. The advent of MacOS X has marked a change, and moved the desktop more into focus. Modern desktop systems create a richer software landscape, with more diverse requirements, than their server counterparts. User demands, software package interdependencies and frequent security issues result in a change rate that can put a considerable load on the admin staff. Without central management tools, previously identical installations diverge quickly. This paper looks at concepts and strategies for managing tens to hundreds of modern, Unix-like desktop clients. The available management tools range from simple, image-based software distribution, mainly used for setting up uniform clients, to "intelligent" rule-based engines capable of search-and-replace operations on configuration files. We will briefly compare their properties and limitations, then take a closer look at Radmind, a suite for file level administration of Unix clients. Radmind has been in use in the Institute of Telecommunication at Technische Universitt Darmstadt for over three years, managing NetBSD and Debian Linux clients in the labs as well as faculty members' machines. We will explore the Radmind suite's underlying concepts and functionality. In order to see how the concept holds up, we will discuss real-world scenarios from the system life-cycle of Installation, configuration changes, security updates, component updates, and system upgrades. Hauke Fath works as a systems administrator for the Institut fr Nachrichtentechnik (telecommunication) at Technische Universitt Darmstadt. He has been using NetBSD since 1994, when he first booted a NetBSD 1.0A kernel on a Macintosh SE/30. NetBSD helped shaping his career by causing a slow drift from application programmer's work towards systems and network administration. Hauke Fath holds a MS in Physics and became a NetBSD developer in late 2006. Keywords: Managing Unix desktop clients, software distribution, tripwire

                                                  • EuroBSDCon 2008 - Joerg Sonnenberger - Sleeping beauty - NetBSD on Modern Laptops
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, netbsd, laptops, joerg sonnenberger
                                                    Files: OGG (1 byte, 54 minutes), MP3 (1 byte, 54 minutes), PDF (1 byte, n pages)

                                                    This paper discusses the NetBSD Power Management Framework (PMF) and related changes to the kernel. The outlined changes allow NetBSD to support essential functions like suspend-to-RAM on most post-Y2K X86 machines. They are also the fundation for intelligent handling of device activity by enabling devices on-demand. This work is still progressing. Many of the features will be available in the up-coming NetBSD 5.0 release The NetBSD kernel is widely regarded to be one of the cleanest and most portable Operating System kernels available. For various reasons it is also assumed that NetBSD only runs well on older hardware. In the summer of 2006 Charles Hannum, one of the founders of NetBSD, left with a long mail mentioning as important issues the lack of proper power management and suspendto- RAM support. One year later, Jared D. McNeill posted a plan for attacking this issue based on ideas derived from the Windows Driver Model. This plan would evolve into the new NetBSD Power Management Framework (PMF for short).

                                                  • EuroBSDCon 2008 - Brooks Davis - Isolating cluster jobs for performance and predictability
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, cluster, brooks davis
                                                    Files: OGG (1 byte, 51 minutes), MP3 (1 byte, 51 minutes), PDF (1 byte, n pages)

                                                    The Aerospace Corporation operates a federally funded research and development center in support of national-security, civil and commercial space programs. Many of our 2400+ engineers use a variety of computing technologies to support their work. Applications range from small models which are easily handled by desktops to parameter studies involving thousands of cpu hours and traditional, large scale parallel codes such as computational fluid dynamics and molecular modeling applications. Our primary resources used to support these large applications are computing clusters. Our current primary cluster, the Fellowship cluster consists of 352 dual-processor nodes with a total of 14xx cores. Two additional clusters, beginning at 150 dual-processor nodes each are being constructed to augment Fellowship. As in In any multiuser computing environment with limited resources, user competition for resources is a significant burden. Users want everything they need to do their job, right now. Unfortunately, other users may need those resources at the same time. Thus, systems to arbitrate this resource contention are necessary. On Fellowship we have deployed the Sun Grid Engine scheduler which scheduled batch jobs across the nodes. In the next section we discuss the performance problems that can occur when sharing resources in a high performance computing cluster. We then discuss range of possibilities to address these problems. We then explain the solutions we are investigating and describe our experiments with them. We then conclude with a discussion of future work.

                                                  • EuroBSDCon 2008 - Russel Sutherland - UTORvpn: A BSD based VPN service for the masses
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, vpn, russel sutherland
                                                    Files: OGG (1 byte, 52 minutes), MP3 (1 byte, 52 minutes), PDF (1 byte, n pages)

                                                    The University of Toronto is a large educational institutional with over 70,000 students and 10,000 staff and faculty. For the past three years, we have developed and implemented a ubiquitous VPN service, based up on OpenVPN and FreeBSD. The service has over 3000 active customers, with up to 35 simultaneous users. The system supports, Linux, Mac OS X and Windows XP/Vista/2000 clients. Tools have been developed to create a central CA which enables users to log in to a secure server and get their customized client, certificates and configuration. The NSIS installer is used to generate the customized windows installers. Similar packages are generated for the various Unix based clients. Additional WWW/PHP based tools, have been developed to monitor and log usage of the service, using standard graphs, alarms for excessive use and a certificate revocation mechanism. The system has been integrated into the local identity management system (Kerberos/LDAP) in order to authorize and authenticate users upon initiation and per session usage. All code is Open Source and freely available.

                                                  • EuroBSDCon 2008 - George Neville-Neil - Four years of summer of code
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, google soc, george neville-neil
                                                    Files: OGG (1 byte, 27 minutes), MP3 (1 byte, 27 minutes), PDF (1 byte, n pages)

                                                    The Google Summer of Code is a program designed to provide students with real world experience contributing to open source projects during the summer break in university studies. Each year Google selects a number of open source projects to act as mentoring organizations. Students are invited to submit project proposals for the open source projects that are most interesting to them. FreeBSD was one of the projects selected to participate in the inaugural Summer of Code in 2005 and we have participated each year since then. Over the past 4 years a total of 79 students have participated in the program and it has become a very significant source of new committers to FreeBSD. This talk will examine in detail the selection criteria for projects, the impact that successful projects have had, and some suggestions for how we can better leverage this program in the future.

                                                  • EuroBSDCon 2008 - Anttii Kantee - Converting kernel file systems to services
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, anttii kantee
                                                    Files: OGG (1 byte, 55 minutes), MP3 (1 byte, 55 minutes), PDF (1 byte, n pages)

                                                    ABSD/UNIX operating system is traditionally split into two pieces: the kernel and userspace. Historically the reasons for this were clear: the UNIX kernel was a simple entity. However, over time the kernel has grown more and more complex. Currently, most of the same functionality is available both in userspace and the kernel, but under different names. Examples include synchronization routines and threading support. For instance, to lock a mutex in the NetBSD kernel, the call is mutex_enter(), while in userspace the routine which does exactly the same thing is known as pthread_mutex_enter(). Taking another classic example, a BSD style OS has malloc()/free() available both in userspace and the kernel, but with different linkage (the kernel malloc interface is currently being widely deprecated, though). This imposes a completely arbitrary division between the kernel and userspace. Most functionality provided by an opearating system should be treated as a service instead of explicitly pinning it down as a userspace daemon or a kernel driver. Currently, due to the arbitrarily difference in programming interface names, functionality must be explicitly ported between the kernel and userspace if it is to run in one or the other environment. By unifying the environments where possible, the arbitrary division is weakened and porting between these environments becomes simpler. Antti Kantee has been a NetBSD developer for many many moons. He has managed to work on quite a few bits and pieces of a BSD system: userland utilities, the pkgsrc packaging system, networking, virtual memory, device drivers, hardware support and file systems. See also http://www.netbsd.org/docs/puffs/rump.htm

                                                  • EuroBSDCon 2008 - Matthieu Herrb - Input handling in wscons and X.Org
                                                    Source: EuroBSDCon
                                                    Added: 2008-October-22
                                                    Tags: eurobsdcon, eurobsdcon2008, wscons, x.org, matthieu herrb
                                                    Files: OGG (1 byte, 57 minutes), MP3 (1 byte, 57 minutes), PDF (1 byte, n pages)

                                                    This talk will present the different layers that handle input, from the key that gets pressed or the mouse motion to the applications, all the way through the kernel drivers, X drivers and libraries, in the case of the OpenBSD/NetBSD wscons driver and the current and future X.Org server. It will cover stuff like keyboard mappings, touch-screen calibration, multi-pointer X or input coordinates transformations. It will show some problems of current implementations and try to show how current evolutions can solve them. Matthieu Herrb is maintaing X on OpenBSD. I've been using X on various systems (SunOS, NetBSD, OpenBSD, Mac OS X,...) since 1989. He has been a member of the XFree86 Core Team for a short period in 2003 and is now a member of the X.Org Foundation BoD. Matthieu Herrb works at LAAS a research laborarory of the French National Research Agency (CNRS) both on robotics and network security.

                                                  extreme programming

                                                  eystein aarseth

                                                    f-prot

                                                    fast file system

                                                      fernado gont

                                                      • Fernando Gont - Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies
                                                        Source: BSDCan - The Technical BSD Conference
                                                        Added: 2009-05-25
                                                        Tags: bsdcan, bsdcan2009, presentation, bsd, security assessment, fernado gont
                                                        Files: Proposal (3 pages, 93 Kb), Security Assessment of the Internet Protocol (63 pages, 660 Kb), Security Assessment of the Transmission Control Protocol (TCP) (130 pages, 1.4 Mb), Slides (64 pages, 473 Kb)

                                                        Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies Fernando Gont will present the results of security assessment of the TCP and IP protocols carried out on behalf of the United Kingdom's Centre for the Protection of National Infrastructure (Centre for the Protection of National Infrastructure). His presentation will provide an overview of the aforementioned project, and will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems with respect to the aforementioned issues. During the last twenty years, many vulnerabilities have been identified in the TCP/IP stacks of a number of systems. The discovery of these vulnerabilities led in most cases to reports being published by a number of CSIRTs and vendors, which helped to raise awareness about the threats and the best possible mitigations known at the time the reports were published. For some reason, much of the effort of the security community on the Internet protocols did not result in official documents (RFCs) being issued by the organization in charge of the standardization of the communication protocols in use by the Internet: the Internet Engineering Task Force (IETF). This basically led to a situation in which "known" security problems have not always been addressed by all vendors. In addition, in many cases vendors have implemented quick "fixes" to the identified vulnerabilities without a careful analysis of their effectiveness and their impact on interoperability. As a result, producing a secure TCP/IP implementation nowadays is a very difficult task, in large part because of the hard task of identifying relevant documentation and differentiating between that which provides correct advisory, and that which provides misleading advisory based on inaccurate or wrong assumptions. During 2006, the United Kingdom's Centre for the Protection of National Infrastructure embarked itself in an ambitious and arduous project: performing a security assessment of the TCP and IP protocols. The project did not limit itself to an analysis of the relevant IETF specifications, but also included an analysis of common implementation strategies found in the most popular TCP and IP implementations. The result of the project was a set of documents which identifies possible threats for the TCP and IP protocols and, where possible, proposes counter-measures to mitigate the identified threats. This presentation will will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems.

                                                      ffs

                                                      • Joerg Sonnenberger - Journaling FFS with WAPBL
                                                        Source: BSDCan - The Technical BSD Conference
                                                        Added: 2009-05-25
                                                        Tags: bsdcan, bsdcan2009, presentation, netbsd, wapbl, ffs, joerg sonnenberger
                                                        Files: Slides (24 pages, 10 Kb)

                                                        Journaling FFS with WAPBL NetBSD 5 is the first NetBSD release with a journaling filesystem. This lecture introduces the structure of the Fast File System, the modifications for WAPBL and specific constraints of the implementation. The Fast File System (FFS) has been used in the BSD land for more than two decades. The original implementation offered two operational modes: safe and slow (sync) unsafe and fast (async) One decade ago, Kirk McKusick introduced the soft dependency mechanism to offset the performance impact without risk of mortal peril on the first crash. With the advent of Terabyte hard disks, the need for a file system check (fsck) after a crash becomes finally unacceptable. Even a background fsck like supported on FreeBSD consumes lots of CPU time and IO bandwidth. Based on a donation from Wasabi Systems, Write Ahead Physical Block Logging (WAPBL) provides journaling for FFS with similar or better performance than soft dependencies during normal operation. Recovery time after crashes depends on the amount of outstanding IO operations and normally takes a few seconds. This lecture gives a short overview of FFS and the consistency constraints for meta data updates. It introduces the WAPBL changes, both in terms of the on-disk format and the implementation in NetBSD. Finally the implementation is compared to the design of comparable file systems and specific issues of and plans for the current implementation are discussed.

                                                      finger printing

                                                        finstall

                                                        • Ivan Voras - Remote and mass management of systems with finstall
                                                          Source: BSDCan - The Technical BSD Conference
                                                          Added: 2009-05-25
                                                          Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
                                                          Files: Slides (24 pages, 377 Kb)

                                                          Remote and mass management of systems with finstall Automated management on a largish scale An important part of the "finstall" project, created as a graphical installer for FreeBSD, is a configuration server that can be used to remotely administer and configure arbitrary systems. It allows for remote scripting of administration tasks and is flexible enough to support complete reconfiguration of running systems. The finstall project has two major parts - the front-end and the back-end. The front-end is just a GUI allowing the users to install the system in a convenient way. The back-end is a network-enabled XML-RPC server that is used by the front-end to perform its tasks. It can be used as a stand-alone configuration daemon. This talk will describe a way to make use of this property of finstall to remotely manage large groups of systems.

                                                        firewall cluster

                                                          firewire

                                                          • Sean Bruno - Implementation of TARGET_MODE applications
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, freebsd, firewire, sean bruno
                                                            Files: Slides (22 pages, 72 Kb)

                                                            Implementation of TARGET_MODE applications How we used TARGET_MODE in the kernel to create and interesting product This presentation will cover a real world implementation of the TARGET_MODE infrastructure in the kernel (stable/6). Topics to include: drivers used (isp, aic7xxx, firewire). scsi_target userland code vs kernel drivers missing drivers (4/8G isp support, iSCSI target) Target Mode describes a feature within certain drivers that allows a FreeBSD system to emulate a Target in the SCSI sense of the word. By recompiling your kernel with this feature enabled, it permits one to turn a FreeBSD system into an external hard disk. This feature of the FreeBSD kernel provides many interesting implementations and is highly desirable to many organizations whom run FreeBSD as their platform. I have been tasked with the maintenance of a proprietary target driver that interfaces with the FreeBSD kernel to do offsite data mirroring at the block level. This talk will discuss the implementation of that kernel mode driver and the process my employer went through to implement a robust and flexible appliance. Since I took over the implementation, we have implemented U160 SCSI(via aic7xxx), 2G Fibre Channel(via isp) and Firewire 400 (via sbp_targ). Each driver has it's own subtleties and requirements. I personally enhanced the existing Firewire target driver and was able to get some interesting results. I hope to demonstrate a functional Firewire 400/800 target and show how useful this application can be for the embedded space. Also, I wish to demonstrate the need for iSCSI. USB and 4/8G Fibre Channel target implementations that use the TARGET_MODE infrastructure that is currently in place to allow others to expand their various interface types. The presentation should consist of a high level overview, followed by detailed implementation instructions with regards to the Firewire implementation and finish up with a hands-on demonstration with a FreeBSD PC flipped into TARGET_MODE and a Mac.

                                                          • Sean Bruno - Firewire BoF Plugfest
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, firewire, plugfest, sean bruno
                                                            Files: Slides (1 page, 37 Kb)

                                                            Firewire BoF Plugfest Debugging and testing of Firewire products with FreeBSD Come one come all to a Firewire plugfest. Let's debug and test together and see if we can't knock out some features and bugs. A hands-on testing and debugging session of the Firewire stack in FreeBSD. Everyone who wishes to attend should bring their Firewire devices, ext Drives and Cameras, and their Laptops. I will be debugging and capturing data points to enhance and improve features in the Firewire stack. We should be able to knock out quite a bunch of bugs if folks can bring their various Firewire devices along with their various PCs. Even if your Firewire device works perfectly, bring it by so it can be documented as supported by the Firewire team!

                                                          flash

                                                          flickr

                                                          frantic films

                                                          freebsd

                                                          • At MeetBSD with some of the FreeBSD Core Team
                                                            Source: bsdtalk
                                                            Added: 2008-November-18
                                                            Tags: bsdtalk, interview, freebsd core team, meetbsd2008, meetbsd, robert watson, brooks davis, kris kennaway, peter wemm, philip paeps, freebsd, subversion
                                                            Files: MP3 version (18 Mb, 38 minutes), Ogg version (38 minutes)

                                                            A conversation with some of the FreeBSD Core Team at MeetBSD California 2008. I speak with Brooks Davis, Kris Kennaway, Robert Watson, Peter Wemm, and Philip Paeps about the recent core team election, FreeBSD 7.1 and 8, Developer Summits, and the move to Subversion.

                                                          • Jeremy White, Founder of CodeWeavers
                                                            Source: bsdtalk
                                                            Added: 2008-05-03
                                                            Tags: bsdtalk, interview, freebsd, codeweavers, crossover, jeremy white
                                                            Files: MP3 version (7 Mb, 16 minutes), Ogg version (16 minutes)

                                                            Interview with Jeremy White, Founder of CodeWeavers. We talk about the recent availability of an experimental build of Crossover Games for BSD.

                                                          • FreeBSD Developer Alexander Motin
                                                            Source: bsdtalk
                                                            Added: 2008-04-18
                                                            Tags: bsdtalk, interview, freebsd, mpd, alexander motin
                                                            Files: MP3 version (8 Mb, 16 minutes), Ogg version (16 minutes)

                                                            Interview with FreeBSD Developer Alexander Motin. We talk about mpd, the netgraph based Multi-link PPP Daemon. For more information, see http://mpd.sourceforge.net/.

                                                          • FreeBSD Lead Release Engineer Ken Smith
                                                            Source: bsdtalk
                                                            Added: 2008-03-01
                                                            Tags: bsdtalk, interview, freebsd, release engineer, ken smith
                                                            Files: MP3 version (7 Mb, 16 minutes), Ogg version (16 minutes)

                                                            Interview with FreeBSD Lead Release Engineer Ken Smith.

                                                          • FreeBSD Developer Diane Bruce
                                                            Source: bsdtalk
                                                            Added: 2007-05-10
                                                            Tags: bsdtalk, interview, freebsd, diana bruce
                                                            Files: MP3 version (5 Mb, 10 minutes), Ogg version (10 minutes)

                                                            Interview with FreeBSD developer Diane Bruce. We talk about Ham Radio on BSD. Slides from one of her talks: http://www.oarc.net/presentations/hamradio_on_freebsd.pdf

                                                          • Cisco Distinguished Engineer Randall Stewart
                                                            Source: bsdtalk
                                                            Added: 2007-03-08
                                                            Tags: bsdtalk, interview, cisco, freebsd, stream control transmission protocol, randall stewart
                                                            Files: MP3 version (17 Mb, 35 minutes), Ogg version (35 minutes)

                                                            Interview with Cisco Distinguished Engineer Randall Stewart. We talk about the Stream Control Transmission Protocol and his work bringing it to FreeBSD.

                                                          • FreeBSD Developer George Neville-Neil
                                                            Source: bsdtalk
                                                            Added: 2007-02-27
                                                            Tags: bsdtalk, interview, freebsd, packet construction set, george neville-neil
                                                            Files: MP3 version (10 Mb, 19 minutes), Ogg version (19 minutes)

                                                            Interview with FreeBSD developer George Neville-Neil. We talk about the packet construction set and the packet debugger.

                                                          • FreeBSD Developer Joseph Koshy
                                                            Source: bsdtalk
                                                            Added: 2006-December-11
                                                            Tags: bsdtalk, interview, freebsd, libelf, joseph koshy
                                                            Files: MP3 version (5 Mb, 9 minutes), Ogg version (9 minutes)

                                                            Interview with FreeBSD developer Joseph Koshy about libELF. You can find more information about libELF at http://wiki.freebsd.org/LibElf.

                                                          • FreeBSD Developer Kip Macy
                                                            Source: bsdtalk
                                                            Added: 2006-December-07
                                                            Tags: bsdtalk, interview, freebsd, ultrasparc t1, kip macy
                                                            Files: MP3 version (10 Mb, 22 minutes), Ogg version (22 minutes)

                                                            Interview with FreeBSD developer Kip Macy. We talk about the Ultrasparc T1 port.

                                                          • FreeBSD Port Committer Thomas McLaughlin
                                                            Source: bsdtalk
                                                            Added: 2006-December-01
                                                            Tags: bsdtalk, interview, freebsd, bsd#, thomas mclaughlin
                                                            Files: MP3 version (9 Mb, 18 minutes), Ogg version (18 minutes)

                                                            Interview with FreeBSD Port Committer Thomas McLaughlin about the BSD# project.

                                                          • FreeBSD Release Engineer Bruce Mah
                                                            Source: bsdtalk
                                                            Added: 2006-November-29
                                                            Tags: bsdtalk, interview, freebsd, release engineer, bruce mah
                                                            Files: MP3 version (7 Mb, 15 minutes), Ogg version (15 minutes)

                                                            Interview with FreeBSD Release Engineer Bruce Mah.

                                                          • P1B: Tracking FreeBSD in a Commercial Setting
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2009-03-27
                                                            Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, freebsd, warner losh
                                                            Files: Flash (33:40)

                                                            P1B: Tracking FreeBSD in a Commercial Setting AsiaBSDCon 2008, M. Warner Losh clive URL: http://www.youtube.com/watch?v=VaZ9Ef04bJg

                                                          • Using FreeBSD to Promote Open Source Development Methods, Brooks Davis, AsiaBSDCon 2008
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2009-02-21
                                                            Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, freebsd, promotion, open source development models, brooks davis
                                                            Files: Flash (30:07)

                                                            Using FreeBSD to Promote Open Source Development Methods, Brooks Davis, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=4lcrinKBMas

                                                          • FreeBSD Kernel Internals, Dr. Marshall Kirk McKusick
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2009-01-19
                                                            Tags: youtube, course, freebsd, design and implementation of the freebsd operating system, kirk mckusick
                                                            Files: Flash (59:57)

                                                            The first hour of Marshall Kirk McKusick's course on FreeBSD kernel internals based on his book, The Design and Implementation of the FreeBSD Operating System. This course has been given at BSD Conferences and technology companies around the world. clive URL: http://www.youtube.com/watch?v=nwbqBdghh6E

                                                          • May 2008 developer Vimage report
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2008-December-31
                                                            Tags: youtube, freebsd, vimage, marko zec, julian elischer
                                                            Files: Flash (2:44:36)

                                                            A sneak peak into the FreeBSD development process. Warning 2 hours! filmed over 2 days. (The schedule worked out was optimistic to say the least but it's still looking ok...) Marko Zec and Julian Elischer report back to the developers at BSDCan on the progress on virtualizing the network stack in FreeBSD. This has been a long term project but at the time of this recording was just reaching the point of feasibility. In this video you can see some of the dynamics of the group as developers become familiar with the project and discussions take place regarding such things as maintainability, ABI compatibility, and even what to call the feature. In this video you can see the decision being made by a "quorum" of developers to take this project mainstream. The sound is less that perfect, but it's what we have. This is a montage of 3 video sources, one of which is a lower resolution, but at times it was the only camera capturing the action. (the other ran out of tape for a while) Thanks to Ed Maste for the added footage. I will be doing more editing later and will be substituting in better footage in some places. clive URL: http://au.youtube.com/watch?v=Px-pSXm32dE

                                                          • ZFS in FreeBSD, by Pawel Jakub Dawidek
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2008-December-31
                                                            Tags: youtube, freebsd, zfs, pawel jakub
                                                            Files: Flash (54:34)

                                                            Pawel goes over ZFS, and tells us the state of the FreeBSD port. Source: Julian clive URL: http://au.youtube.com/watch?v=5-CR3o-Q2CU

                                                          • Isilon and FreeBSD
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2008-December-31
                                                            Tags: youtube, freebsd, isilon, zach loafman
                                                            Files: Flash (28:58)

                                                            Zach Loafman explains how Isilon uses FreeBSD and how the company adds to it and interacts with the FreeBSD community. clive URL: http://au.youtube.com/watch?v=OlMocIwM5QU

                                                          • FreeBSD networking work summary
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2008-December-16
                                                            Tags: youtube, freebsd, networking, robert watson
                                                            Files: Flash (55:21)

                                                            Robert Watson reports on work currently under way to optimize the networking stack for new hardware. Source: Julian clive URL: http://www.youtube.com/watch?v=ohLVNmI3lCg

                                                          • Embedded FreeBSD
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2008-December-07
                                                            Tags: youtube, meetbsd, meetbsd2007, embedded, freebsd, polish, rafal jaworowski
                                                            Files: Flash (1:11:09)

                                                            "FreeBSD do zabudowy czyli nie tylko pecety", Rafal Jaworowski at MeetBSD 2007 in Warsaw, Poland. clive URL: http://www.youtube.com/watch?v=2HcIJvJX4y8

                                                          • New features in FreeBSD 7
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2008-December-07
                                                            Tags: youtube, meetbsd, meetbsd2007, freebsd, kris kennaway
                                                            Files: Flash (1:07:18)

                                                            "New features and improvements in FreeBSD 7", Kris Kennaway at MeetBSD 2007 in Warsaw, Poland clive URL: http://www.youtube.com/watch?v=XUjJWhlnujQ

                                                          • FreeBSD Profiling, Kris Kennaway, MeetBSD 2008
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2008-December-06
                                                            Tags: youtube, meetbsd, meetbsd2008, freebsd, profiling, kris kennaway
                                                            Files: Flash (1:06:23)

                                                            FreeBSD Profiling tools, tips and tricks, Kris Kennaway, MeetBSD 2008 clive URL: http://www.youtube.com/watch?v=Mfb5_uG7BCA

                                                          • FreeBSD, Protecting Privacy with Tor
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2008-December-06
                                                            Tags: youtube, meetbsd, meetbsd2007, freebsd, tor, privacy, christian bruffer
                                                            Files: Flash (46:24)

                                                            "Protecting your Privacy with FreeBSD and Tor", Christian Brüffer at MeetBSD 2007 in Warsaw, Poland. clive URL: http://www.youtube.com/watch?v=OwBh8ro7xHQ

                                                          • FreeBSD, Building a Computing Cluster
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2008-December-06
                                                            Tags: youtube, meetbsd, meetbsd2007, freebsd, cluster, performance, brooks davis
                                                            Files: Flash (47:51)

                                                            "Reflections on Building a High-Performance Computing Cluster using FreeBSD", Brooks Davis at MeetBSD 2007 in Warsaw, Poland. clive URL: http://www.youtube.com/watch?v=BpsRb9fJ4Ds

                                                          • Embedding FreeBSD, MeetBSD 2008
                                                            Source: YouTube bsdconferences channel
                                                            Added: 2008-December-06
                                                            Tags: youtube, meetbsd, meetbsd2008, embedded, freebsd, philip paeps, warner losh
                                                            Files: Flash (38:56)

                                                            Embedding FreeBSD by Warner Losh and Philip Paeps, MeetBSD November 15, 2008 clive URL: http://www.youtube.com/watch?v=Fc3xYrxvIU0

                                                          • Lousy virtualization, Happy users: FreeBSD's jail(2) facility
                                                            Source: UKUUG
                                                            Added: 2007-04-02
                                                            Tags: ukuug, presentation, freebsd, jails, poul-henning kamp
                                                            Files: Slides (2.7 Mb)

                                                            Lousy virtualization, Happy users: FreeBSD's jail(2) facility by Poul-Henning Kamp (phk@FreeBSD.org)

                                                          • EuroBSDCon 2008 - Paeps Philip - How-to embed FreeBSD
                                                            Source: EuroBSDCon
                                                            Added: 2008-October-22
                                                            Tags: eurobsdcon, eurobsdcon2008, embed, freebsd, philip paeps
                                                            Files: OGG (1 byte, 43 minutes), MP3 (1 byte, 43 minutes), PDF (1 byte, 17 pages)

                                                            This paper provides a how-to embed FreeBSD. A console server built form an AT91RM9200 based ARM system will be explored. This paper will talk about the selection of hardware. It will explore creating images for the target system, as well as concentrate on different alternatives for deploying the system. A number of different options exist today, and no comprehensive guide for navigating through the choices exists today. This paper will explore the different alternatives that exist today for producing images targeted at different size requirements. The differing choices for storage in an embedded environment are explored. The techniques used to access rich debugging environments are discussed.

                                                          • EuroBSDCon 2008 - George Neville-Neil - Multicast Performance in FreeBSD
                                                            Source: EuroBSDCon
                                                            Added: 2008-October-22
                                                            Tags: eurobsdcon, eurobsdcon2008, multicast, freebsd, george neville-neil
                                                            Files: OGG (1 byte, 39 minutes), MP3 (1 byte, 39 minutes), PDF (1 byte, n pages)

                                                            In the past ten years most of the research in network protocols has gone into TCP, leaving UDP to languish as a local configuration protocol. While the majority of Internet traffic is TCP, UDP remains the only IP protocol that works over multicast and as such has some specific, and interesting uses in some areas of computing. In 2008 we undertook a study of the performance of UDP multicast on both 1Gbps and 10Gbps Ethernet networks in order to see if changing the physical layer of the network would give a linear decrease in packet latency. To measure the possible gains we developed a new network protocol test program, mctest, which is capable of recording packet round trip times from many hosts simultaneously and which we believe accurately represents how many environments use multicast. The mctest program has been integrated into FreeBSD and is now being used to verify the proper operation of multicast on various pieces of 10Gbps hardware.

                                                          • EuroBSDCon 2008 - Pedro Giffuni - Working with Engineering Applications in FreeBSD
                                                            Source: EuroBSDCon
                                                            Added: 2008-October-22
                                                            Tags: eurobsdcon, eurobsdcon2008, freebsd, engineering applications, pedro giffuni
                                                            Files: OGG (1 byte, 51 minutes), MP3 (1 byte, 51 minutes), PDF (1 byte, n pages)

                                                            In recent years, traditional branches of engineering like Civil, Chemical, Mechanical, Electrical and Industrial Engineering are requiring extensive computing facilities for their needs. Several well known labs (Sandia, Lawrence Livermore) rely on huge clusters to do all types of complex analysis that were unthinkable a couple of decades ago. While the free BSD variants share the environment with traditional UNIX systems, frequently used for such computations, it was not common to find adequate free software packages to carry complex calculations. Eventually commercial versions of important math related packages started to appear for the Linux platform. Even when the big packages were distant, the BSDs learned and adapted in resourceful ways: Matlab and Mathematica, running under Linux emulation, demanded functionality from the BSDs and NetBSD implemented a signal trampoline to be able to run AutoCAD with IRIX binary compatibility. A notable project that was always available under a free license was Berkeley's Spice circuit analysis program, however it was an exception rather than the rule. Even when the scientific community pressed for a while to get other important tools like NASA's FEA package Nastran under a free license, the objective of being able to access and enhance open scientific tools was elusive. About a decade ago the situation started to improve: FreeBSD's ports system started growing exponentially, first with a high content in the math category, afterwards with a CAD section and after sustained growth in those categories a science section was created. This growth was mostly pushed by Universities and their research projects and in general are not well known with respect to the commercial counterparts. I started porting math/engineering code for FreeBSD around 1996. Back then it was absolutely unthinkable for a Mechanical Engineer to depend only on FreeBSD for it's daily work. The situation nowadays is different: there are some very high quality engineering analysis packages like EDF's Code Aster, with more than 12 years of professional development, that just can't be ignored. A Finite Element package, like Code Aster, can easily cost 5000 US$, is priced according to the maximum problem size it can solve, can require yearly licenses, and is rarely available with source code. In NASTRAN's case the source code is only available for US citizens under a yearly fee. Free software does have serious limitations though; just like in office applications there are proprietary CAD formats or sometimes the package simply doesn't have the required functionality. Having the sources, of course, always has the advantage of being able to implement (or pay for) some specific functionality you might need. Many commercial packages have been recently ported to Linux, but even when they gain some of the advantages of an open environment they still have yet another limitation: they have been very slow to make use of the multicored features of the new processors in the market, a huge limitation now that the speed war between processors has been limited by the overheating problem. The objective of the talk is to give an overview of several CAD/CAE packages that have been made available recently as part of FreeBSD's ports system and the decisions that were made to port them. BRLCAD and Varkon are two CAD utilities that made a transition from closed source to an open environment and in the process in the process of getting ported to BSD have gained greater portability and general "bug" fixes critical for their consolidation as usable and maintainable projects. There are also some tricks that have not been well documented: it is possible to enable threads and some extra optimizations on some packages, and it is also possible to replace the standard BLAS library with the faster GOTO BLAS without rebuilding the package. It is also possible to build the packages optimized for a clustered environment, but perhaps what is most interesting of all is how all the packages interrelate with each other and can turn FreeBSD into a complete enginering environment. No OS distribution so far is offering all the engineering specific utilities offered through FreeBSD's ports system: from design to visualization, passing through analysis FreeBSD is becoming an option that can't be ignored, and best of all, it is an effort that will benefit not only FreeBSD but the wider audience. Pedro F. Giffuni M. Sc. Industrial Engineering - University of Pittsburgh Mechanical Engineer - Universidad Nacional de Colombia I was born in Bogota, Colombia but I am an Italian citizen. My experience with computers started when I was about 12 years old With the TRS-80 Color Computer first using Basic and the OS-9. I studied electronics for 3 years but became tired of worrying about "whatever happened to electrons in there" and moved to Mechanical Engineering. For a while I rested from the computer world until the Internet came stepping along. I started using FreeBSD around 1995 and soon fell in love with the idea of being able to install a complete version of UNIX from the net with just one floppy. After submitting a the 999th port to the FreeBSD project Walnut Creek was kind enough to give me a subscription for several years to FreeBSD's CD-ROM. Since then I've been on and off porting software packages or fixing the bugs I have caused while porting them. Of course there has always been great respect for the other BSDs and their wonderful license and while I've given up on the idea of one day seeing a "UnifiedBSD" I am glad to see different approaches sharing ideas in a healthful environment. Keywords: BSD, engineering, CAE, CAD, math, mechanical, FreeBSD ports

                                                          • EuroBSDCon 2008 - Ion-Mihai Tetcu - Improving FreeBSD ports/packages quality
                                                            Source: EuroBSDCon
                                                            Added: 2008-October-22
                                                            Tags: eurobsdcon, eurobsdcon2008, freebsd, ports, packages, ion-mihai tetcu
                                                            Files: OGG (1 byte, 56 minutes), MP3 (1 byte, 56 minutes), PDF (1 byte, n pages)

                                                            This talk is focused on ways to improve the quality of FreeBSD's ports and packages and it's partially based on the 5 months experience of writing and running the consecutive versions of "QA Tindy". Ion-Mihai "IOnut" Tetcu is a 28 years old FreeBSD ports committer and maintains about 40 ports scattered in the Ports Tree. He lives in Bucharest, Romania where he runs and co-owns an IT company and he's a member of Romanian FreeBSD and FreeUnix User Group (RoFUG). His non-IT interests include history, philosophy and mountain climbing.

                                                          • EuroBSDCon 2008 - Robert Watson - FreeBSD Network Stack Performance Optimizations for Modern Hardware
                                                            Source: EuroBSDCon
                                                            Added: 2008-October-22
                                                            Tags: eurobsdcon, eurobsdcon2008, freebsd, network stack, hardware, robert watson
                                                            Files: OGG (1 byte, 53 minutes), MP3 (1 byte, 53 minutes), PDF (1 byte, n pages)

                                                            The arrival of high CPU core density, with commodity quad-core notebooks and 32-core servers, combined with 10gbps networking have transformed network design principles for operating systems. This talk will describe changes in the FreeBSD 6.x, 7.x, and forthcoming 8.x network stacks required to exploit multiple cores and serve 10gbps networks. The goal of the session will be to introduce the audience to general strategies used to improve performance, their rationales, and their impact on applications and users: Introduction to the SMPng Project and the follow-on Netperf Project Workloads and performance measurement Efficient primitives to support modern network stacks Multi-core and cache-aware network memory allocator Fine-grained network stack locking Load-balancing and contention-avoidance across multiple CPUs CPU affinity for network stack data structures TCP performance enhancements including TSO, LRO, and TOE Zero-copy Berkely Packet Filter (BPF) buffers Direct network stack dispatch from interrupt handlers Multiple input and output queues Robert Watson is a researcher at the University of Cambridge Computer Laboratory investinging operating system and network security. Prior to joining the Computer Laboratory to work on a PhD, he was Senior Principal Scientist at McAfee Research, now SPARTA ISSO, a leading security research and development organization, directing government and commercial research contracts for customers that include DARPA, the US Navy, and Apple Computer. His research interests include operating system security, network stack structure and performance, and windowing system structure. He is also a member of the FreeBSD Core Team and president of the FreeBSD Foundation.

                                                          • EuroBSDCon 2008 - Paul Richards - eXtreme Programming: FreeBSD a case study
                                                            Source: EuroBSDCon
                                                            Added: 2008-October-22
                                                            Tags: eurobsdcon, eurobsdcon2008, freebsd, extreme programming, paul richards
                                                            Files: OGG (1 byte, 54 minutes), MP3 (1 byte, 54 minutes), PDF (1 byte, n pages)

                                                            Traditional project management methodologies are typically based on the waterfall model where there are distinct phases: requirements capture, design, implementation, testing, delivery. Once a project has moved on to the next phase there is no going back. The end result is often a late project that no-one wants anymore because the requirements have fundamentally changed by the time the project is delivered.

                                                          • EuroBSDCon 2008 - Brooks Davis - Isolating cluster jobs for performance and predictability
                                                            Source: EuroBSDCon
                                                            Added: 2008-October-22
                                                            Tags: eurobsdcon, eurobsdcon2008, freebsd, cluster, brooks davis
                                                            Files: OGG (1 byte, 51 minutes), MP3 (1 byte, 51 minutes), PDF (1 byte, n pages)

                                                            The Aerospace Corporation operates a federally funded research and development center in support of national-security, civil and commercial space programs. Many of our 2400+ engineers use a variety of computing technologies to support their work. Applications range from small models which are easily handled by desktops to parameter studies involving thousands of cpu hours and traditional, large scale parallel codes such as computational fluid dynamics and molecular modeling applications. Our primary resources used to support these large applications are computing clusters. Our current primary cluster, the Fellowship cluster consists of 352 dual-processor nodes with a total of 14xx cores. Two additional clusters, beginning at 150 dual-processor nodes each are being constructed to augment Fellowship. As in In any multiuser computing environment with limited resources, user competition for resources is a significant burden. Users want everything they need to do their job, right now. Unfortunately, other users may need those resources at the same time. Thus, systems to arbitrate this resource contention are necessary. On Fellowship we have deployed the Sun Grid Engine scheduler which scheduled batch jobs across the nodes. In the next section we discuss the performance problems that can occur when sharing resources in a high performance computing cluster. We then discuss range of possibilities to address these problems. We then explain the solutions we are investigating and describe our experiments with them. We then conclude with a discussion of future work.

                                                          • EuroBSDCon 2008 - Russel Sutherland - UTORvpn: A BSD based VPN service for the masses
                                                            Source: EuroBSDCon
                                                            Added: 2008-October-22
                                                            Tags: eurobsdcon, eurobsdcon2008, freebsd, vpn, russel sutherland
                                                            Files: OGG (1 byte, 52 minutes), MP3 (1 byte, 52 minutes), PDF (1 byte, n pages)

                                                            The University of Toronto is a large educational institutional with over 70,000 students and 10,000 staff and faculty. For the past three years, we have developed and implemented a ubiquitous VPN service, based up on OpenVPN and FreeBSD. The service has over 3000 active customers, with up to 35 simultaneous users. The system supports, Linux, Mac OS X and Windows XP/Vista/2000 clients. Tools have been developed to create a central CA which enables users to log in to a secure server and get their customized client, certificates and configuration. The NSIS installer is used to generate the customized windows installers. Similar packages are generated for the various Unix based clients. Additional WWW/PHP based tools, have been developed to monitor and log usage of the service, using standard graphs, alarms for excessive use and a certificate revocation mechanism. The system has been integrated into the local identity management system (Kerberos/LDAP) in order to authorize and authenticate users upon initiation and per session usage. All code is Open Source and freely available.

                                                          • Andre Opperman - The papers I write for EuroBSDCon 05
                                                            Source: EuroBSDCon
                                                            Added: 2007-01-14
                                                            Tags: eurobsdcon, eurobsdcon2005, paper, freebsd, networking, andre opperman
                                                            Files: New Networking Features in FreeBSD 6 (92 Kb), Optimizing the FreeBSD IP and TCP Stack (1 Mb)

                                                            The papers I write for EuroBSDCon 05 on New Networking Feature in FreeBSD 6.0 and Optimizing FreeBSD IP and TCP in 7-CURRENT

                                                          • The presentation I gave at SUCON 04
                                                            Source: Andre Opperman
                                                            Added: 2007-01-14
                                                            Tags: sucon, presentation, freebsd, networking, andre opperman
                                                            Files: FreeBSD-5.3-Networking.pdf (115 Kb)

                                                            The presentation I gave at SUCON 04 on 2nd September 2004 about enhancements/changes in FreeBSD 5.3 Networking Stack.

                                                          • Robert Watson's Slides from EuroBSDCon 2004
                                                            Source: Robert Watson
                                                            Added: 2007-01-14
                                                            Tags: eurobsdcon, eurobsdcon2004, slides, trustedbsd, freebsd, mac, robert watson
                                                            Files: TrustedBSD MAC Framework on FreeBSD and Darwin (270 Kb)

                                                            Robert Watson will describe the design and application of the TrustedBSD MAC Framework, a flexible kernel security framework developed on FreeBSD, and recently experimentally ported to Apple's Darwin operating system. The MAC Framework permits loadable access control kernel modules to be loaded, modifying the security behavior of the operating system, including SEBSD, a port of the SELinux FLASK/TE security model to FreeBSD.

                                                          • Robert Watson's Slides from UKUUG LISA 2006
                                                            Source: Robert Watson
                                                            Added: 2007-01-14
                                                            Tags: ukuug, slides, openbsm, trustedbsd, freebsd, robert watson
                                                            Files: CAPP-Compliant Security Event Audit System for Mac OS X and FreeBSD (UKUUG LISA 2006). (199 Kb)

                                                            UKUUG LISA 2006 took place in Durham, UK in March, 2006. On this page, you can find my slides from this conference. OpenBSM is a BSD-licensed implementation of Sun's Basic Security Module (BSM) API and file format, and is the foundation of the TrustedBSD audit implementation for FreeBSD. This talk will cover the requirements, design, and implementation of audit support for FreeBSD. Security audit support provides detailed logging of security-relevant events, and meets the requirements of the CAPP Common Criteria protection profile.

                                                          • Robert Watson's Slides from EuroBSDCon 2005
                                                            Source: Robert Watson
                                                            Added: 2007-01-14
                                                            Tags: eurobsdcon, eurobsdcon2005, slides, freebsd, smp, robert watson, poul-henning kamp, ed maste
                                                            Files: Introduction to Multithreading and Multiprocessing in the FreeBSD SMPng Network Stack (370 Kb)

                                                            EuroBSDCon 2005 took place in Basel, Switzerland in November, 2005. Due to an injury, I was unable to attend the conference itself, and my talks were presented in absentia by Poul-Henning Kamp and Ed Maste, who have my greatest appreciation! The FreeBSD SMPng Project has spent the past five years redesigning and reimplementing SMP support for the FreeBSD operating system, moving from a Giant-locked kernel to a fine-grained locking implementation with greater kernel threading and parallelism. This paper introduces the FreeBSD SMPng Project, its architectural goals and implementation approach. It then explores the impact of SMPng on the FreeBSD network stack, including strategies for integrating SMP support into the network stack, locking approaches, optimizations, and challenges.

                                                          • Robert Watson's Slides from BSDCan 2004
                                                            Source: Robert Watson
                                                            Added: 2007-01-14
                                                            Tags: bsdcan, bsdcan2004, slides, trustedbsd, freebsd, robert watson
                                                            Files: TrustedBSD: Trusted Operating System Features for BSD (277 Kb)

                                                            BSDCan 2004 took place at the University of Ottawa in Ottawa, Canada. On this page, you can find my slides from the conference. Robert Watson will describe a variety of pieces of work done as part of the TrustedBSD Project, including the TrustedBSD MAC Framework, Audit facilities for FreeBSD, as well as supporting infrastructure work such as GEOM/GBDE, UFS2, OpenPAM. He will also discuss how certification and evaluation play into feature selection, design, and documentation.

                                                          • A Tale of Four Kernels
                                                            Source: Diomidis Spinellis
                                                            Added: 2008-05-17
                                                            Tags: freebsd, linux, solaris, windows, article, kernel, diomidis spinellis
                                                            Files: Diomidis Spinellis. A tale of four kernels. In Wilhem Schfer, Matthew B. Dwyer, and Volker Gruhn, editors, ICSE '08: Proceedings of the 30th International Conference on Software Engineering, pages 381-390, New York, May 2008. Association for Computing Machinery. , Diomidis Spinellis. A tale of four kernels. In Wilhem Schfer, Matthew B. Dwyer, and Volker Gruhn, editors, ICSE '08: Proceedings of the 30th International Conference on Software Engineering, pages 381-390, New York, May 2008. Association for Computing Machinery.

                                                            The FreeBSD, GNU/Linux, Solaris, and Windows operating systems have kernels that provide comparable facilities. Interestingly, their code bases share almost no common parts, while their development processes vary dramatically. We analyze the source code of the four systems by collecting metrics in the areas of file organization, code structure, code style, the use of the C preprocessor, and data organization. The aggregate results indicate that across various areas and many different metrics, four systems developed using wildly different processes score comparably. This allows us to posit that the structure and internal quality attributes of a working, non-trivial software artifact will represent first and foremost the engineering requirements of its construction, with the influence of process being marginal, if any.

                                                          • Global software development in the FreeBSD project
                                                            Source: Diomidis Spinellis
                                                            Added: 2007-01-24
                                                            Tags: freebsd, article, global software development, domidis spinellis
                                                            Files: International Workshop on Global Software Development for the Practitioner, pages 73-79. ACM Press, May 2006, In NASSCOM Quality Summit 2006: Setting benchmarks in global outsourcing, Bangalore, India, September 2006. National Association of Software and Services Companies (NASSCOM)., Linux Format, (11):60?63, September/October 2006. In Greek.

                                                            FreeBSD is a sophisticated operating system developed and maintained as open-source software by a team of more than 350 individuals located throughout the world. This study uses developer location data, the configuration management repository, and records from the issue database to examine the extent of global development and its effect on productivity, quality, and developer cooperation. The key findings are that global development allows round-the-clock work, but there are some marked differences between the type of work performed at different regions. The effects of multiple dispersed developers on the quality of code and productivity are negligible. Mentoring appears to be sometimes associated with developers living closer together, but ad-hoc cooperation seems to work fine across continents.

                                                          • Building a High-Performance Computing Cluster Using FreeBSD
                                                            Source: New York City *BSD User Group
                                                            Added: 2008-03-22
                                                            Tags: nycbug, presentation, high performance computing, freebsd, brooks davis
                                                            Files: MP3 version (80 minutes, 9 Mb)

                                                            Special NYC*BUG meeting with FreeBSD developer Brooks Davis Since late 2000 we have developed and maintained a general purpose technical and scientific computing cluster running the FreeBSD operating system. In that time we have grown from a cluster of 8 dual Intel Pentium III systems to our current mix of 64 dual, quad-core Intel Xeon and 289 dual AMD Opteron systems. In this talk we reflect on the system architecture as documented in our BSDCon 2003 paper "Building a High-performance Computing Cluster Using FreeBSD" and our changes since that time. After a brief overview of the current cluster we revisit the architectural decisions in that paper and reflect on their long term success. We then discuss lessons learned in the process. Finally, we conclude with thoughts on future cluster expansion and designs. Bio Brooks Davis is an Engineering Specialist in the High Performance Computing Section of the Computer Systems Research Department at The Aerospace Corporation. He has been a FreeBSD user since 1994, a FreeBSD committer since 2001, and a core team member since 2006. He earned a Bachelors Degree in Computer Science from Harvey Mudd College in 1998. His computing interests include high performance computing, networking, security, mobility, and, of course, finding ways to use FreeBSD in all these areas. When not computing, he enjoys reading, cooking, brewing and pounding on red-hot iron in his garage blacksmith shop.

                                                          • Nate Lawson on ACPI
                                                            Source: Bay Area FreeBSD User Group
                                                            Added: 2006-09-09
                                                            Tags: bafug, presentation, freebsd, acpi, nate lawson
                                                            Files:  (245 Mb)

                                                            Our Topic: FreeBSD's ACPI implementation: The details. Our Speaker: Nate Lawson, FreeBSD Committer. Our Topic: FreeBSD's ACPI implementation is based on code for ACPI released by Intel. Nate and others wrote the glue code to make this code work on FreeBSD. He explains how this was done, and why.

                                                          • Network Protocol Development Tools and Techniques for FreeBSD
                                                            Source: Bay Area FreeBSD User Group
                                                            Added: 2006-08-10
                                                            Tags: bafug, presentation, freebsd, packet construction set, george neville-neil
                                                            Files:  (211 Mb)

                                                            Our Topic: Network Protocol Development Tools and Techniques for FreeBSD Our Speaker: George Neville-Neil, co-author of the "Design and Implementation of the FreeBSD Operating System" "daemon" book. Our Topic: While computers have gotten faster and more powerful the tools we use to develop network protocols, such as TCP, UDP, IPv4 and IPv6 have not. Most network protocols are developed, in C, in the kernel, and require a lot of work to test. Over the past year or so I have been working with virtual machines, a couple of pieces of open source software, and begun developing a library for use in protocol testing. This talk will cover three topics: Developing and testing kernel code with Virtual Machines Finding good tests for networking code Packet Construction Set (PCS) a new library for writing protocol tests

                                                          • COMPLETE Hard Disk Encryption with FreeBSD
                                                            Source: 22nd Chaos Communication Congress
                                                            Added: 2006-08-23
                                                            Tags: ccc, ccc2005, ccc22, presentation, freebsd, harddisk encryption, marc schiesser
                                                            Files: Slides (679Kb), Bittorrent link (37Kb)

                                                            COMPLETE Hard Disk Encryption with FreeBSD, by Marc Schiesser Learn how to effectively protect not only your data but also your applications. Most technologies and techniques intended for securing digital data focus on protection while the machine is turned on mostly by defending against remote attacks. An attacker with physical access to the machine, however, can easily circumvent these defenses by reading out the contents of the storage medium on a different, fully accessible system or even compromise program code on it in order to leak encrypted information. Especially for mobile users, that threat is real. And for those carrying around sensitive data, the risk is most likely high. This talk will introduce a method of mitigating that particular risk by protecting not only the data through encryption, but also the applications and the operating system from being compromised while the machine is turned off.

                                                          • FreeBSD Security Officer funktionen
                                                            Source: AArhus Unix Users Group
                                                            Added: 2007-01-15
                                                            Tags: aauug, presentation, danish, freebsd, security officer, simon l nielsen
                                                            Files: PDF (danish) (211 Kb)

                                                            "FreeBSD Security Officer funktionen" at the AAUUG, AAUUG, 22 August 2006 by Simon L. Nielsen (FreeBSD Deputy Security Officer)

                                                          • FreeBSD Security Officer funktionen
                                                            Source: BSD UNIX bruger gruppe i Danmark
                                                            Added: 2007-01-15
                                                            Tags: aauug, presentation, danish, freebsd, security officer, simon l nielsen
                                                            Files: PDF (danish) (210 Kb)

                                                            "FreeBSD Security Officer funktionen" at the BSD-DK, 26 August 2006 by Simon L. Nielsen (FreeBSD Deputy Security Officer)

                                                          • Discussion - What's cooking for FreeBSD 7.0?
                                                            Source: OpenFest
                                                            Added: 2008-03-27
                                                            Tags: openfest, openfest2007, discussion, freebsd, freebsd7
                                                            Files: AVI (105 Mb)

                                                            Discussion - What's cooking for FreeBSD 7.0? (Bulgarian)

                                                          • Dimitri Vasileva - Visualizing Security Threats with Social Networking Software
                                                            Source: OpenFest
                                                            Added: 2008-03-27
                                                            Tags: openfest, openfest2007, presentation, freebsd, security, social networking, dimitri vasileva
                                                            Files: AVI (331 Mb)

                                                            Dimitri Vasileva - Visualizing Security Threats with Social Networking Software (Bulgarian)

                                                          • Shcheryana Shopova - SNMP monitoring
                                                            Source: OpenFest
                                                            Added: 2008-03-27
                                                            Tags: openfest, openfest2007, presentation, freebsd, snmp, monitoring, shcheryana shopova
                                                            Files: AVI (271 Mb)

                                                            Shcheryana Shopova - SNMP monitoring (Bulgarian)

                                                          • Willow Vachkov - FreeBSD and the new network and transport protocols (IPv6 and SCTP)
                                                            Source: OpenFest
                                                            Added: 2008-03-27
                                                            Tags: openfest, openfest2007, presentation, freebsd, ipv6, sctp, willow vanchkov
                                                            Files: AVI (251 Mb)

                                                            Willow Vachkov - FreeBSD and the new network and transport protocols (IPv6 and SCTP) (Bulgarian)

                                                          • Atanas Bchvarov - Packet Filtering in FreeBSD
                                                            Source: OpenFest
                                                            Added: 2008-03-27
                                                            Tags: openfest, openfest2007, presentation, freebsd, atanas bchvarov
                                                            Files: AVI (186 Mb)

                                                            Atanas Bchvarov - Packet Filtering in FreeBSD (Bulgarian)

                                                          • Nikolai Denev - FreeBSD goes Zettabyte
                                                            Source: OpenFest
                                                            Added: 2008-03-27
                                                            Tags: openfest, openfest2007, presentation, freebsd, zettabyte, nikolai denev
                                                            Files: AVI (358 Mb)

                                                            Nikolai Denev - FreeBSD goes Zettabyte (Bulgarian)

                                                          • Vasil Dimov - The FreeBSD ports collection - tips and tricks
                                                            Source: OpenFest
                                                            Added: 2008-03-27
                                                            Tags: openfest, openfest2007, presentation, freebsd, ports collection, vasil dimov
                                                            Files: AVI (341 Mb)

                                                            Vasil Dimov - The FreeBSD ports collection - tips and tricks (Bulgarian)

                                                          • FreeBSD ports Erwin Lansing
                                                            Source: OpenFest
                                                            Added: 2007-01-15
                                                            Tags: openfest, openfest2006, presentation, freebsd, port manager, erwin lansing
                                                            Files: PDF (128 Kb)

                                                            Case study : managing a worldwide open source project: FreeBSD port manager

                                                          • FreeBSD: Hard disk encryption
                                                            Source: Linux and FreeBSD video tutorials. For everyone.
                                                            Added: 2007-05-03
                                                            Tags: unix-tutorial, flash, freebsd, encryption

                                                            How to protect your data on FreeBSD machine even when your computer is turned off? This hard disk encryption guide will help.

                                                          • FreeBSD: First time install and configure
                                                            Source: Linux and FreeBSD video tutorials. For everyone.
                                                            Added: 2007-05-03
                                                            Tags: unix-tutorial, flash, freebsd

                                                            Tutorial how to install and configure FreeBSD. It seems that comments in video are in Japanese :)

                                                          • FreeBSD: using ports system
                                                            Source: Linux and FreeBSD video tutorials. For everyone.
                                                            Added: 2007-05-03
                                                            Tags: unix-tutorial, flash, freebsd, ports

                                                            Using ports system in FreeBSD to install etherape.

                                                          • FreeBSD installation
                                                            Source: Linux and FreeBSD video tutorials. For everyone.
                                                            Added: 2007-05-03
                                                            Tags: unix-tutorial, flash, freebsd

                                                            Step-by-step installation of FreeBSD operating system.

                                                          • Luigi Rizzo - GEOM based disk schedulers for FreeBSD
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
                                                            Files: Slides (40 pages, 430 Kb)

                                                            GEOM based disk schedulers for FreeBSD The high cost of seek operations makes the throughput of disk devices very sensitive to the offered workload. A disk scheduler can then help reorder requests to improve the overall throughput of the device, or improve the service guarantees for individual users, or both. Research results in recent years have introduced, and proven the effectiveness of, a technique called "anticipatory scheduling". The basic idea behind this technique is that, in some cases, requests that cause a seek should not be served immediately; instead, the scheduler should wait for a short period of time in case other requests arrive that do not require a seek to be served. With many common workloads, dominated by sequential synchronous requests, the potential loss of throughput caused by the disk idling times is more than balanced by the overall reduction of seeks. While a fair amount of research on disk scheduling has been conducted on FreeBSD, the results were never integrated in the OS, perhaps because the various prototype implementations were very device-specific and operated within the device drivers. Ironically, anticipatory schedulers are instead a standard part of Linux kernels. This talk has two major contributions: First, we will show how, thanks to the flexibility of the GEOM architecture, an anticipatory disk scheduling framework has been implemented in FreeBSD with little or no modification to a GENERIC kernel. While these schedulers operate slightly above the layer where one would naturally put a scheduler, they can still achieve substantial performance improvements over the standard disk scheduler; in particular, even the simplest anticipatory schedulers can prevent the complete trashing of the disk performance that often occurs in presence of multiple processes accessing the disk. Secondly, we will discuss how the basic anticipatory scheduling technique can be used not only to improve the overall throughput of the disk, but also to give service guarantees to individual disk clients, a feature that is extremely important in practice e.g., when serving applications with pseudo-real-time constraints such as audio or video streaming ones. A prototype implementation of the scheduler that will be covered in the presentation is available at http://info.iet.unipi.it/~luigi/FreeBSD/

                                                          • Randi Harper - Automating FreeBSD Installations
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, freebsd, pxe, sysinstall, randi harper
                                                            Files: Slides (14 pages, 33 Kb)

                                                            Automating FreeBSD Installations PXE Booting and install.cfg Demystified This paper will provide an explanation of the tools involved in performing an automated FreeBSD install and a live demonstration of the process. FreeBSD's sysinstall provides a powerful and flexible mechanism for automated installs but doesn't get used very often because of a lack of documentation.

                                                          • Brooks Davis - Isolating Cluster Jobs for Performance and Predictability
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, freebsd, cluster, brooks davis
                                                            Files: Slides (27 pages, 1.4 Mb)

                                                            Isolating Cluster Jobs for Performance and Predictability At The Aerospace Corporation, we run a large FreeBSD based computing cluster to support engineering applications. These applications come in all shapes, sizes, and qualities of implementation. To support them and our diverse userbase we have been searching for ways to isolate jobs from one another in ways that are more effective than Unix time sharing and more fine grained than allocating whole nodes to jobs. In this talk we discuss the problem space and our efforts so far. These efforts include implementation of partial file systems virtualization and CPU isolation using CPU sets.

                                                          • John Baldwin - Multiple Passes of the FreeBSD Device Tree
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, freebsd, device tree, john baldwin
                                                            Files: Paper (8 pages, 103 Kb), Slides (15 pages, 60 Kb)

                                                            Multiple Passes of the FreeBSD Device Tree The existing device driver framework in FreeBSD works fairly well for many tasks. However, there are a few problems that are not easily solved with the current design. These problems include having "real" device drivers for low-level hardware such as clocks and interrupt controllers, proper resource discovery and management, and allowing most drivers to always probe and attach in an environment where interrupts are enabled. I propose extending the device driver framework to support multiple passes over the device tree during boot. This would allow certain classes of drivers to be attached earlier and perform boot-time setup before other drivers are probed and attached. This in turn can be used to develop solutions to the earlier list of problems.

                                                          • Warner Losh - Tracking FreeBSD in a commercial Environment
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, freebsd, commercial environment, waner losh
                                                            Files: Slides (10 pages, 104 Kb), Paper (45 pages, 624 Kb)

                                                            Tracking FreeBSD in a commercial Environment How to stay current while staying sane The FreeBSD project publishes two lines of source code: current and stable. All changes must first be committed to current and then are merged into stable. Commercial organizations wishing to use FreeBSD in their products must be aware of this policy. Four different strategies have developed for tracking FreeBSD over time. A company can choose to run only unmodified release versions of FreeBSD. A company may choose to import FreeBSD's sources once and then never merge newer versions. A company can choose to import each new stable branch as it is created, adding its own changes to that branch, as well as integrating new versions from FreeBSD from time to time. A company can track FreeBSD's current branch, adding to it their changes as well as newer FreeBSD changes. Which method a company chooses depends on the needs of the company. These methods are explored in detail, and their advantages and disadvantages are discussed. Tracking FreeBSD's ports and packages is not discussed. Companies building products based upon FreeBSD have many choices in how to use the projects sources and binaries. The choices range from using unmodified binaries from FreeBSD's releases, to tracking modify FreeBSD heavily and tracking FreeBSD's evolution in a merged tree. Some companies may only need to maintain a stable version of FreeBSD with more bug fixes or customizations than the FreeBSD project wishes to place in that branch. Some companies also wish to contribute some subset of their changes back to the FreeBSD project. FreeBSD provides an excellent base technology with which to base products. It is a proven leader in performance, reliability and scalability. The technology also offers a very business friendly license that allows companies to pick and choose which changes they wish to contribute to the community rather than forcing all changes to be contributed back, or attaching other undesirable license conditions to the code. However, the FreeBSD project does not focus on integration of its technology into customized commercial products. Instead, the project focuses on producing a good, reliable, fast and scalable operating system and associated packages. The project maintains two lines of development. A current branch, where the main development of the project takes place, and a stable branch which is managed for stability and reliability. While the project maintains documentation on the system, including its development model, relatively little guidance has been given to companies in how to integrate FreeBSD into their products with a minimum of trouble. Developing a sensible strategy to deal with both these portions of FreeBSD requires careful planning and analysis. FreeBSD's lack of guidelines to companies leaves it up to them to develop a strategy. FreeBSD's development model differs from some of the other Free and Open Source projects. People familiar with those systems often discover that methods that were well suited to them may not work as well with FreeBSD's development model. These two issues cause many companies to make poor decisions without understanding the problems that lie in their future. Very little formal guidance exists for companies wishing to integrate FreeBSD into their products. Some email threads can be located via a Google search that could help companies, but many of them are full of contradictory information, and it is very disorganized. While the information about the FreeBSD development process is in the FreeBSD handbook, the implications of that process for companies integrating FreeBSD into their products are not discussed.

                                                          • Kris Moore - PC-BSD - Making FreeBSD on the desktop a reality
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, pc-bsd, freebsd, kris moore
                                                            Files: Slides (35 pages, 512 Kb), Paper (9 pages, 351 Kb)

                                                            PC-BSD - Making FreeBSD on the desktop a reality FreeBSD on the Desktop While FreeBSD is a all-around great operating system, it is greatly lagging behind in desktop appeal. Why is this? In this talk, we will take a look at some of the desktop drawbacks of FreeBSD, and how are are attempting to fix them through PC-BSD. FreeBSD has a reputation for its rock-solid reliability, and top-notch performance in the server world, but is noticeably absent when it comes to the vast market of desktop computing. Why is this? FreeBSD offers many, if not almost all of the same open-source packages and software that can be found in the more popular Linux desktop distributions, yet even with the speed and reliability FreeBSD offers, a relative few number of users are deploying it on their desktops. In this presentation we will take a look at some of the reasons why FreeBSD has not been as widely adopted in the desktop market as it has on the server side. Several of the desktop weaknesses of FreeBSD will be shown, along with how we are trying to fix these short-comings through a desktop-centric version of FreeBSD, known as PC-BSD. We will also take a look at the package management system employed by all open-source operating systems alike, and some of the pitfalls it brings, which may hinder widespread desktop adoption.

                                                          • Sean Bruno - Implementation of TARGET_MODE applications
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, freebsd, firewire, sean bruno
                                                            Files: Slides (22 pages, 72 Kb)

                                                            Implementation of TARGET_MODE applications How we used TARGET_MODE in the kernel to create and interesting product This presentation will cover a real world implementation of the TARGET_MODE infrastructure in the kernel (stable/6). Topics to include: drivers used (isp, aic7xxx, firewire). scsi_target userland code vs kernel drivers missing drivers (4/8G isp support, iSCSI target) Target Mode describes a feature within certain drivers that allows a FreeBSD system to emulate a Target in the SCSI sense of the word. By recompiling your kernel with this feature enabled, it permits one to turn a FreeBSD system into an external hard disk. This feature of the FreeBSD kernel provides many interesting implementations and is highly desirable to many organizations whom run FreeBSD as their platform. I have been tasked with the maintenance of a proprietary target driver that interfaces with the FreeBSD kernel to do offsite data mirroring at the block level. This talk will discuss the implementation of that kernel mode driver and the process my employer went through to implement a robust and flexible appliance. Since I took over the implementation, we have implemented U160 SCSI(via aic7xxx), 2G Fibre Channel(via isp) and Firewire 400 (via sbp_targ). Each driver has it's own subtleties and requirements. I personally enhanced the existing Firewire target driver and was able to get some interesting results. I hope to demonstrate a functional Firewire 400/800 target and show how useful this application can be for the embedded space. Also, I wish to demonstrate the need for iSCSI. USB and 4/8G Fibre Channel target implementations that use the TARGET_MODE infrastructure that is currently in place to allow others to expand their various interface types. The presentation should consist of a high level overview, followed by detailed implementation instructions with regards to the Firewire implementation and finish up with a hands-on demonstration with a FreeBSD PC flipped into TARGET_MODE and a Mac.

                                                          • George Neville-Neil - Understanding and Tuning SCHED_ULE
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, freebsd, sched_ule, george neville-neil
                                                            Files: Slides (29 pages, 228 Kb)

                                                            Understanding and Tuning SCHED_ULE With the advent of widespread SMP and multicore CPU architectures it was necessary to implement a new scheduler in the FreeBSD operating system. The SCHEDULE scheduler was added for the 5 series of FreeBSD releases and has now matured to the point where it is the default scheduler in the 7.1 release. While scheduling processes was a difficult enough task in the uniprocessor world, moving to multiple processors, and multiple cores, has significantly increased the number of problems that await engineers who wish to squeeze every last ounce of performance out of their system. This talk will cover the basic design of SCHEDULE and focus a great deal of attention on how to tune the scheduler for different workloads, using the sysctl interfaces that have been provided for that purpose. Understanding and tuning a scheduler used to be done only by operating systems designers and perhaps a small minority of engineers focusing on esoteric high performance systems. With the advent of widespread multi-processor and multi-core architectures it has become necessary for more users and administrators to decide how to tune their systems for the best performance. The SCHEDULE scheduler in FreeBSD provides a set of sysctl interfaces for tuning the scheduler at run time, but in order to use these interfaces effectively the scheduling process must first be understood. This presentation will give an overview of how SCHEDULE works and then will show several examples of tuning the system with the interfaces provided. The goal of modifying the scheduler's parameters is to change the overall performance of programs on the system. One of the first problems presented to the person who wants to tune the scheduler is how to measure the effects of their changes. Simply tweaking the parameters and hoping that that will help is not going to lead to good results. In our recent experiments we have used the top(1) program to measure our results.

                                                          • Lawrence Stewart - Improving the FreeBSD TCP Implementation
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, freebsd, tcp, lawrence stewart
                                                            Files: Slides (38 pages, 2.1 Mb)

                                                            Improving the FreeBSD TCP Implementation. An update on all things TCP in FreeBSD and how they affect you. My involvement in improving the FreeBSD TCP stack has continued this past year, with much of the work targeted at FreeBSD 8. This talk will cover what these changes entail, why they are of interest to the FreeBSD community and how they help to improve our TCP implementation. It has been a busy year since attending my inaugural BSDCan in 2008, where I talked about some of my work with TCP in FreeBSD. I have continued the work on TCP analysis/debugging tools and integrating modular congestion control into FreeBSD as part of the NewTCP research project. I will provide a progress update on this work. Additionally, a grant win from the FreeBSD Foundation to undertake a project titled "Improving the FreeBSD TCP Implementation" at Swinburne University's Centre for Advanced Internet Architectures has been progressing well. The project focuses on bringing TCP Appropriate Byte Counting (RFC 3465), reassembly queue auto-tuning and integration of low-level analysis/debugging tools to the base system, all of which I will also discuss.

                                                          • Ivan Voras - Remote and mass management of systems with finstall
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
                                                            Files: Slides (24 pages, 377 Kb)

                                                            Remote and mass management of systems with finstall Automated management on a largish scale An important part of the "finstall" project, created as a graphical installer for FreeBSD, is a configuration server that can be used to remotely administer and configure arbitrary systems. It allows for remote scripting of administration tasks and is flexible enough to support complete reconfiguration of running systems. The finstall project has two major parts - the front-end and the back-end. The front-end is just a GUI allowing the users to install the system in a convenient way. The back-end is a network-enabled XML-RPC server that is used by the front-end to perform its tasks. It can be used as a stand-alone configuration daemon. This talk will describe a way to make use of this property of finstall to remotely manage large groups of systems.

                                                          • Mike Silbersack - Detecting TCP regressions with tcpdiff
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, tcpdiff, freebsd, mike silbersack
                                                            Files: Slides (33 pages, 89 Kb)

                                                            Detecting TCP regressions with tcpdiff Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. The initial version of tcpdiff presented at NYCBSDCon 2008 demonstrated that it could be used to detect at least two major TCP bugs that were introduced into FreeBSD in the past few years. The work from that presentation can be viewed at http://www.silby.com/nycbsdcon08/. For BSDCan 2009, I hope to fix a number of bugs in tcpdiff, make it easier to use, set up nightly tests of FreeBSD, and improve it so that additional known bugs can be detected. Additionally, I plan to run it on OSes other than FreeBSD.

                                                          • Philip Paeps - Crypto Acceleration on FreeBSD
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2009-05-25
                                                            Tags: bsdcan, bsdcan2009, presentation, crypto acceleration, freebsd, philip paeps
                                                            Files: Slides (28 pages, 361 Kb)

                                                            Crypto Acceleration on FreeBSD As more and more services on the internet become cryptographically secured, the load of cryptography on systems becomes heavier and heavier. Crypto acceleration hardware is available in different forms for different workloads. Embedded communications processors from VIA and AMD have limited acceleration facilities in silicon and various manufacturers build hardware for accelerating secure web traffic and IPSEC VPN tunnels. This talk gives an overview of FreeBSD's crypto framework in the kernel and how it can be used together with OpenSSL to leverage acceleration hardware. Some numbers will be presented to demonstrate how acceleration can improve performance - and how it can curiously bring a system to a grinding halt. Philip originally started playing with crypto acceleration when he saw the "crypto block" in one of his Soekris boards. As usual, addiction was instant and by the grace of the "you touch it, you own it" principle, he has been fiddling the crypto framework more than is good for him.

                                                          • Scott Ullrich, Chris Buechler - pfSense Tutorial
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-28
                                                            Tags: bsdcan, bsdcan2008, tutorial, freebsd, pfsense, scott ullrich, chris buechler
                                                            Files: PDF file (91 pages, 4.1 Kb)

                                                            pfSense Tutorial From Zero to Hero with pfSense pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices. This tutorial is being presented by the founders of the pfSense project, Chris Buechler and Scott Ullrich. The session will start with an introduction to the project, hardware sizing and selection, installation, firewalling concepts and basic configuration, and continue to cover all the most popular features of the system. Common usage scenarios, deployment considerations, step by step configuration guidance, and best practices will be covered for each feature. Most configurations will be demonstrated in a live lab environment. Attendees are assumed to have basic knowledge of TCP/IP and firewalling concepts, however no in-depth knowledge in these areas or prior knowledge of pfSense or FreeBSD is necessary.

                                                          • Bjoern A. Zeeb - BSDCan08 devsummit summary
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-28
                                                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, writeup, bjoern a zeeb

                                                            200805DevSummit - BSDCan 2008 FreeBSD Developer summit summary

                                                          • Rafal Jaworowski - FreeBSD Embedded Report
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-26
                                                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, embedded, rafal jaworowski
                                                            Files: PDF file (6 pages, 58 Kb)

                                                            FreeBSD Embedded Report

                                                          • Robert Watson - TCP SMP Scalability
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-26
                                                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, smp, robert watson
                                                            Files: PDF file (8 pages, 70 Kb)

                                                            TCP SMP Scalability

                                                          • Erwin Lansing - What's happening in the world of ports and portmgr
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-24
                                                            Tags: bsdcan, bsdcan2008, devsummit, devsummit2008, freebsd, portmgr, erwin lansing
                                                            Files: PDF file (14 pages, 146 Kb)

                                                            What's happening in the world of ports and portmgr

                                                          • Warner Losh - FreeBSD/mips
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-26
                                                            Tags: bsdcan, bsdcan2008, slides, freebsd, mips, embedded, warner losh
                                                            Files: PDF file (19 pages, 1.3 Mb)

                                                            FreeBSD/mips Embedding FreeBSD FreeBSD now runs on the MIPS platform. FreeBSD/mips supports MIPS-32 and MIPS-64 targets, including SMP for multicore support. FreeBSD/mips is targeted at the embedded MIPS marketplace. FreeBSD has run on the MIPS platform for many years. Juniper ported FreeBSD to the Mips platform in the late 1990's. However, concern about intellectual property issues kept Juniper from contributing the port back to FreeBSD until recently. The contributed port was a 64-bit mips port. In the mean time, many efforts were made to bring FreeBSD to the mips platform. The first substantial effort to bring FreeBSD to the Mips platform was done by Juli Mallet. This effort made it to single user, but never further than that. This effort was abandoned due to a change in Juli's life. The port languished. Two years ago at BSDcan, as my involvement with FreeBSD/arm was growing, I tried to rally the troops into doing a FreeBSD/mips port. My efforts resulted in what has been commonly called the "mips2" effort. The name comes from the choice of //depot/projects/mips2 to host the work in perforce. A number of people worked on the earliest versions of the port, but it too languished and seemed destined to suffer the same fate as earlier efforts. Then, two individuals stood up and started working on the port. Wojciech A. Koszek and Oleksandr Tymoshenko pulled in code from the prior efforts. Through their efforts of stabilizing this code, the port to the single user stage and ported it to three different platforms. Others ported it to a few more. Snapshots of this work were released from time to time. Cavium Networks picked up one of these snapshots and ported it to their multicore mips64 network processor. Cavium has kindly donated much of their work to the comminuty. In December, I started at Cisco systems. My first job was to merge all the divergent variants of FreeBSD/mips and get it into shape to push into the tree. With luck, this should be in the tree before I give my talk. In parallel to this, other advances in the embedded support for FreeBSD have been happening as well. I'll talk about new device drivers, new subsystems, and new build tools that help to support the embedded developer.

                                                          • Ivan Voras - "finstall" - the new FreeBSD installer
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-26
                                                            Tags: bsdcan, bsdcan2008, slides, freebsd, installer, ivan voras
                                                            Files: PDF file (39 pages, 1.1 Mb)

                                                            "finstall" - the new FreeBSD installer A graphical installer for FreeBSD The "finstall" project, sponsored by Google as a Summer of Code 2007 project, is an attempt to create a user-friendly graphical installer for FreeBSD, with enough strong technical features to appeal to the more professional users. A long term goal for it is to be a replacement for sysinstall, and as such should support almost all of the features present in sysinstall, as well as add support for new FreeBSD features such as GEOM, ZFS, etc. This talk will describe the architecture of "finstall" and focus on its lesser known features such as remote installation. "finstall" is funded by Google SoC as a possible long-term replacement for sysinstall, as a "LiveCD" with the whole FreeBSD base system on the CD, with X11 and XFCE4 GUI. In the talk I intend to describe what I did so far, and what are the future plans for it. This includes the installer GUI, the backend (which has the potential to become a generic FreeBSD configuration backend) and the assorted tools developed for finstall ("LiveCD" creation scripts). More information on finstall can be found here: http://wiki.freebsd.org/finstall.

                                                          • Pawel Jakub Dawidek - A closer look at the ZFS file system
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-21
                                                            Tags: bsdcan, bsdcan2008, slides, zfs, freebsd, pawel jakub dawidek
                                                            Files: PDF file (33 pages, 150 Kb)

                                                            A closer look at the ZFS file system simple administration, transactional semantics, end-to-end data integrity SUN's ZFS file system became part of FreeBSD on 6th April 2007. ZFS is a new kind of file system that provides simple administration, transactional semantics, end-to-end data integrity, and immense scalability. ZFS is not an incremental improvement to existing technology; it is a fundamentally new approach to data management. We've blown away 20 years of obsolete assumptions, eliminated complexity at the source, and created a storage system that's actually a pleasure to use. ZFS presents a pooled storage model that completely eliminates the concept of volumes and the associated problems of partitions, provisioning, wasted bandwidth and stranded storage. Thousands of file systems can draw from a common storage pool, each one consuming only as much space as it actually needs. The combined I/O bandwidth of all devices in the pool is available to all filesystems at all times. All operations are copy-on-write transactions, so the on-disk state is always valid. There is no need to fsck(1M) a ZFS file system, ever. Every block is checksummed to prevent silent data corruption, and the data is self-healing in replicated (mirrored or RAID) configurations. If one copy is damaged, ZFS detects it and uses another copy to repair it.

                                                          • Rafal Jaworowski - Interfacing embedded FreeBSD with U-Boot
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-21
                                                            Tags: bsdcan, bsdcan2008, slides, embedded, freebsd, u-boot, rafal jaworowski
                                                            Files: PDF file (26 pages, 300 Kb)

                                                            Interfacing embedded FreeBSD with U-Boot Working with the de facto standard for an initial level boot loader In the embedded world U-Boot is a de facto standard for an initial level boot loader (firmware). It runs on a great number of platforms and architectures, and is open source. This talk covers the development work on integrating FreeBSD with U-Boot-based systems. Starting with an overview of differences between booting an all-purpose desktop computer vs. embedded system, FreeBSD booting concepts are explained along with requirements for the underlying firmware. Historical attempts to interface FreeBSD with this firmware are mentioned and explanation given on why they failed or proved incomplete. Finally, the recently developed approach to integrate FreeBSD and U-Boot is presented, with implementation details and particular attention on how it's been made architecture and platform independent, and how loader(8) has been bound to it.

                                                          • John Baldwin - Introduction to Debugging the FreeBSD Kernel
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-21
                                                            Tags: bsdcan, bsdcan2008, slides, paper, debugging, freebsd, john baldwin
                                                            Files: slides, PDF file (26 pages, 113 Kb), paper, PDF file (15 pages, 121 Kb)

                                                            Introduction to Debugging the FreeBSD Kernel Just like every other piece of software, the FreeBSD kernel has bugs. Debugging a kernel is a bit different from debugging a userland program as there is nothing underneath the kernel to provide debugging facilities such as ptrace() or procfs. This paper will give a brief overview of some of the tools available for investigating bugs in the FreeBSD kernel. It will cover the in-kernel debugger DDB and the external debugger kgdb which is used to perform post-mortem analysis on kernel crash dumps. Introduction to Debugging the FreeBSD Kernel Basic crash messages, what a crash looks like typical panic() invocation page fault example "live" debugging with DDB stack traces ps deadlock examples show lockchain show sleepchain Adding new DDB commands KGDB inspecting processes and threads working with kernel modules using scripts to extend examining crashdumps using utilities ps, netstat, etc. debugging strategies kernel crashes system hangs

                                                          • John Birrell - DTrace for FreeBSD
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-21
                                                            Tags: bsdcan, bsdcan2008, slides, dtrace, freebsd, john birrell
                                                            Files: PDF file (49 pages, 148 Kb)

                                                            DTrace for FreeBSD What on earth is that system doing?! DTrace is a comprehensive dynamic tracing facility originally developed for Solaris that can be used by administrators and developers on live production systems to examine the behavior of both user programs and of the operating system itself. DTrace enables users to explore their system to understand how it works, track down performance problems across many layers of software, or locate the cause of aberrant behavior. DTrace lets users create their own custom programs to dynamically instrument the system and provide immediate, concise answers to arbitrary questions you can formulate using the DTrace D programming language. This talk discusses the port of the DTrace facility to FreeBSD and demonstrates examples on a live FreeBSD system. Introduction to the D language - probes, predicates and actions. dtrace(8) and libdtrace - the userland side of the DTrace story. The DTrace kernel module, it's ioctl interface to userland and the provider infrastructure in the kernel. DTrace kernel hooks and the problem of code licensed under Sun's CDDL. What does a DTrace probe actually do? DTrace safety and how it is implemented. Build system changes to add CTF (Compact C Type Format) data to objects, shared libraries and executables. The DTrace test suite. A brief list of things to do to port the DTrace facility to other BSD-derived operating systems.

                                                          • Randall Stewart - SCTP what it is and how to use it
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-21
                                                            Tags: bsdcan, bsdcan2008, abstract, freebsd, sctp, randall stewart
                                                            Files: PDF file (10 pages, 130 Kb)

                                                            SCTP - SCTP what it is and how to use it This talk will introduce the attendee into the interesting world of SCTP. We will first discuss the new and different features that SCTP (a new transport in FreeBSD 7.0) provide to the user. Then we will shift gears and discuss the extended socket API that is available to SCTP users and will cover such items as: The two socket programming models Extended system calls that support the SCTP feature set. What model may fit you best

                                                          • Rafal Jaworowski - Porting FreeBSD/ARM to Marvell Orion System-On-Chip
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2008-05-21
                                                            Tags: bsdcan, bsdcan2008, slides, freebsd, arm, marvell orion, rafal jaworowski
                                                            Files: PDF file (25 pages, 193 Kb)

                                                            Porting FreeBSD/ARM to Marvell Orion System-On-Chip This talk covers the development work on porting the FreeBSD/ARM to Marvell Orion family of highly integrated chips. ARM architecture is widely adopted in the embedded devices, and since the architecture can be licensed, many implementation variations exist: Orion is a derivative compliant with the ARMv5TE definition, it provides a rich set of on-chip peripherals. Present state of the FreeBSD support for ARM is explained, areas for improvement highlighted and its overall shape and condition presented. The main discussion covers scope of the Orion port (what integrated peripherals required new development, what was adapted from existing code base); design decisions are explained for the most critical items, and implementation details revealed. Summary notes are given on general porting methodology, debugging techniques and difficulties encountered during such undertaking.

                                                          • The FreeBSD Security Officer function
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2007-05-20
                                                            Tags: bsdcan, bsdcan2007, pdf, freebsd, security officer, simon l nielsen
                                                            Files: PDF version (252 Kb, 29 pages)

                                                            "FreeBSD Security Officer function" at BSDCAN 2007 by Simon L. Nielsen (FreeBSD Deputy Security Officer)

                                                          • FreeBSD Portsnap
                                                            Source: BSDCan - The Technical BSD Conference
                                                            Added: 2007-05-20
                                                            Tags: bsdcan, bsdcan2007, pdf, portsnap, freebsd, colin percival
                                                            Files: PDF version (1.3 Mb, 88 pages)

                                                            "FreeBSD Portsnap - What (it is), Why (it was written), and How (it works)" by Colin Percival (cperciva@FreeBSD.org) (Note: use ^L to get back in non-fullscreen mode)

                                                          • BSDConTR 2007 - Presentations
                                                            Source: BSDConTR - Turkish Conference on BSD Systems
                                                            Added: 2007-October-31
                                                            Tags: bsdcontr, bsdcontr2007, pdf, freebsd 7.0, freebsd, kris kennaway
                                                            Files: PDF version (336 Kb, 37 pages)

                                                            Introducing FreeBSD 7.0

                                                          • Server deployment in mass-hosting environment using FreeBSD Ports system by Stanislav Sedov (in russian)
                                                            Source: Hostobzor, the Russian conference of hosting provider
                                                            Added: 2008-November-24
                                                            Tags: hostobzor, hostobzor12, freebsd, ports, stanislav sedov, russian
                                                            Files: PDF version (61 Kb, 5 pages), PDF version (470 Kb, 30 pages)

                                                            Recently I have been attending Hostobzor 12th, the Russian conference of hosting providers, beeing held at Raivola hotel near St. Petersburg. The event was great as always thanks to organizers. There was a number of intersting talks given, a lot of interesting discussions held, and, what I appreciate better, a lot of new people with great ideas met. I gave a talk on using the FreeBSD Ports system to mange a large-scale virtual hosting installations based on Hosting Telesystems experience. I tried to describe in detail how we use the ports collection to deploy a large number of servers diverced by architecture and OS versions, how we build packages and distribute them among servers, talked about how we use Mercurial VCS to incrementally merge upstream changes into our modified ports collection and FreeBSD src trees. Hopefully, I've not screwed it much... At least, some people was interested a lot and asked interesting questions.

                                                          • Welcome - Cambridge University FreeBSD DevSummit - Robert Watson
                                                            Source: FreeBSD Developer Summit - Cambridge
                                                            Added: 2008-08-25
                                                            Tags: devsummit2008, devsummit, pdf, freebsd, robert watson
                                                            Files: PDF version (264 Kb, 12 pages)

                                                            Welcome by Robert Watson

                                                          • variant Symlinks - Brooks Davis
                                                            Source: FreeBSD Developer Summit - Cambridge
                                                            Added: 2008-08-25
                                                            Tags: devsummit2008, devsummit, pdf, freebsd, variant symlinks, brooks davis
                                                            Files: PDF version (213 Kb, 15 pages)

                                                            Variant Symlinks by Brooks Davis

                                                          • Van FreeBSD Documentatie projectleider tot FreeBSD Developer - Remko Lodder
                                                            Source: Nederlandse Linux Gebruikers Group
                                                            Added: 2008-December-31
                                                            Tags: nllgg, freebsd, documentation, nederlands, remko lodder
                                                            Files: PDF version (594 Kb, 24 pages)

                                                            In 2004 ben ik begonnen met het FreeBSD Dutch Documentation Project, een project dat inmiddels bijna het complete handboek vertaald heeft. Sinds die tijd zijn er vele wegen geweest die ik behandeld heb, van documentatie projectleider naar Security Team-lid tot aan FreeBSD Developer. Remko Lodder is momenteel 25 jaar en werkt als Unix Engineer voor het bedrijf Snow B.V. waar hij zich momenteel met name bezig houd met security (firewalls etc). Hij is sinds 2004 lid van het FreeBSD Development team en is momenteel 1 van de meest actieve developers binnen het team.

                                                          • FreeBSD Google Summer of Code posters
                                                            Source: FreeBSD Google Summer of Code
                                                            Added: 2009-03-22
                                                            Tags: freebsd, google, summer of code
                                                            Files: PNG version (1.1 Mb, 2480 x 3507 pixels), PDF version (815 Kb, 1 page)

                                                            Two posters usable for the announcement of the participation of the FreeBSD Project in the Google Summer of Code.

                                                          • PmcTools talk at the Bangalore chapter of the ACM
                                                            Source: Joseph Koshy
                                                            Added: 2009-05-24
                                                            Tags: freebsd, presentation, freebsd, pmctools, joseph koshy
                                                            Files: PDF version (550 Kb, 48 pages)

                                                            In April 2009 I was invited to speak on FreeBSD/PmcTools by the Bangalore chapter of the ACM. This was an overview talk. The talk briefly touched upon: the motivations and goals of the project, the programming APIs, some aspects of the implementation and on possible future work.

                                                          freebsd 7.0

                                                          freebsd core

                                                          freebsd core team

                                                          freebsd for all

                                                          freebsd foundation

                                                          freebsd project

                                                            freebsd vs linux

                                                            freebsd7

                                                            freebsdgirl

                                                            gbde

                                                            gene cronk

                                                            • SSARES
                                                              Source: New York City *BSD User Group
                                                              Added: 2008-01-11
                                                              Tags: nycbug, presentation, ipv6, gene cronk
                                                              Files: MP3 version (67 minutes, 7 Mb), Paper (10 pages, 443 Kb)

                                                              SSARES: Secure Searchable Automated Remote Email Storage - A usable, secure email system on a remote untrusted server The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefit of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confidentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search. To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient. However, the system also incurs significant costs, primarily in terms of expanded storage requirements. We view our work as a starting point toward creating privacy-friendly hosted services. Angelos Keromytis is an Associate Professor with the Department of Computer Science at Columbia University, and director of the Network Security Laboratory. He received his B.Sc. in Computer Science from the University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer and Information Science (CIS) Department, University of Pennsylvania. He is the author and co-author of more than 100 papers on refereed conferences and journals, and has served on over 40 conference program committees. He is an associate editor of the ACM Transactions on Information and Systems Security (TISSEC). He recently co-authored a book on using graphics cards for security, and is a co-founder of StackSafe Inc. His current research interests revolve around systems and network security, and cryptography.

                                                            • Gene Cronk on Implementing IPv6
                                                              Source: New York City *BSD User Group
                                                              Added: 2007-October-06
                                                              Tags: nycbug, presentation, ipv6, gene cronk
                                                              Files: MP3 version (60 minutes, 14Mb)

                                                              This talk will be on some of the basics of IPv6 including addressing, subnetting, and tools to test connectivity. There will be a lab (network permitting), and setups for an as of yet undisclosed flavor of BSD as well as some of the well known daemons (Apache 2, SSHD) will be demonstrated. Setting up a BSD OS as an IPv6 router and tunneling system will also be covered. Bio Gene Cronk, CISSP-ISSAP, NSA-IAM is a freelance network security consultant, specializing in *NIX solutions. He has been working with computers for well over 20 years, electronics for over 15, and IPv6 specifically for 4 years. He has given talks on IPv6 and a multitude of other topics at DefCon, ShmooCon and other "underground" venues. Gene is from Jacksonville, FL. When not involved in matters concerning IPv6, he can be found gaming (Anarchy Online), helping out with the Jacksonville Linux User's Group, being one of the benevolent dictators of the Hacker Pimps Security Think Tank, or fixing up his house.

                                                            geom

                                                            • GEOM - in Infrastructure We Trust, Pawel Jakub Dawidek, AsiaBSDCon 2008
                                                              Source: YouTube bsdconferences channel
                                                              Added: 2009-02-21
                                                              Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, geom, pawel jakub dawidek
                                                              Files: Flash (46:38)

                                                              GEOM - in Infrastructure We Trust, Pawel Jakub Dawidek, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=xMpmOezBJZo

                                                            • Luigi Rizzo - GEOM based disk schedulers for FreeBSD
                                                              Source: BSDCan - The Technical BSD Conference
                                                              Added: 2009-05-25
                                                              Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
                                                              Files: Slides (40 pages, 430 Kb)

                                                              GEOM based disk schedulers for FreeBSD The high cost of seek operations makes the throughput of disk devices very sensitive to the offered workload. A disk scheduler can then help reorder requests to improve the overall throughput of the device, or improve the service guarantees for individual users, or both. Research results in recent years have introduced, and proven the effectiveness of, a technique called "anticipatory scheduling". The basic idea behind this technique is that, in some cases, requests that cause a seek should not be served immediately; instead, the scheduler should wait for a short period of time in case other requests arrive that do not require a seek to be served. With many common workloads, dominated by sequential synchronous requests, the potential loss of throughput caused by the disk idling times is more than balanced by the overall reduction of seeks. While a fair amount of research on disk scheduling has been conducted on FreeBSD, the results were never integrated in the OS, perhaps because the various prototype implementations were very device-specific and operated within the device drivers. Ironically, anticipatory schedulers are instead a standard part of Linux kernels. This talk has two major contributions: First, we will show how, thanks to the flexibility of the GEOM architecture, an anticipatory disk scheduling framework has been implemented in FreeBSD with little or no modification to a GENERIC kernel. While these schedulers operate slightly above the layer where one would naturally put a scheduler, they can still achieve substantial performance improvements over the standard disk scheduler; in particular, even the simplest anticipatory schedulers can prevent the complete trashing of the disk performance that often occurs in presence of multiple processes accessing the disk. Secondly, we will discuss how the basic anticipatory scheduling technique can be used not only to improve the overall throughput of the disk, but also to give service guarantees to individual disk clients, a feature that is extremely important in practice e.g., when serving applications with pseudo-real-time constraints such as audio or video streaming ones. A prototype implementation of the scheduler that will be covered in the presentation is available at http://info.iet.unipi.it/~luigi/FreeBSD/

                                                            george neville-neil

                                                            george neville-neil murray stokely

                                                            getting started

                                                            glen r j neff

                                                            global software development

                                                            gomoos

                                                            google

                                                            • Leslie Hawthorn - Google SoC
                                                              Source: BSDCan - The Technical BSD Conference
                                                              Added: 2008-05-21
                                                              Tags: bsdcan, bsdcan2008, slides, google, summer of code, leslie hawthorn
                                                              Files: PDF file (44 pages, 2.2 Mb)

                                                              Google SoC Summer of Code In this talk, I will briefly discuss some general ways Google's Open Source Team contributes to the wider community. The rest of the talk will explore some highlights of the Google Summer of Code program, our initiative to get university students involved in Open Source development. I will cover the program's inception, lessons learned over time and tips for success in the program for both mentors and students. In particular, the talk will detail some experiences of the *BSD mentoring organizations involved in the program as a case study in successfully managing the program from the Open Source project's perspective. Any Google Summer of Code participants in the audience are welcome and encouraged to chime in with their own insights.

                                                            • FreeBSD Google Summer of Code posters
                                                              Source: FreeBSD Google Summer of Code
                                                              Added: 2009-03-22
                                                              Tags: freebsd, google, summer of code
                                                              Files: PNG version (1.1 Mb, 2480 x 3507 pixels), PDF version (815 Kb, 1 page)

                                                              Two posters usable for the announcement of the participation of the FreeBSD Project in the Google Summer of Code.

                                                            google soc

                                                            gregers petersen

                                                              groff

                                                                hajimu umemoto

                                                                  hammer

                                                                  hans van de looy

                                                                  • Een historisch overzicht van BSD - Hans van de Looy
                                                                    Source: Nederlandse Linux Gebruikers Group
                                                                    Added: 2008-December-31
                                                                    Tags: nllgg, bsd, history, hans van de looy
                                                                    Files: PDF version (5767 Kb, 38 pages)

                                                                    Hans zal een historisch overzicht geven van het ontstaan van *BSD vanaf de oorsprong van UNIX tot aan de nu bekende *BSD varianten. Hij zal daarbij met name ingaan wat de oorsprong en het ontstaan van een aantal *BSD-projecten zijn. Hierbij zal hij zeer kort ingaan op de verschillende licentieproblemen die we in het verleden gezien hebben en worden een aantal bekende personen en data weer eens even op de kaart geplaatst. Hans van de Looy is oprichter van Madison Gurkha. Een bedrijf dat gespecialiseerd is op het gebied van het uitvoeren van technische ICT-beveiligingsonderzoeken, in de media ook wel aangeduid met Etisch Hacken. Tijdens dergelijke onderzoeken maakt hij ook regelmatig gebruik van op BSD* gebaseerde systemen.

                                                                  harddisk encryption

                                                                  • COMPLETE Hard Disk Encryption with FreeBSD
                                                                    Source: 22nd Chaos Communication Congress
                                                                    Added: 2006-08-23
                                                                    Tags: ccc, ccc2005, ccc22, presentation, freebsd, harddisk encryption, marc schiesser
                                                                    Files: Slides (679Kb), Bittorrent link (37Kb)

                                                                    COMPLETE Hard Disk Encryption with FreeBSD, by Marc Schiesser Learn how to effectively protect not only your data but also your applications. Most technologies and techniques intended for securing digital data focus on protection while the machine is turned on mostly by defending against remote attacks. An attacker with physical access to the machine, however, can easily circumvent these defenses by reading out the contents of the storage medium on a different, fully accessible system or even compromise program code on it in order to leak encrypted information. Especially for mobile users, that threat is real. And for those carrying around sensitive data, the risk is most likely high. This talk will introduce a method of mitigating that particular risk by protecting not only the data through encryption, but also the applications and the operating system from being compromised while the machine is turned off.

                                                                  hardware

                                                                  • EuroBSDCon 2008 - Robert Watson - FreeBSD Network Stack Performance Optimizations for Modern Hardware
                                                                    Source: EuroBSDCon
                                                                    Added: 2008-October-22
                                                                    Tags: eurobsdcon, eurobsdcon2008, freebsd, network stack, hardware, robert watson
                                                                    Files: OGG (1 byte, 53 minutes), MP3 (1 byte, 53 minutes), PDF (1 byte, n pages)

                                                                    The arrival of high CPU core density, with commodity quad-core notebooks and 32-core servers, combined with 10gbps networking have transformed network design principles for operating systems. This talk will describe changes in the FreeBSD 6.x, 7.x, and forthcoming 8.x network stacks required to exploit multiple cores and serve 10gbps networks. The goal of the session will be to introduce the audience to general strategies used to improve performance, their rationales, and their impact on applications and users: Introduction to the SMPng Project and the follow-on Netperf Project Workloads and performance measurement Efficient primitives to support modern network stacks Multi-core and cache-aware network memory allocator Fine-grained network stack locking Load-balancing and contention-avoidance across multiple CPUs CPU affinity for network stack data structures TCP performance enhancements including TSO, LRO, and TOE Zero-copy Berkely Packet Filter (BPF) buffers Direct network stack dispatch from interrupt handlers Multiple input and output queues Robert Watson is a researcher at the University of Cambridge Computer Laboratory investinging operating system and network security. Prior to joining the Computer Laboratory to work on a PhD, he was Senior Principal Scientist at McAfee Research, now SPARTA ISSO, a leading security research and development organization, directing government and commercial research contracts for customers that include DARPA, the US Navy, and Apple Computer. His research interests include operating system security, network stack structure and performance, and windowing system structure. He is also a member of the FreeBSD Core Team and president of the FreeBSD Foundation.

                                                                  hardware sensors

                                                                  • EuroBSDCon 2008 - Constantine Murenin - OpenBSD Hardware Sensors Framework
                                                                    Source: EuroBSDCon
                                                                    Added: 2008-October-22
                                                                    Tags: eurobsdcon, eurobsdcon2008, presentation, openbsd, hardware sensors, constantine murenin
                                                                    Files: PDF (539395 bytes, 38 pages)

                                                                    In this talk, we will discuss the past and present history and the design principles of the OpenBSD hardware sensors framework. Sensors framework provides a unified interface for storing, registering and accessing information about hardware monitoring sensors. Sensor types include, but are not limited to, temperature, voltage, fan RPM, time offset and logical drive status. The framework spans sensor_attach(9), sysctl(3), sysctl(8), sensorsd(8), ntpd(8), snmpd(8) and more than 67 drivers, ranging from I2C temperature sensors and Super I/O hardware monitors to IPMI, RAID and SCSI enclosures. Several third-party tools are also available, for example, a plug-in for Nagios and ports/sysutils/symon. Originally based on some ideas from NetBSD, the framework has sustained many improvements in OpenBSD, and was ported and committed to FreeBSD and DragonFly BSD. Constantine A. Murenin is an MMath graduate student at the David R. Cheriton School of Computer Science at the University of Waterloo (CA). Prior to his graduate appointment, Constantine attended and subsequently graduated from East Carolina University (US) and De Montfort University (UK), receiving two bachelor degrees in computer science, with honors and honours respectively. A FreeBSD Google Summer of Code 2007 Student, OpenBSD Committer and Mozilla Contributor, Constantine's interests range from standards compliance and usability at all levels, to quiet computing and hardware monitoring. http://Constantine.SU/

                                                                  • Constantine A. Murenin - Quiet Computing with BSD
                                                                    Source: BSDCan - The Technical BSD Conference
                                                                    Added: 2009-05-25
                                                                    Tags: bsdcan, bsdcan2009, presentation, openbsd, hardware sensors, constantine murenin
                                                                    Files: Slides (16 pages, 264 Kb)

                                                                    Quiet Computing with BSD Programming system hardware monitors for quiet computing In this talk, we will present a detailed overview of the features and common problems of microprocessor system hardware monitors as they relate to the topic of silent computing. In a nutshell, the topic of programmable fan control will be explored. Silent computing is an important subject as its practice reduces the amount of unnecessary stress and improves the motivation of the workforce, at home and in the office. Attendees will gain knowledge on how to effectively programme the chips to minimise fan noise and avoid system failure or shutdown during temperature fluctuations, as well as some basic principles regarding quiet computing. Shortly before the talk, a patch for programming the most popular chips (like those from Winbond) will be released for the OpenBSD operating system, although the talk itself will be more specific to the microprocessor system hardware monitors themselves, as opposed to the interfacing with thereof in modern operating systems like OpenBSD, NetBSD, DragonFly BSD and FreeBSD.

                                                                  hauke fath

                                                                  • EuroBSDCon 2008 - Hauke Fath - Managing BSD desktop clients - Fencing in the herd
                                                                    Source: EuroBSDCon
                                                                    Added: 2008-October-22
                                                                    Tags: eurobsdcon, eurobsdcon2008, bsd, desktop, hauke fath
                                                                    Files: OGG (1 byte, 50 minutes), MP3 (1 byte, 50 minutes), PDF (1 byte, n pages)

                                                                    The members of the BSD family have traditionally prospered off the desktop, as operating systems on servers and embedded systems. The advent of MacOS X has marked a change, and moved the desktop more into focus. Modern desktop systems create a richer software landscape, with more diverse requirements, than their server counterparts. User demands, software package interdependencies and frequent security issues result in a change rate that can put a considerable load on the admin staff. Without central management tools, previously identical installations diverge quickly. This paper looks at concepts and strategies for managing tens to hundreds of modern, Unix-like desktop clients. The available management tools range from simple, image-based software distribution, mainly used for setting up uniform clients, to "intelligent" rule-based engines capable of search-and-replace operations on configuration files. We will briefly compare their properties and limitations, then take a closer look at Radmind, a suite for file level administration of Unix clients. Radmind has been in use in the Institute of Telecommunication at Technische Universitt Darmstadt for over three years, managing NetBSD and Debian Linux clients in the labs as well as faculty members' machines. We will explore the Radmind suite's underlying concepts and functionality. In order to see how the concept holds up, we will discuss real-world scenarios from the system life-cycle of Installation, configuration changes, security updates, component updates, and system upgrades. Hauke Fath works as a systems administrator for the Institut fr Nachrichtentechnik (telecommunication) at Technische Universitt Darmstadt. He has been using NetBSD since 1994, when he first booted a NetBSD 1.0A kernel on a Macintosh SE/30. NetBSD helped shaping his career by causing a slow drift from application programmer's work towards systems and network administration. Hauke Fath holds a MS in Physics and became a NetBSD developer in late 2006. Keywords: Managing Unix desktop clients, software distribution, tripwire

                                                                  hideki sunahara

                                                                  high performance

                                                                    high performance computing

                                                                    • Building a High-Performance Computing Cluster Using FreeBSD
                                                                      Source: New York City *BSD User Group
                                                                      Added: 2008-03-22
                                                                      Tags: nycbug, presentation, high performance computing, freebsd, brooks davis
                                                                      Files: MP3 version (80 minutes, 9 Mb)

                                                                      Special NYC*BUG meeting with FreeBSD developer Brooks Davis Since late 2000 we have developed and maintained a general purpose technical and scientific computing cluster running the FreeBSD operating system. In that time we have grown from a cluster of 8 dual Intel Pentium III systems to our current mix of 64 dual, quad-core Intel Xeon and 289 dual AMD Opteron systems. In this talk we reflect on the system architecture as documented in our BSDCon 2003 paper "Building a High-performance Computing Cluster Using FreeBSD" and our changes since that time. After a brief overview of the current cluster we revisit the architectural decisions in that paper and reflect on their long term success. We then discuss lessons learned in the process. Finally, we conclude with thoughts on future cluster expansion and designs. Bio Brooks Davis is an Engineering Specialist in the High Performance Computing Section of the Computer Systems Research Department at The Aerospace Corporation. He has been a FreeBSD user since 1994, a FreeBSD committer since 2001, and a core team member since 2006. He earned a Bachelors Degree in Computer Science from Harvey Mudd College in 1998. His computing interests include high performance computing, networking, security, mobility, and, of course, finding ways to use FreeBSD in all these areas. When not computing, he enjoys reading, cooking, brewing and pounding on red-hot iron in his garage blacksmith shop.

                                                                    hiroki sao

                                                                    hiroki sato

                                                                    history

                                                                    • Marshall Kirk McKusick at DCBSDCon
                                                                      Source: bsdtalk
                                                                      Added: 2009-02-21
                                                                      Tags: bsdtalk, presentation, bsd, history, kirk mckusick
                                                                      Files: MP3 version (26 Mb, 55 minutes), Ogg version (55 minutes)

                                                                      A recording of Marshall Kirk McKusick's talk "A Narrative History of BSD" at DCBSDCon this past weekend. You can get a much more complete history here: http://www.mckusick.com/history/index.html

                                                                    • Een historisch overzicht van BSD - Hans van de Looy
                                                                      Source: Nederlandse Linux Gebruikers Group
                                                                      Added: 2008-December-31
                                                                      Tags: nllgg, bsd, history, hans van de looy
                                                                      Files: PDF version (5767 Kb, 38 pages)

                                                                      Hans zal een historisch overzicht geven van het ontstaan van *BSD vanaf de oorsprong van UNIX tot aan de nu bekende *BSD varianten. Hij zal daarbij met name ingaan wat de oorsprong en het ontstaan van een aantal *BSD-projecten zijn. Hierbij zal hij zeer kort ingaan op de verschillende licentieproblemen die we in het verleden gezien hebben en worden een aantal bekende personen en data weer eens even op de kaart geplaatst. Hans van de Looy is oprichter van Madison Gurkha. Een bedrijf dat gespecialiseerd is op het gebied van het uitvoeren van technische ICT-beveiligingsonderzoeken, in de media ook wel aangeduid met Etisch Hacken. Tijdens dergelijke onderzoeken maakt hij ook regelmatig gebruik van op BSD* gebaseerde systemen.

                                                                    hostobzor

                                                                    • Server deployment in mass-hosting environment using FreeBSD Ports system by Stanislav Sedov (in russian)
                                                                      Source: Hostobzor, the Russian conference of hosting provider
                                                                      Added: 2008-November-24
                                                                      Tags: hostobzor, hostobzor12, freebsd, ports, stanislav sedov, russian
                                                                      Files: PDF version (61 Kb, 5 pages), PDF version (470 Kb, 30 pages)

                                                                      Recently I have been attending Hostobzor 12th, the Russian conference of hosting providers, beeing held at Raivola hotel near St. Petersburg. The event was great as always thanks to organizers. There was a number of intersting talks given, a lot of interesting discussions held, and, what I appreciate better, a lot of new people with great ideas met. I gave a talk on using the FreeBSD Ports system to mange a large-scale virtual hosting installations based on Hosting Telesystems experience. I tried to describe in detail how we use the ports collection to deploy a large number of servers diverced by architecture and OS versions, how we build packages and distribute them among servers, talked about how we use Mercurial VCS to incrementally merge upstream changes into our modified ports collection and FreeBSD src trees. Hopefully, I've not screwed it much... At least, some people was interested a lot and asked interesting questions.

                                                                    hostobzor12

                                                                    • Server deployment in mass-hosting environment using FreeBSD Ports system by Stanislav Sedov (in russian)
                                                                      Source: Hostobzor, the Russian conference of hosting provider
                                                                      Added: 2008-November-24
                                                                      Tags: hostobzor, hostobzor12, freebsd, ports, stanislav sedov, russian
                                                                      Files: PDF version (61 Kb, 5 pages), PDF version (470 Kb, 30 pages)

                                                                      Recently I have been attending Hostobzor 12th, the Russian conference of hosting providers, beeing held at Raivola hotel near St. Petersburg. The event was great as always thanks to organizers. There was a number of intersting talks given, a lot of interesting discussions held, and, what I appreciate better, a lot of new people with great ideas met. I gave a talk on using the FreeBSD Ports system to mange a large-scale virtual hosting installations based on Hosting Telesystems experience. I tried to describe in detail how we use the ports collection to deploy a large number of servers diverced by architecture and OS versions, how we build packages and distribute them among servers, talked about how we use Mercurial VCS to incrementally merge upstream changes into our modified ports collection and FreeBSD src trees. Hopefully, I've not screwed it much... At least, some people was interested a lot and asked interesting questions.

                                                                    hoststated

                                                                    html

                                                                      humor

                                                                      installer

                                                                      • Ivan Voras - "finstall" - the new FreeBSD installer
                                                                        Source: BSDCan - The Technical BSD Conference
                                                                        Added: 2008-05-26
                                                                        Tags: bsdcan, bsdcan2008, slides, freebsd, installer, ivan voras
                                                                        Files: PDF file (39 pages, 1.1 Mb)

                                                                        "finstall" - the new FreeBSD installer A graphical installer for FreeBSD The "finstall" project, sponsored by Google as a Summer of Code 2007 project, is an attempt to create a user-friendly graphical installer for FreeBSD, with enough strong technical features to appeal to the more professional users. A long term goal for it is to be a replacement for sysinstall, and as such should support almost all of the features present in sysinstall, as well as add support for new FreeBSD features such as GEOM, ZFS, etc. This talk will describe the architecture of "finstall" and focus on its lesser known features such as remote installation. "finstall" is funded by Google SoC as a possible long-term replacement for sysinstall, as a "LiveCD" with the whole FreeBSD base system on the CD, with X11 and XFCE4 GUI. In the talk I intend to describe what I did so far, and what are the future plans for it. This includes the installer GUI, the backend (which has the potential to become a generic FreeBSD configuration backend) and the assorted tools developed for finstall ("LiveCD" creation scripts). More information on finstall can be found here: http://wiki.freebsd.org/finstall.

                                                                      interview

                                                                      ion-mihai tetcu

                                                                      • EuroBSDCon 2008 - Ion-Mihai Tetcu - Improving FreeBSD ports/packages quality
                                                                        Source: EuroBSDCon
                                                                        Added: 2008-October-22
                                                                        Tags: eurobsdcon, eurobsdcon2008, freebsd, ports, packages, ion-mihai tetcu
                                                                        Files: OGG (1 byte, 56 minutes), MP3 (1 byte, 56 minutes), PDF (1 byte, n pages)

                                                                        This talk is focused on ways to improve the quality of FreeBSD's ports and packages and it's partially based on the 5 months experience of writing and running the consecutive versions of "QA Tindy". Ion-Mihai "IOnut" Tetcu is a 28 years old FreeBSD ports committer and maintains about 40 ports scattered in the Ports Tree. He lives in Bucharest, Romania where he runs and co-owns an IT company and he's a member of Romanian FreeBSD and FreeUnix User Group (RoFUG). His non-IT interests include history, philosophy and mountain climbing.

                                                                      ipf

                                                                      ipfw

                                                                      ipsec

                                                                      • Fast IPSec with George Neville-Neil
                                                                        Source: bsdtalk
                                                                        Added: 2007-07-16
                                                                        Tags: bsdtalk, interview, ipsec, george neville-neil
                                                                        Files: MP3 version (7 Mb, 14 minutes), Ogg version (14 minutes)

                                                                        Interview with George Neville-Neil about Fast IPSec.

                                                                      • EuroBSDCon 2008 - Yvan Vanhullebus - IPSec tools: past, present and future
                                                                        Source: EuroBSDCon
                                                                        Added: 2008-October-22
                                                                        Tags: eurobsdcon, eurobsdcon2008, ipsec, yvan vanhullebus
                                                                        Files: OGG (1 byte, 46 minutes), MP3 (1 byte, 46 minutes), PDF (1 byte, n pages)

                                                                        The first part will explain what have been major changes since Manu's presentation at Bale's EuroBSDCon, including more detailed informations on changes which have a significant impact on administrator's bad habits (why the common way of doing it is bad, why it was sometimes needed in the past, how to do it the good way now, why this is far better), on both the UserLand (ipsec-tools project) and maybe in [Free|Net]BSD kernels/ IPSec stacks. The second part will talk about the future of the project. News of the next major version (which may be out or about to be out when we'll be ate EuroBSDCon), news works which are planned or which are done but not yet public, but also news about the team: it's new members, new tools, what we would like to do in tue future, a Yvan VANHULLEBUS works as an R&D security engineer for NETASQ since 2000, where he works on FreeBSD OS. He started to work on KAME's IPSec stack in 2001, provided many patches for various parts of the stack, then became one of the maintainers of ipsec-tools project, a fork of KAME's userland daemon. He became a NetBSD developper when ipsec-tools was migrated to NetBSD's CVS.

                                                                      ipv6

                                                                      • Playing with IPv6
                                                                        Source: bsdtalk
                                                                        Added: 2007-07-06
                                                                        Tags: bsdtalk, ipv6
                                                                        Files: MP3 version (8 Mb, 15 minutes), Ogg version (15 minutes)

                                                                        I ramble on about how I have been experimenting with IPv6. For more details, see http://cisx1.uma.maine.edu/~wbackman/cis341/resources/ipv6-test-lab.html.

                                                                      • Qing Li and Tatuya Jinmei
                                                                        Source: bsdtalk
                                                                        Added: 2007-05-19
                                                                        Tags: bsdtalk, interview, ipv6, books, qing li, tatuya jimei
                                                                        Files: MP3 version (10 Mb, 20 minutes), Ogg version (20 minutes)

                                                                        Interview at at BSDCan with Qing Li and Tatuya Jinmei. We talk about the books that they authored with Keiichi Shima: "IPv6 Core Protocols Implementation" and "IPv6 Advanced Protocols Implementation." The books are available at Amazon.com or on the publisher's web site, www.mkp.com.

                                                                      • SSARES
                                                                        Source: New York City *BSD User Group
                                                                        Added: 2008-01-11
                                                                        Tags: nycbug, presentation, ipv6, gene cronk
                                                                        Files: MP3 version (67 minutes, 7 Mb), Paper (10 pages, 443 Kb)

                                                                        SSARES: Secure Searchable Automated Remote Email Storage - A usable, secure email system on a remote untrusted server The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefit of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confidentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search. To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient. However, the system also incurs significant costs, primarily in terms of expanded storage requirements. We view our work as a starting point toward creating privacy-friendly hosted services. Angelos Keromytis is an Associate Professor with the Department of Computer Science at Columbia University, and director of the Network Security Laboratory. He received his B.Sc. in Computer Science from the University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer and Information Science (CIS) Department, University of Pennsylvania. He is the author and co-author of more than 100 papers on refereed conferences and journals, and has served on over 40 conference program committees. He is an associate editor of the ACM Transactions on Information and Systems Security (TISSEC). He recently co-authored a book on using graphics cards for security, and is a co-founder of StackSafe Inc. His current research interests revolve around systems and network security, and cryptography.

                                                                      • Gene Cronk on Implementing IPv6
                                                                        Source: New York City *BSD User Group
                                                                        Added: 2007-October-06
                                                                        Tags: nycbug, presentation, ipv6, gene cronk
                                                                        Files: MP3 version (60 minutes, 14Mb)

                                                                        This talk will be on some of the basics of IPv6 including addressing, subnetting, and tools to test connectivity. There will be a lab (network permitting), and setups for an as of yet undisclosed flavor of BSD as well as some of the well known daemons (Apache 2, SSHD) will be demonstrated. Setting up a BSD OS as an IPv6 router and tunneling system will also be covered. Bio Gene Cronk, CISSP-ISSAP, NSA-IAM is a freelance network security consultant, specializing in *NIX solutions. He has been working with computers for well over 20 years, electronics for over 15, and IPv6 specifically for 4 years. He has given talks on IPv6 and a multitude of other topics at DefCon, ShmooCon and other "underground" venues. Gene is from Jacksonville, FL. When not involved in matters concerning IPv6, he can be found gaming (Anarchy Online), helping out with the Jacksonville Linux User's Group, being one of the benevolent dictators of the Hacker Pimps Security Think Tank, or fixing up his house.

                                                                      • Willow Vachkov - FreeBSD and the new network and transport protocols (IPv6 and SCTP)
                                                                        Source: OpenFest
                                                                        Added: 2008-03-27
                                                                        Tags: openfest, openfest2007, presentation, freebsd, ipv6, sctp, willow vanchkov
                                                                        Files: AVI (251 Mb)

                                                                        Willow Vachkov - FreeBSD and the new network and transport protocols (IPv6 and SCTP) (Bulgarian)

                                                                      ironport

                                                                      isaac levy

                                                                      • NYCBSDCon Update with Isaac Levy and Steven Kreuzer
                                                                        Source: bsdtalk
                                                                        Added: 2008-08-19
                                                                        Tags: bsdtalk, interview, nycbug, nycbsdcon, nycbsdcon2008, isaac levy, steven kreuzer
                                                                        Files: MP3 version (7 Mb, 15 minutes), Ogg version (15 minutes)

                                                                        An update on NYCBSDCon 2008 with Isaac Levy and Steven Kreuzer. More information on the conference can be found at http://www.nycbsdcon.org/

                                                                      • BSD Hacker Isaac "Ike" Levy
                                                                        Source: bsdtalk
                                                                        Added: 2007-07-16
                                                                        Tags: bsdtalk, interview, nycbug, isaac levy
                                                                        Files: MP3 version (13 Mb, 26 minutes), Ogg version (26 minutes)

                                                                        Interview with BSD Hacker Isaac "Ike" Levy. To hear more of Ike and other NYCBUG audio, visit http://www.fetissov.org/public/nycbug/

                                                                      • Isaac 'Ike' Levy on the Real Unix Tradition
                                                                        Source: New York City *BSD User Group
                                                                        Added: 2007-07-08
                                                                        Tags: nycbug, presentation, unix tradition, isaac levy
                                                                        Files: MP3 version (10Mb)

                                                                        "The Real Unix Tradition" UNIX hackers, all standing on the shoulders of giants. "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 "Well, it was all Open Source, before anybody really called it that". - Brian Redman, 2003 UNIX is the oldest active and growing computing culture alive today. From it's humble roots in the back room at Bell Laboratories, to today's global internet infrastructure- UNIX has consistently been at the core of major advances in computing. Today, the BSD legacy is the most direct continuation of the most successful principles in UNIX, and continues to lead major advances in computing. Why? What's so great about UNIX? This lecture aims to prove that UNIX history is surprisingly useful (and fun)- for developers, sysadmins, and anyone working with BSD systems. About the speaker Isaac Levy, (ike) is a freelance BSD hadker based in NYC. He runs Diversaform Inc. as an engine to make his hacking feed itself, (and ike). Diversaform specializes in *BSD based solutions, providing 'IT special weapons and tatics' for various sized business clients, as well as running a small high-availability datacenter operation from lower Manhattan. With regard to FreeBSD jail(8), ike was a partner in the first jail (8)-based web hosting ISP in America, iMeme, and has been developing internet applications in and out of jails since 1999. Isaac is a proud member of NYC*BUG (the New York City *BSD Users Group), and a long time member of LESMUUG, (the Lower East Side Mac Unix Users Group).

                                                                      • Isaac 'Ike' Levy on m0n0wall and PFSense
                                                                        Source: New York City *BSD User Group
                                                                        Added: 2006-09-09
                                                                        Tags: nycbug, presentation, monowall, pfsense, isaac levy
                                                                        Files:  (9 Mb)

                                                                        UNIX professionals are busy these days. Setting up routers and firewalls are fundamental to any network, but in environments where the focus is on various applications, (servers, workstations, and the software that runs on them), it's difficult for a business not to choose off-the-shelf SOHO routers and networking gear. The web management GUIs are understandable by everyone, (even techs without UNIX knowledge), and the gear is cheap - this saves time and money. In the meantime, the features of your average Linksys or Netgear router often leave MUCH to be desired, (https auth management, for one simple example). Enter m0n0wall and PFSense, 2 BSD based packaged router/firewall solutions that are as solid and full featured as you'd expect from any BSD system- PLUS THEY HAVE HTML WEB INTERFACES FOR MANAGEMENT! m0n0wall and PFSense become an easy sell in any small professional environment, any competent tech can manage the network within minutes... At home, in every hackers home network, they free the hacker to have trusted tools available, but are as time-saving as using any Linksys router. m0n0wall and PFSense are both light and clean, designed to run on embedded systems- (Soekris, WRAP), but are monsters when unleashed on even legacy PCs around the office. If you manage UNIX networks and systems all day, do you really want to manage the router for your DSL when you get home? But then doesn't it bug you to use a chincey Linksys box? Ike has been a member of NYC*BUG since we first launched in January 2004. He is a long-time member of the Lower East Side Mac Unix User Group. He has spoken frequently on a number of topics at various venues, particularly on the issue of FreeBSD's jail (8).

                                                                      iscsi

                                                                      isilon

                                                                      isp

                                                                        itojun

                                                                        ivan ivanov

                                                                        • Ivan Ivanov on The Version Control System Subversion
                                                                          Source: New York City *BSD User Group
                                                                          Added: 2007-02-09
                                                                          Tags: nycbug, presentation, subversion, ivan ivanov
                                                                          Files: MP3 version

                                                                          The presentation will discuss Subversion from both client and server points of view. It will show how to create repositories and how to make them accessible over the network using different access schemes like http://, file:// or svn://. Pointers are given on securing the repositories and on authenticating and authorizing the clients. Next, the presentation shows how an user interacts with the repository and describes some of the important Subversion client commands. Finally, it deals with administrating the repository using "hook scripts". Ivan Ivanov is generally interested in Version Control Systems since his student years in Sofia University, Bulgaria, where he set up and maintained a CVS server for an academic project. When Subversion became a fact and proved to be "a better CVS" he researched it and last year deployed it for his NYC-based employer Ariel Partners (http://www.arielpartners.com/). He integrated the Subversion repositories with Apache Web Server over https to enable a reliable and secure way to access them from any point.

                                                                        ivan voras

                                                                        • BSDCan-2012 - Ivan Voras - Bullet Cache - Balancing speed and usability in a cache server
                                                                          Source: BSDCan - The Technical BSD Conference
                                                                          Added: 2012-05-30
                                                                          Tags: 2012, bsdcan, bsdcan2012, papers, ivan voras
                                                                          Files: PDF (=661.3 Kb, 40 pages)

                                                                          Bullet Cache is an in-memory cache server inspired by memcached, but with a twist: a powerful record tagging and bulk query facility, configurable multithreading models and a dump / cache prewarm option. This talk will have two parts: a technical description of Bullet Cache's implementation with focus on programming techniques and optimizations, and a description of usage scenarios with the focus on how it can help real-world applications (not limited to Web applications).

                                                                        • Ivan Voras - Remote and mass management of systems with finstall
                                                                          Source: BSDCan - The Technical BSD Conference
                                                                          Added: 2009-05-25
                                                                          Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
                                                                          Files: Slides (24 pages, 377 Kb)

                                                                          Remote and mass management of systems with finstall Automated management on a largish scale An important part of the "finstall" project, created as a graphical installer for FreeBSD, is a configuration server that can be used to remotely administer and configure arbitrary systems. It allows for remote scripting of administration tasks and is flexible enough to support complete reconfiguration of running systems. The finstall project has two major parts - the front-end and the back-end. The front-end is just a GUI allowing the users to install the system in a convenient way. The back-end is a network-enabled XML-RPC server that is used by the front-end to perform its tasks. It can be used as a stand-alone configuration daemon. This talk will describe a way to make use of this property of finstall to remotely manage large groups of systems.

                                                                        • Ivan Voras - "finstall" - the new FreeBSD installer
                                                                          Source: BSDCan - The Technical BSD Conference
                                                                          Added: 2008-05-26
                                                                          Tags: bsdcan, bsdcan2008, slides, freebsd, installer, ivan voras
                                                                          Files: PDF file (39 pages, 1.1 Mb)

                                                                          "finstall" - the new FreeBSD installer A graphical installer for FreeBSD The "finstall" project, sponsored by Google as a Summer of Code 2007 project, is an attempt to create a user-friendly graphical installer for FreeBSD, with enough strong technical features to appeal to the more professional users. A long term goal for it is to be a replacement for sysinstall, and as such should support almost all of the features present in sysinstall, as well as add support for new FreeBSD features such as GEOM, ZFS, etc. This talk will describe the architecture of "finstall" and focus on its lesser known features such as remote installation. "finstall" is funded by Google SoC as a possible long-term replacement for sysinstall, as a "LiveCD" with the whole FreeBSD base system on the CD, with X11 and XFCE4 GUI. In the talk I intend to describe what I did so far, and what are the future plans for it. This includes the installer GUI, the backend (which has the potential to become a generic FreeBSD configuration backend) and the assorted tools developed for finstall ("LiveCD" creation scripts). More information on finstall can be found here: http://wiki.freebsd.org/finstall.

                                                                        ixsystems

                                                                        jail

                                                                          jails

                                                                          james cornell

                                                                          jan kneschke

                                                                          jan srzednicki

                                                                          jared d mcneill

                                                                            jason dixon

                                                                            jason l wright

                                                                              jason thaxter

                                                                              jason thorpe

                                                                              jason wright

                                                                              jean lorchat

                                                                                jeff rizzo

                                                                                jeremy c reed

                                                                                jeremy white

                                                                                joerg sonnenberger

                                                                                • Joerg Sonnenberger
                                                                                  Source: bsdtalk
                                                                                  Added: 2007-November-18
                                                                                  Tags: bsdtalk, interview, eurobsdcon, eurobsdcon2007, michael dexter, joerg sonnenberger
                                                                                  Files: MP3 version (8 Mb, 17 minutes), Ogg version (17 minutes)

                                                                                  Michael Dexter sent me an interview he recorded on behalf of BSDTalk with Joerg Sonnenberger at EuroBSDCon 2007.

                                                                                • EuroBSDCon 2008 - Joerg Sonnenberger - Sleeping beauty - NetBSD on Modern Laptops
                                                                                  Source: EuroBSDCon
                                                                                  Added: 2008-October-22
                                                                                  Tags: eurobsdcon, eurobsdcon2008, netbsd, laptops, joerg sonnenberger
                                                                                  Files: OGG (1 byte, 54 minutes), MP3 (1 byte, 54 minutes), PDF (1 byte, n pages)

                                                                                  This paper discusses the NetBSD Power Management Framework (PMF) and related changes to the kernel. The outlined changes allow NetBSD to support essential functions like suspend-to-RAM on most post-Y2K X86 machines. They are also the fundation for intelligent handling of device activity by enabling devices on-demand. This work is still progressing. Many of the features will be available in the up-coming NetBSD 5.0 release The NetBSD kernel is widely regarded to be one of the cleanest and most portable Operating System kernels available. For various reasons it is also assumed that NetBSD only runs well on older hardware. In the summer of 2006 Charles Hannum, one of the founders of NetBSD, left with a long mail mentioning as important issues the lack of proper power management and suspendto- RAM support. One year later, Jared D. McNeill posted a plan for attacking this issue based on ideas derived from the Windows Driver Model. This plan would evolve into the new NetBSD Power Management Framework (PMF for short).

                                                                                • Joerg Sonnenberger - Journaling FFS with WAPBL
                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                  Added: 2009-05-25
                                                                                  Tags: bsdcan, bsdcan2009, presentation, netbsd, wapbl, ffs, joerg sonnenberger
                                                                                  Files: Slides (24 pages, 10 Kb)

                                                                                  Journaling FFS with WAPBL NetBSD 5 is the first NetBSD release with a journaling filesystem. This lecture introduces the structure of the Fast File System, the modifications for WAPBL and specific constraints of the implementation. The Fast File System (FFS) has been used in the BSD land for more than two decades. The original implementation offered two operational modes: safe and slow (sync) unsafe and fast (async) One decade ago, Kirk McKusick introduced the soft dependency mechanism to offset the performance impact without risk of mortal peril on the first crash. With the advent of Terabyte hard disks, the need for a file system check (fsck) after a crash becomes finally unacceptable. Even a background fsck like supported on FreeBSD consumes lots of CPU time and IO bandwidth. Based on a donation from Wasabi Systems, Write Ahead Physical Block Logging (WAPBL) provides journaling for FFS with similar or better performance than soft dependencies during normal operation. Recovery time after crashes depends on the amount of outstanding IO operations and normally takes a few seconds. This lecture gives a short overview of FFS and the consistency constraints for meta data updates. It introduces the WAPBL changes, both in terms of the on-disk format and the implementation in NetBSD. Finally the implementation is compared to the design of comparable file systems and specific issues of and plans for the current implementation are discussed.

                                                                                john baldwin

                                                                                • Episode 06 of "FreeBSD for all" uploaded
                                                                                  Source: FreeBSD for All
                                                                                  Added: 2006-06-05
                                                                                  Tags: freebsd for all, talk, john baldwin, freebsd vs linux
                                                                                  Files: MP3 version, Ogg version, 64 kbps MP3 version

                                                                                  This week we talk about Macromedia plugin FreeBSD-Linux differences part 2 John Baldwin Introduction Podcast announcement - call for co-hosts!

                                                                                • John Baldwin - Multiple Passes of the FreeBSD Device Tree
                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                  Added: 2009-05-25
                                                                                  Tags: bsdcan, bsdcan2009, presentation, freebsd, device tree, john baldwin
                                                                                  Files: Paper (8 pages, 103 Kb), Slides (15 pages, 60 Kb)

                                                                                  Multiple Passes of the FreeBSD Device Tree The existing device driver framework in FreeBSD works fairly well for many tasks. However, there are a few problems that are not easily solved with the current design. These problems include having "real" device drivers for low-level hardware such as clocks and interrupt controllers, proper resource discovery and management, and allowing most drivers to always probe and attach in an environment where interrupts are enabled. I propose extending the device driver framework to support multiple passes over the device tree during boot. This would allow certain classes of drivers to be attached earlier and perform boot-time setup before other drivers are probed and attached. This in turn can be used to develop solutions to the earlier list of problems.

                                                                                • John Baldwin - Introduction to Debugging the FreeBSD Kernel
                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                  Added: 2008-05-21
                                                                                  Tags: bsdcan, bsdcan2008, slides, paper, debugging, freebsd, john baldwin
                                                                                  Files: slides, PDF file (26 pages, 113 Kb), paper, PDF file (15 pages, 121 Kb)

                                                                                  Introduction to Debugging the FreeBSD Kernel Just like every other piece of software, the FreeBSD kernel has bugs. Debugging a kernel is a bit different from debugging a userland program as there is nothing underneath the kernel to provide debugging facilities such as ptrace() or procfs. This paper will give a brief overview of some of the tools available for investigating bugs in the FreeBSD kernel. It will cover the in-kernel debugger DDB and the external debugger kgdb which is used to perform post-mortem analysis on kernel crash dumps. Introduction to Debugging the FreeBSD Kernel Basic crash messages, what a crash looks like typical panic() invocation page fault example "live" debugging with DDB stack traces ps deadlock examples show lockchain show sleepchain Adding new DDB commands KGDB inspecting processes and threads working with kernel modules using scripts to extend examining crashdumps using utilities ps, netstat, etc. debugging strategies kernel crashes system hangs

                                                                                john birrell

                                                                                • John Birrell - DTrace for FreeBSD
                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                  Added: 2008-05-21
                                                                                  Tags: bsdcan, bsdcan2008, slides, dtrace, freebsd, john birrell
                                                                                  Files: PDF file (49 pages, 148 Kb)

                                                                                  DTrace for FreeBSD What on earth is that system doing?! DTrace is a comprehensive dynamic tracing facility originally developed for Solaris that can be used by administrators and developers on live production systems to examine the behavior of both user programs and of the operating system itself. DTrace enables users to explore their system to understand how it works, track down performance problems across many layers of software, or locate the cause of aberrant behavior. DTrace lets users create their own custom programs to dynamically instrument the system and provide immediate, concise answers to arbitrary questions you can formulate using the DTrace D programming language. This talk discusses the port of the DTrace facility to FreeBSD and demonstrates examples on a live FreeBSD system. Introduction to the D language - probes, predicates and actions. dtrace(8) and libdtrace - the userland side of the DTrace story. The DTrace kernel module, it's ioctl interface to userland and the provider infrastructure in the kernel. DTrace kernel hooks and the problem of code licensed under Sun's CDDL. What does a DTrace probe actually do? DTrace safety and how it is implemented. Build system changes to add CTF (Compact C Type Format) data to objects, shared libraries and executables. The DTrace test suite. A brief list of things to do to port the DTrace facility to other BSD-derived operating systems.

                                                                                john mashey

                                                                                • Postfix Performance Tuning
                                                                                  Source: New York City *BSD User Group
                                                                                  Added: 2009-02-21
                                                                                  Tags: nycbug, presentation, postfix, john mashey
                                                                                  Files: MP3 version (11 Mb)

                                                                                  Money can buy you bandwidth, but latency is forever! John Mashey, MIPS Victor will cover an array of issues connected to Postfix performance tuning, including: Latency, concurrency and throughput Postfix input processing Queue file format rationale Input processing bottlenecks Pre-queue filters, milters, content filters Tuning for fast (enough) input Postfix on-disk queues, requirements and architecture What is a "transport"? Postfix "nqmgr" scheduler algorithm Per-destination in memory queues Per-destination scheduler controls SMTP delivery Understanding delay logging Transport process limits, concurrency limits Scaling to thousands of output processes Connection caching, TLS session caching, feedback controls Speaker Bio Victor Duchovni trained in mathematics, switched tracks to CS in 1980s leaving Princeton with a master's degree in mathematics and newly acquired skills in Unix system administration and system programming. In 1990 moved to Lehman Brothers, worked on system management tooling, and network engineering. Ported "Moira" from MIT to Lehman, built efficient build systems that predated (and partly inspired) Jumpstart. In 1994 joined ESM to market "CMDB" tools to enterprise users, but this did not pan out, in the mean time learned Tcl, and contributed bunch of patches to the 7.x early 8.x TCL releases. In 1997 returned to New York, working in IT Security at Morgan Stanley since late 1999. At Morgan Stanley, developed a hobby in perimeter email security, becoming an active Postfix user and very soon contributor in May of 2001. In addition to many smaller feature improvements, contributed initial implementation of SMTP connection caching, overhauled and currently maintain LDAP and TLS support. Made significant design contributions to queue manager in collaboration with Wietse and Patrik Raq. In 2.6 contributing support for TLS EC ciphers and multi-instance management tooling, ideally also TLS SNI if time permits.

                                                                                john p hartmann

                                                                                  john pertalion

                                                                                  • John Pertalion - An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD
                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                    Added: 2008-05-26
                                                                                    Tags: bsdcan, bsdcan2008, slides, openbsd, openvpn, john pertalion
                                                                                    Files: PDF file (26 pages, 127 Kb)

                                                                                    An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD Solving the problem At Appalachian State University, we utilize an open source VPN to allow faculty, staff and vendors secure access to Appalachian State University's internal network from any location that has an Internet connection. To implement our virtual private network project, we needed a secure VPN that is flexible enough to work with our existing network registration and LDAP authentication systems, has simple client installation, is redundant, allows multiple VPN server instances for special site-to-site tunnels and unique configurations, and can run on multiple platforms. Using OpenVPN running on OpenBSD, we met those requirements and added a distributed administration system that allows select users to allow VPN access to specific computers for external users and vendors without requiring intervention from our network or security personnel. Our presentation will start with a quick overview of OpenVPN and OpenBSD and then detail the specifics of our VPN implementation. Dissatisfied with IPSec for road warrior VPN usage we went looking for a better solution. We had hopped that we could find a solution that would run on multiple platforms, was flexible and worked well. We found OpenVPN and have been pleased. Initially we ran it on RHEL. We migrated to OpenBSD for pf functionality and general security concerns. ...and because we like OpenBSD. Our presentation will focus on the specifics of our VPN implementation. We will quickly cover the basics of OpenVPN and the most used features of OpenBSD. Moving along we will cover multiple authentication methods, redundancy, running multiple instances, integration with our netreg system, how pf has extended functionality, embedding in appliances, and client configuration. The system has proven helpful with providing vendor access where needed and we'll cover this aspect as well. Time permitting we will cover current enhancement efforts and future plans. OpenVPN has been called the "Swiss army knife" of VPN solutions. We hope our presentation leaves participants with that feeling.

                                                                                  john todd

                                                                                  johnny c lam

                                                                                    johnny lam

                                                                                    jorg sonnenberger

                                                                                    joseph kong

                                                                                    joseph koshy

                                                                                    josh berkus

                                                                                    julian elischer

                                                                                    • Julian Elischer
                                                                                      Source: bsdtalk
                                                                                      Added: 2008-November-21
                                                                                      Tags: bsdtalk, interview, julian elischer, ironport
                                                                                      Files: MP3 version (16 Mb, 35 minutes), Ogg version (16 minutes)

                                                                                      An interview with Julian Elischer at MeetBSD in California. We talk about his early days with BSD and his work using BSD at various companies. He is currently with IronPort, which was bought by Cisco.

                                                                                    • May 2008 developer Vimage report
                                                                                      Source: YouTube bsdconferences channel
                                                                                      Added: 2008-December-31
                                                                                      Tags: youtube, freebsd, vimage, marko zec, julian elischer
                                                                                      Files: Flash (2:44:36)

                                                                                      A sneak peak into the FreeBSD development process. Warning 2 hours! filmed over 2 days. (The schedule worked out was optimistic to say the least but it's still looking ok...) Marko Zec and Julian Elischer report back to the developers at BSDCan on the progress on virtualizing the network stack in FreeBSD. This has been a long term project but at the time of this recording was just reaching the point of feasibility. In this video you can see some of the dynamics of the group as developers become familiar with the project and discussions take place regarding such things as maintainability, ABI compatibility, and even what to call the feature. In this video you can see the decision being made by a "quorum" of developers to take this project mainstream. The sound is less that perfect, but it's what we have. This is a montage of 3 video sources, one of which is a lower resolution, but at times it was the only camera capturing the action. (the other ran out of tape for a while) Thanks to Ed Maste for the added footage. I will be doing more editing later and will be substituting in better footage in some places. clive URL: http://au.youtube.com/watch?v=Px-pSXm32dE

                                                                                    julio m merino vidal

                                                                                      jun murai

                                                                                        jun-ichiro itoh hagino

                                                                                        justin gibbs

                                                                                        justin sherril

                                                                                        kame

                                                                                        katsuomi hamajima

                                                                                          kauth

                                                                                            keiichi shima

                                                                                              keisuke uehara

                                                                                                ken caruso

                                                                                                ken smith

                                                                                                kern sibbald

                                                                                                • Kern Sibbald - Bacula
                                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                                  Added: 2008-05-26
                                                                                                  Tags: bsdcan, bsdcan2008, slides, bacula, kern sibbald
                                                                                                  Files: PDF file (30 pages, 505 Kb)

                                                                                                  Bacula The Open Source Enterprise Backup Solution The Bacula project started in January 2000 with several goals, one of which was the ability to backup any client from a Palm to a mainframe computer. Bacula is available under a GPL license. Bacula uses several distinct components, each communicating via TCP/IP, to achieve a very scalable and robust solution to backups. Kern is one of the original project founders and still one of the most productive Bacula developers.

                                                                                                kernel

                                                                                                keynote

                                                                                                kip macy

                                                                                                kirk mckusick

                                                                                                koichi suzuki

                                                                                                  koshiro mitsuya

                                                                                                    kris kennaway

                                                                                                    kris moore

                                                                                                    • BSDCan-2010 - Kris Moore - The PBI format re-implemented for FreeBSD and PC-BSD
                                                                                                      Source: BSDCan - The Technical BSD Conference
                                                                                                      Added: 2010-05-20
                                                                                                      Tags: 2010, bsdcan, bsdcan2010, papers, kris moore
                                                                                                      Files: html

                                                                                                      The PBI format (Push Button Installer) has been the default package management system for PC-BSD going on 5+ years now. However as we looked to the future it became apparent that it was greatly needing an overhaul to both improve its functionality, and expand its usage outside the scope of just PC-BSD. Among the areas needing improvement were how it dealt with identical libraries between applications, the heavy requirements from being implemented in QT/KDE, and lack of a digital verification mechanism.

                                                                                                    • PBI 4 with Kris Moore
                                                                                                      Source: bsdtalk
                                                                                                      Added: 2008-02-27
                                                                                                      Tags: bsdtalk, interview, pc-bsd, kris moore
                                                                                                      Files: MP3 version (5 Mb, 10 minutes), Ogg version (10 minutes)

                                                                                                      Interview with PC-BSD founder Kris Moore about the new features in PBI 4.

                                                                                                    • PC-BSD Founder Kris Moore
                                                                                                      Source: bsdtalk
                                                                                                      Added: 2007-08-07
                                                                                                      Tags: bsdtalk, interview, pc-bsd, kris moore
                                                                                                      Files: MP3 version (6 Mb, 12 minutes), Ogg version (12 minutes)

                                                                                                      Interview with PC-BSD Founder Kris Moore. We talk about the upcoming 1.4 release.

                                                                                                    • Kris Moore from PC-BSD
                                                                                                      Source: bsdtalk
                                                                                                      Added: 2006-October-26
                                                                                                      Tags: bsdtalk, interview, pc-bsd, kris moore
                                                                                                      Files: MP3 version (10 Mb, 21 minutes), Ogg version (21 minutes)

                                                                                                      Interview with Kris Moore from PC-BSD.

                                                                                                    • Kris Moore and PCBSD
                                                                                                      Source: YouTube bsdconferences channel
                                                                                                      Added: 2008-December-16
                                                                                                      Tags: youtube, pcbsd, kris moore
                                                                                                      Files: Flash (25:14)

                                                                                                      PCBSD from a developer's perspective. Source: Julian clive URL: http://au.youtube.com/watch?v=aHRRa-OvwxM

                                                                                                    • Kris Moore - PC-BSD - Making FreeBSD on the desktop a reality
                                                                                                      Source: BSDCan - The Technical BSD Conference
                                                                                                      Added: 2009-05-25
                                                                                                      Tags: bsdcan, bsdcan2009, presentation, pc-bsd, freebsd, kris moore
                                                                                                      Files: Slides (35 pages, 512 Kb), Paper (9 pages, 351 Kb)

                                                                                                      PC-BSD - Making FreeBSD on the desktop a reality FreeBSD on the Desktop While FreeBSD is a all-around great operating system, it is greatly lagging behind in desktop appeal. Why is this? In this talk, we will take a look at some of the desktop drawbacks of FreeBSD, and how are are attempting to fix them through PC-BSD. FreeBSD has a reputation for its rock-solid reliability, and top-notch performance in the server world, but is noticeably absent when it comes to the vast market of desktop computing. Why is this? FreeBSD offers many, if not almost all of the same open-source packages and software that can be found in the more popular Linux desktop distributions, yet even with the speed and reliability FreeBSD offers, a relative few number of users are deploying it on their desktops. In this presentation we will take a look at some of the reasons why FreeBSD has not been as widely adopted in the desktop market as it has on the server side. Several of the desktop weaknesses of FreeBSD will be shown, along with how we are trying to fix these short-comings through a desktop-centric version of FreeBSD, known as PC-BSD. We will also take a look at the package management system employed by all open-source operating systems alike, and some of the pitfalls it brings, which may hinder widespread desktop adoption.

                                                                                                    • Kris Moore - Building self-contained PBIs from Ports (Automagically)
                                                                                                      Source: BSDCan - The Technical BSD Conference
                                                                                                      Added: 2008-05-26
                                                                                                      Tags: bsdcan, bsdcan2008, slides, pc-bsd, ports, pbi, kris moore
                                                                                                      Files: PDF file (26 pages, 120 Kb)

                                                                                                      Building self-contained PBIs from Ports (Automagically) Creating a self-contained application from the ports tree PC-BSD provides a user-friendly desktop experience, for experts and casual users alike. PC-BSD is 100% FreeBSD under the hood, while providing desktop essentials, such as a graphical installation system, point-n-click package-management using the PBI system, and easy to use system management tools; All integrated into an easy to use K Desktop Environment (KDE). The PBI (Push Button Installer) format is the cornerstone of the PC-BSD desktop, which allows users to install applications in a self-contained format, free from dependency problems, and compile issues that stop most casual users from desktop adoption. The PBI format also provides power and flexibility in user interaction, and scripting support, which allows applications to be fine-tuned to the best possible user experience. This talk would go over in some detail our new PBI building system, which converts a FreeBSD port, such as FireFox, into a standalone self-contained PBI installer for PC-BSD desktops. The presentation will be divided into two main sections: The Push Button Installer (PBI) Format The basics of the PBI format The PBI format construction Add & Remove scripting support within PBI Building PBIs from Ports "Auto-magically" The PBI build server & standalone software Module creation & configuration Converting messy ports into PBIs

                                                                                                    kris more

                                                                                                    kristaps dzonsons

                                                                                                    kristaps johnson

                                                                                                      kurt miller

                                                                                                        laptops

                                                                                                        • Sleeping Beauty - NetBSD on Modern laptops
                                                                                                          Source: YouTube bsdconferences channel
                                                                                                          Added: 2009-05-24
                                                                                                          Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, netbsd, laptops, jorg sonnenberger
                                                                                                          Files: Flash (1:20:56)

                                                                                                          P9A: Sleeping Beauty - NetBSD on Modern Laptops AsiaBSDCon 2008, Jorg Sonnenberger clive URL: http://www.youtube.com/watch?v=v9ygBFjGR50

                                                                                                        • EuroBSDCon 2008 - Joerg Sonnenberger - Sleeping beauty - NetBSD on Modern Laptops
                                                                                                          Source: EuroBSDCon
                                                                                                          Added: 2008-October-22
                                                                                                          Tags: eurobsdcon, eurobsdcon2008, netbsd, laptops, joerg sonnenberger
                                                                                                          Files: OGG (1 byte, 54 minutes), MP3 (1 byte, 54 minutes), PDF (1 byte, n pages)

                                                                                                          This paper discusses the NetBSD Power Management Framework (PMF) and related changes to the kernel. The outlined changes allow NetBSD to support essential functions like suspend-to-RAM on most post-Y2K X86 machines. They are also the fundation for intelligent handling of device activity by enabling devices on-demand. This work is still progressing. Many of the features will be available in the up-coming NetBSD 5.0 release The NetBSD kernel is widely regarded to be one of the cleanest and most portable Operating System kernels available. For various reasons it is also assumed that NetBSD only runs well on older hardware. In the summer of 2006 Charles Hannum, one of the founders of NetBSD, left with a long mail mentioning as important issues the lack of proper power management and suspendto- RAM support. One year later, Jared D. McNeill posted a plan for attacking this issue based on ideas derived from the Windows Driver Model. This plan would evolve into the new NetBSD Power Management Framework (PMF for short).

                                                                                                        larry ludwig

                                                                                                        • Introduction to Puppet
                                                                                                          Source: New York City *BSD User Group
                                                                                                          Added: 2009-01-19
                                                                                                          Tags: nycbug, presentation, puppet, larry ludwig
                                                                                                          Files: MP3 version (11 Mb)

                                                                                                          What it is and how can it make system administration less painful About the speaker: Larry Ludwig - Principal Consultant/Founder of Empowering Media. Empowering Media is a consulting firm and managed hosting provider. Larry Ludwig has been in the industry for over 15 years as a system administration and system programmer. He's had previous experience working for many Fortune 500 corporations and holds a BS in CS from Clemson University. Larry, along with Eric E. Moore and Brian Gupta are founding members of the NYC Puppet usergroup.

                                                                                                        lawrence stewart

                                                                                                        • Lawrence Stewart - Improving the FreeBSD TCP Implementation
                                                                                                          Source: BSDCan - The Technical BSD Conference
                                                                                                          Added: 2009-05-25
                                                                                                          Tags: bsdcan, bsdcan2009, presentation, freebsd, tcp, lawrence stewart
                                                                                                          Files: Slides (38 pages, 2.1 Mb)

                                                                                                          Improving the FreeBSD TCP Implementation. An update on all things TCP in FreeBSD and how they affect you. My involvement in improving the FreeBSD TCP stack has continued this past year, with much of the work targeted at FreeBSD 8. This talk will cover what these changes entail, why they are of interest to the FreeBSD community and how they help to improve our TCP implementation. It has been a busy year since attending my inaugural BSDCan in 2008, where I talked about some of my work with TCP in FreeBSD. I have continued the work on TCP analysis/debugging tools and integrating modular congestion control into FreeBSD as part of the NewTCP research project. I will provide a progress update on this work. Additionally, a grant win from the FreeBSD Foundation to undertake a project titled "Improving the FreeBSD TCP Implementation" at Swinburne University's Centre for Advanced Internet Architectures has been progressing well. The project focuses on bringing TCP Appropriate Byte Counting (RFC 3465), reassembly queue auto-tuning and integration of low-level analysis/debugging tools to the base system, all of which I will also discuss.

                                                                                                        leslie hawthorn

                                                                                                        • Cat Allman and Leslie Hawthorn - Getting Started in Free and Open Source
                                                                                                          Source: BSDCan - The Technical BSD Conference
                                                                                                          Added: 2009-05-25
                                                                                                          Tags: bsdcan, bsdcan2009, presentation, getting started, cat allman, leslie hawthorn
                                                                                                          Files: Slides (25 pages, 893 Kb)

                                                                                                          Getting Started in Free and Open Source Interested in getting involved? But don't really know where or how to start? The talk is called "Getting Started in Free and Open Source". It's a talk for beginners who are interested to getting involved but don't really know where or how to start. We cover the basics of: -why you might want to get involved -what you can get out of participating -more than coding is needed -how to chose a project -how to get started -etiquette of lists and other communication -dos and don't of joining a community

                                                                                                        • Leslie Hawthorn - Google SoC
                                                                                                          Source: BSDCan - The Technical BSD Conference
                                                                                                          Added: 2008-05-21
                                                                                                          Tags: bsdcan, bsdcan2008, slides, google, summer of code, leslie hawthorn
                                                                                                          Files: PDF file (44 pages, 2.2 Mb)

                                                                                                          Google SoC Summer of Code In this talk, I will briefly discuss some general ways Google's Open Source Team contributes to the wider community. The rest of the talk will explore some highlights of the Google Summer of Code program, our initiative to get university students involved in Open Source development. I will cover the program's inception, lessons learned over time and tips for success in the program for both mentors and students. In particular, the talk will detail some experiences of the *BSD mentoring organizations involved in the program as a case study in successfully managing the program from the Open Source project's perspective. Any Google Summer of Code participants in the audience are welcome and encouraged to chime in with their own insights.

                                                                                                        libarchive

                                                                                                        libelf

                                                                                                        lighttpd

                                                                                                        linux

                                                                                                        llvm

                                                                                                        • Chris Lattner - BSD licensed C++ compiler
                                                                                                          Source: BSDCan - The Technical BSD Conference
                                                                                                          Added: 2008-05-21
                                                                                                          Tags: bsdcan, bsdcan2008, slides, bsdl, llvm, chris lattner
                                                                                                          Files: PDF file (33 pages, 5.8 Mb)

                                                                                                          BSD licensed C++ compiler LLVM is a suite of carefully designed open source libraries that implement compiler components (like language front-ends, code generators, aggressive optimizers, Just-In-Time compiler support, debug support, link-time optimization, etc.). The goal of the LLVM project is to build these components in a way that allows them to be combined together to create familiar tools (like a C compiler), interesting new tools (like an OpenGL JIT compiler), and many other things we haven't thought of yet. Because LLVM is under continuous development, clients of these components naturally benefit from improvements in the libraries. This talk gives an overview of LLVM's design and approach to compiler construction, and gives several example applications. It describes applications of LLVM technology to llvm-gcc (a C/C++/Objective C compiler based on the GNU GCC front-end), the OpenGL stack in Mac OS/X Leopard, and Clang. Among other things, the Clang+LLVM Compiler provides a fully BSD-Licensed C and Objective-C compiler (with C++ in development) which compiles code several times faster than GCC, produces code that is faster than GCC in many cases, produces better warnings and error messages, and supports many other applications (e.g. static analysis and refactoring).

                                                                                                        load balancing

                                                                                                          lock contention

                                                                                                          locking

                                                                                                            lubomir sedlacik

                                                                                                            lucas holt

                                                                                                            luigi rzzo

                                                                                                            • Luigi Rizzo - GEOM based disk schedulers for FreeBSD
                                                                                                              Source: BSDCan - The Technical BSD Conference
                                                                                                              Added: 2009-05-25
                                                                                                              Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
                                                                                                              Files: Slides (40 pages, 430 Kb)

                                                                                                              GEOM based disk schedulers for FreeBSD The high cost of seek operations makes the throughput of disk devices very sensitive to the offered workload. A disk scheduler can then help reorder requests to improve the overall throughput of the device, or improve the service guarantees for individual users, or both. Research results in recent years have introduced, and proven the effectiveness of, a technique called "anticipatory scheduling". The basic idea behind this technique is that, in some cases, requests that cause a seek should not be served immediately; instead, the scheduler should wait for a short period of time in case other requests arrive that do not require a seek to be served. With many common workloads, dominated by sequential synchronous requests, the potential loss of throughput caused by the disk idling times is more than balanced by the overall reduction of seeks. While a fair amount of research on disk scheduling has been conducted on FreeBSD, the results were never integrated in the OS, perhaps because the various prototype implementations were very device-specific and operated within the device drivers. Ironically, anticipatory schedulers are instead a standard part of Linux kernels. This talk has two major contributions: First, we will show how, thanks to the flexibility of the GEOM architecture, an anticipatory disk scheduling framework has been implemented in FreeBSD with little or no modification to a GENERIC kernel. While these schedulers operate slightly above the layer where one would naturally put a scheduler, they can still achieve substantial performance improvements over the standard disk scheduler; in particular, even the simplest anticipatory schedulers can prevent the complete trashing of the disk performance that often occurs in presence of multiple processes accessing the disk. Secondly, we will discuss how the basic anticipatory scheduling technique can be used not only to improve the overall throughput of the disk, but also to give service guarantees to individual disk clients, a feature that is extremely important in practice e.g., when serving applications with pseudo-real-time constraints such as audio or video streaming ones. A prototype implementation of the scheduler that will be covered in the presentation is available at http://info.iet.unipi.it/~luigi/FreeBSD/

                                                                                                            m warner losh

                                                                                                            m4v

                                                                                                              mac

                                                                                                              mail

                                                                                                                mainframes

                                                                                                                  management

                                                                                                                  • Ivan Voras - Remote and mass management of systems with finstall
                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                    Added: 2009-05-25
                                                                                                                    Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
                                                                                                                    Files: Slides (24 pages, 377 Kb)

                                                                                                                    Remote and mass management of systems with finstall Automated management on a largish scale An important part of the "finstall" project, created as a graphical installer for FreeBSD, is a configuration server that can be used to remotely administer and configure arbitrary systems. It allows for remote scripting of administration tasks and is flexible enough to support complete reconfiguration of running systems. The finstall project has two major parts - the front-end and the back-end. The front-end is just a GUI allowing the users to install the system in a convenient way. The back-end is a network-enabled XML-RPC server that is used by the front-end to perform its tasks. It can be used as a stand-alone configuration daemon. This talk will describe a way to make use of this property of finstall to remotely manage large groups of systems.

                                                                                                                  marc balmer

                                                                                                                  marc schiesser

                                                                                                                  • COMPLETE Hard Disk Encryption with FreeBSD
                                                                                                                    Source: 22nd Chaos Communication Congress
                                                                                                                    Added: 2006-08-23
                                                                                                                    Tags: ccc, ccc2005, ccc22, presentation, freebsd, harddisk encryption, marc schiesser
                                                                                                                    Files: Slides (679Kb), Bittorrent link (37Kb)

                                                                                                                    COMPLETE Hard Disk Encryption with FreeBSD, by Marc Schiesser Learn how to effectively protect not only your data but also your applications. Most technologies and techniques intended for securing digital data focus on protection while the machine is turned on mostly by defending against remote attacks. An attacker with physical access to the machine, however, can easily circumvent these defenses by reading out the contents of the storage medium on a different, fully accessible system or even compromise program code on it in order to leak encrypted information. Especially for mobile users, that threat is real. And for those carrying around sensitive data, the risk is most likely high. This talk will introduce a method of mitigating that particular risk by protecting not only the data through encryption, but also the applications and the operating system from being compromised while the machine is turned off.

                                                                                                                  marc spitzer

                                                                                                                  • Marc Spitzer on Nagios
                                                                                                                    Source: New York City *BSD User Group
                                                                                                                    Added: 2007-08-01
                                                                                                                    Tags: nycbug, presentation, nagios, marc spitzer
                                                                                                                    Files: MP3 version (19Mb)

                                                                                                                    Nagios is a platform for monitoring services and the hosts they reside on. It provides a reasonable tool for monitoring your network and you can not beat the price. We plan on covering the following topics: what it is how it works where to get it how to install it how to configure it how to customize it for your environment where the data is stored how to write a basic plug-in About the Speaker Marc Spitzer started as a VAX/VMS operator who taught himself some basic scripting in DCL to help me remember how to do procedures that did not come up enough to actually remember all the steps, this was in 1990. Since then he has worked with HPUX, Solaris, Windows, Linux, and the BSDs, FreeBSD being his favorite. He has held a variety of positions, admin and engineering, where he has been able to introduce BSD into his work place. He currently works for Columbia University as a Systems Administrator. He is a founding member of NYCBUG and LispNYC and on the board of UNIGroup. Most of his career has been building tools to solve operational problems, with extra effort going to the ones that irritated him personally. He takes a great deal of pride in not needing a budget to solve most problems.

                                                                                                                  marco peerenboom

                                                                                                                    mark thomas

                                                                                                                      marko zec

                                                                                                                      • Network Stack Virtualization with Marko Zec
                                                                                                                        Source: bsdtalk
                                                                                                                        Added: 2007-October-03
                                                                                                                        Tags: bsdtalk, interview, stack virtualization, marko zec
                                                                                                                        Files: MP3 version (8 Mb, 16 minutes), Ogg version (16 minutes)

                                                                                                                        Michael Dexter sent me an interview he recorded on behalf of BSDTalk with Marko Zec at EuroBSDCon 2007. More information on the project at http://imunes.tel.fer.hr/virtnet/.

                                                                                                                      • May 2008 developer Vimage report
                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                        Added: 2008-December-31
                                                                                                                        Tags: youtube, freebsd, vimage, marko zec, julian elischer
                                                                                                                        Files: Flash (2:44:36)

                                                                                                                        A sneak peak into the FreeBSD development process. Warning 2 hours! filmed over 2 days. (The schedule worked out was optimistic to say the least but it's still looking ok...) Marko Zec and Julian Elischer report back to the developers at BSDCan on the progress on virtualizing the network stack in FreeBSD. This has been a long term project but at the time of this recording was just reaching the point of feasibility. In this video you can see some of the dynamics of the group as developers become familiar with the project and discussions take place regarding such things as maintainability, ABI compatibility, and even what to call the feature. In this video you can see the decision being made by a "quorum" of developers to take this project mainstream. The sound is less that perfect, but it's what we have. This is a montage of 3 video sources, one of which is a lower resolution, but at times it was the only camera capturing the action. (the other ran out of tape for a while) Thanks to Ed Maste for the added footage. I will be doing more editing later and will be substituting in better footage in some places. clive URL: http://au.youtube.com/watch?v=Px-pSXm32dE

                                                                                                                      • BSDCan-2007 - Videos
                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                        Added: 2007-08-13
                                                                                                                        Tags: bsdcan, bsdcan2007, talks, marko zec, vimage
                                                                                                                        Files: MOV file (20 minutes, 44 Mb)

                                                                                                                        The 2007 BSDCan conference Marko Zec explains the vimage architecture

                                                                                                                      marten vijn

                                                                                                                      martin schuette

                                                                                                                      • EuroBSDCon 2008 - Martin Schuette - Improved NetBSD Syslogd
                                                                                                                        Source: EuroBSDCon
                                                                                                                        Added: 2008-October-22
                                                                                                                        Tags: eurobsdcon, eurobsdcon2008, netbsd, syslogd, martin schuette
                                                                                                                        Files: OGG (1 byte, 42 minutes), MP3 (1 byte, 42 minutes), PDF (1 byte, n pages)

                                                                                                                        Martin Schuette has three main goals, defined by three internet drafts to implement: TLS transport is the most obvious improvement: it provides a reliable network transport with data encryption and peer authentication. To make full use of this a buffering mechanism to bridge temporary network errors is implemented as well. Syslog-protocol extends the message format to use a complete timestamp, include a fully qualified domain name, and allow UTF-8 messages. It also offers a structured data field to unambiguously encode application dependent information. Syslog-sign will allow any syslog sender to digitally sign its messages, so their integrity can be verified later. This enable the detection of loss, deletion or other manipulation syslog data after network transfer or archiving on storage media. Martin Schuette is a student of computer science in Potsdam, Germany, and has been working as a part-time system administrator for BSD servers since 2004. In 2007 Martin Schuette already gave a talk on Syslog at the Chemnitze Linux-Tage (http://chemnitzer.linux-tage.de/2007/vortraege/detail.html?idx=547 in german; for a newer english version see these slides for a seminar talk: http://fara.cs.uni-potsdam.de/~mschuett/uni/syslog-protocols-080522.pdf).

                                                                                                                      martin tournoij

                                                                                                                      marvell orion

                                                                                                                      • Rafal Jaworowski - Porting FreeBSD/ARM to Marvell Orion System-On-Chip
                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                        Added: 2008-05-21
                                                                                                                        Tags: bsdcan, bsdcan2008, slides, freebsd, arm, marvell orion, rafal jaworowski
                                                                                                                        Files: PDF file (25 pages, 193 Kb)

                                                                                                                        Porting FreeBSD/ARM to Marvell Orion System-On-Chip This talk covers the development work on porting the FreeBSD/ARM to Marvell Orion family of highly integrated chips. ARM architecture is widely adopted in the embedded devices, and since the architecture can be licensed, many implementation variations exist: Orion is a derivative compliant with the ARMv5TE definition, it provides a rich set of on-chip peripherals. Present state of the FreeBSD support for ARM is explained, areas for improvement highlighted and its overall shape and condition presented. The main discussion covers scope of the Orion port (what integrated peripherals required new development, what was adapted from existing code base); design decisions are explained for the most critical items, and implementation details revealed. Summary notes are given on general porting methodology, debugging techniques and difficulties encountered during such undertaking.

                                                                                                                      massimiliano stucchi

                                                                                                                      mathew dillon

                                                                                                                      matt juszczak

                                                                                                                      matt morley

                                                                                                                      matt olander

                                                                                                                      mattew dillon

                                                                                                                      matthew burnside

                                                                                                                      • Public Key sudo
                                                                                                                        Source: New York City *BSD User Group
                                                                                                                        Added: 2008-08-19
                                                                                                                        Tags: nycbug, presentation, sudo, public key, matthew burnside
                                                                                                                        Files: MP3 version (2 Mb)

                                                                                                                        Two tools which have become the norm in Linux- and Unix-based environments are SSH for secure communications, and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this talk, I describe a flaw in their interaction, and then present our solution called public-key sudo. Public-key sudo is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. I describe our implementation of a generic SSH authentication module and the sudo modifications required to use this module. Bio: Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His research interests are in network anonymity, trust management, and enterprise-scale policy enforcement.

                                                                                                                      • Matthew Burnside: Integrated Enterprise Security Mgmt
                                                                                                                        Source: New York City *BSD User Group
                                                                                                                        Added: 2007-03-09
                                                                                                                        Tags: mp3, presentation, enterprise security, matthew burnside
                                                                                                                        Files: MP3 version

                                                                                                                        Integrated Enterprise Security Management Security policies are a key component in protecting enterprise networks. But, while there are many diverse defensive options available, current models and mechanisms for mechanically-enforced security policies are limited to traditional admission-based access control. Defensive capabilities include among others logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, while policy enforcement is essentially limited to one-off access control. Furthermore, access-control mechanisms operate independently on each service, which can (and often does) lead to inconsistent or incorrect application of the intended system-wide policy. We propose a new scheme for global security policies. Every policy decision is made with near-global knowledge, and re-evaluated as global knowledge changes. Using a variety of actuators, we make the full array of defensive capabilities available to the global policy. Our goal is a coherent, enterprise-wide response to any network threat. Biography Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His main research interests are in computer security, trust management, and network anonymity.

                                                                                                                      matthew dillon

                                                                                                                      matthieu herrb

                                                                                                                      • Interview with Matthieu Herrb about Xenocara
                                                                                                                        Source: bsdtalk
                                                                                                                        Added: 2007-04-09
                                                                                                                        Tags: bsdtalk, interview, xenocara, matthieu herrb
                                                                                                                        Files: MP3 version (7 Mb, 14 minutes), Ogg version (14 minutes)

                                                                                                                        Interview with Matthieu Herrb about Xenocara.

                                                                                                                      • EuroBSDCon 2008 - Matthieu Herrb - Input handling in wscons and X.Org
                                                                                                                        Source: EuroBSDCon
                                                                                                                        Added: 2008-October-22
                                                                                                                        Tags: eurobsdcon, eurobsdcon2008, wscons, x.org, matthieu herrb
                                                                                                                        Files: OGG (1 byte, 57 minutes), MP3 (1 byte, 57 minutes), PDF (1 byte, n pages)

                                                                                                                        This talk will present the different layers that handle input, from the key that gets pressed or the mouse motion to the applications, all the way through the kernel drivers, X drivers and libraries, in the case of the OpenBSD/NetBSD wscons driver and the current and future X.Org server. It will cover stuff like keyboard mappings, touch-screen calibration, multi-pointer X or input coordinates transformations. It will show some problems of current implementations and try to show how current evolutions can solve them. Matthieu Herrb is maintaing X on OpenBSD. I've been using X on various systems (SunOS, NetBSD, OpenBSD, Mac OS X,...) since 1989. He has been a member of the XFree86 Core Team for a short period in 2003 and is now a member of the X.Org Foundation BoD. Matthieu Herrb works at LAAS a research laborarory of the French National Research Agency (CNRS) both on robotics and network security.

                                                                                                                      • Matthieu Herrb - X.org
                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                        Added: 2008-05-21
                                                                                                                        Tags: bsdcan, bsdcan2008, slides, x.org, matthieu herrb
                                                                                                                        Files: PDF file (30 pages, 1.6 Mb)

                                                                                                                        X.org upcoming plans The X.Org project provides an open source implementation of the X Window System. The development work is being done in conjunction with the freedesktop.org community. The X.Org Foundation is the educational non-profit corporation whose Board serves this effort, and whose Members lead this work. The X window system has been changing a lot in the recent years, and still changing. This talk will present this evolution, summarizing what has already been done and showing the current roadmap for future evolutions, with some focus on how *BSD kernels can be affected by the developments done with Linux as the primary target.

                                                                                                                      max laier

                                                                                                                      meetbsd

                                                                                                                      meetbsd2007

                                                                                                                      meetbsd2008

                                                                                                                      metthew dillon

                                                                                                                        michael auyeung

                                                                                                                          michael bushkov

                                                                                                                            michael dexter

                                                                                                                            • BSDCan-2012 - Michael Dexter - An applied survey of BSD multiplicity and virtualization strategies from chroot to BHyVe
                                                                                                                              Source: BSDCan - The Technical BSD Conference
                                                                                                                              Added: 2012-05-30
                                                                                                                              Tags: 2012, bsdcan, bsdcan2012, papers, michael dexter
                                                                                                                              Files: html

                                                                                                                              Ever since the University of California, Berkeley CSRG implemented the chroot(8) command and system call in its BSD operating system in 1982, the community-developed BSD Unix derivatives have set the standard for the introduction of plurality to the conventionally-singular Unix computing model. Today's system operators and developers have an array of BSD-licensed multiplicity strategies at their disposal that offer various degrees of both isolation and virtualization when introducing plurality. This paper will survey current and experimental BSD multiplicity strategies including chroot, FreeBSD jail, NetBSD/Xen, Amazon EC2, compatlinux, GXemul and SIMH, plus experimental strategies such as FreeBSD BHyVe, compatmach, Usermode NetBSD, Dragonfly BSD vkernel, OpenBSD sysjail and NetBSD mult. As an applied survey, this paper will both categorize each multiplicity strategy by the Unix environment to which it introduces plurality and demonstrate the usage of the utilities relating to each solution.

                                                                                                                            • PF with Peter N. M. Hansteen
                                                                                                                              Source: bsdtalk
                                                                                                                              Added: 2007-December-21
                                                                                                                              Tags: bsdtalk, interview, pf, michael dexter, peter n m hansteen, book of pf
                                                                                                                              Files: MP3 version (7 Mb, 16 minutes), Ogg version (15 minutes)

                                                                                                                              An interview with Peter N. M. Hansteen, recorded by Michael Dexter on behalf of BSDTalk. If you would like to learn more about the PF firewall, check out "The Book of PF" which is available at http://nostarch.com/frameset.php?startat=pf

                                                                                                                            • Joerg Sonnenberger
                                                                                                                              Source: bsdtalk
                                                                                                                              Added: 2007-November-18
                                                                                                                              Tags: bsdtalk, interview, eurobsdcon, eurobsdcon2007, michael dexter, joerg sonnenberger
                                                                                                                              Files: MP3 version (8 Mb, 17 minutes), Ogg version (17 minutes)

                                                                                                                              Michael Dexter sent me an interview he recorded on behalf of BSDTalk with Joerg Sonnenberger at EuroBSDCon 2007.

                                                                                                                            • Sysjail Revisited with Michael Dexter
                                                                                                                              Source: bsdtalk
                                                                                                                              Added: 2007-09-14
                                                                                                                              Tags: bsdtalk, interview, sysjail, michael dexter
                                                                                                                              Files: MP3 version (10 Mb, 22 minutes), Ogg version (22 minutes)

                                                                                                                              Interview with Michael Dexter. We talk about the new sysjail and the recent system call wrapper issues.

                                                                                                                            • Interview with Michael Dexter about sysjail
                                                                                                                              Source: bsdtalk
                                                                                                                              Added: 2006-09-21
                                                                                                                              Tags: bsdtalk, interview, sysjail, michael dexter
                                                                                                                              Files: MP3 version (16 Mb, 35 minutes), Ogg version (35 minutes)

                                                                                                                              Interview with Michael Dexter about sysjail. http://sysjail.bsd.lv/

                                                                                                                            • EuroBSDCon 2008 - Michael Dexter - Zen and the Art of Multiplicity Maintenance: An applied survey of BSD-licensed multiplicity strategies from chroot to mult
                                                                                                                              Source: EuroBSDCon
                                                                                                                              Added: 2008-October-22
                                                                                                                              Tags: eurobsdcon, eurobsdcon2008, bsd, michael dexter
                                                                                                                              Files: OGG (1 byte, 38 minutes), MP3 (1 byte, 38 minutes), PDF (1 byte, n pages)

                                                                                                                              Many BSD-licensed strategies of various levels of maturity exist to implement multiplicity, herein defined as the introduction of plurality to traditionally singular computing environments via isolation, virtualization, or other method. For example, the chroot utility introduces an additional isolated root execution environment within that of the host; or an emulator provides highly-isolated virtual systems that can run complete native or foreign operating systems. Motivations for multiplicity vary, but a demonstrable desire exists for users to obtain root or run a foreign binary or operating system. We propose a hands-on survey of portable and integrated BSD-licensed multiplicity strategies applicable to the FreeBSD, OpenBSD, DragonFlyBSD and NetBSD operating systems on the i386 architecture. We will also address three oft-coupled disciplines: software storage devices, the installation of operating system and userlands in multiplicity environments plus the management of select multiplicity environments. Finally we will comment on each strategies potential limits of isolation, compatibility, independence and potential overhead in comparison to traditional systems. Keywords: multiplicity, virtualization, chroot, jail, hypervisor, xen, compat. Michael Dexter has used Unix systems since 1991 and BSD-licensed multiplicity strategies for over five years. He is the Program Manager at the BSD Fund and Project Manager of the BSD.lv Project.

                                                                                                                            michael lauth

                                                                                                                            michael lucas

                                                                                                                            michael shalayeff

                                                                                                                              midnightbsd

                                                                                                                              mike erdely

                                                                                                                              mike silbersack

                                                                                                                              • Mike Silbersack - Detecting TCP regressions with tcpdiff
                                                                                                                                Source: BSDCan - The Technical BSD Conference
                                                                                                                                Added: 2009-05-25
                                                                                                                                Tags: bsdcan, bsdcan2009, presentation, tcpdiff, freebsd, mike silbersack
                                                                                                                                Files: Slides (33 pages, 89 Kb)

                                                                                                                                Detecting TCP regressions with tcpdiff Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. The initial version of tcpdiff presented at NYCBSDCon 2008 demonstrated that it could be used to detect at least two major TCP bugs that were introduced into FreeBSD in the past few years. The work from that presentation can be viewed at http://www.silby.com/nycbsdcon08/. For BSDCan 2009, I hope to fix a number of bugs in tcpdiff, make it easier to use, set up nightly tests of FreeBSD, and improve it so that additional known bugs can be detected. Additionally, I plan to run it on OSes other than FreeBSD.

                                                                                                                              mips

                                                                                                                              • Warner Losh - FreeBSD/mips
                                                                                                                                Source: BSDCan - The Technical BSD Conference
                                                                                                                                Added: 2008-05-26
                                                                                                                                Tags: bsdcan, bsdcan2008, slides, freebsd, mips, embedded, warner losh
                                                                                                                                Files: PDF file (19 pages, 1.3 Mb)

                                                                                                                                FreeBSD/mips Embedding FreeBSD FreeBSD now runs on the MIPS platform. FreeBSD/mips supports MIPS-32 and MIPS-64 targets, including SMP for multicore support. FreeBSD/mips is targeted at the embedded MIPS marketplace. FreeBSD has run on the MIPS platform for many years. Juniper ported FreeBSD to the Mips platform in the late 1990's. However, concern about intellectual property issues kept Juniper from contributing the port back to FreeBSD until recently. The contributed port was a 64-bit mips port. In the mean time, many efforts were made to bring FreeBSD to the mips platform. The first substantial effort to bring FreeBSD to the Mips platform was done by Juli Mallet. This effort made it to single user, but never further than that. This effort was abandoned due to a change in Juli's life. The port languished. Two years ago at BSDcan, as my involvement with FreeBSD/arm was growing, I tried to rally the troops into doing a FreeBSD/mips port. My efforts resulted in what has been commonly called the "mips2" effort. The name comes from the choice of //depot/projects/mips2 to host the work in perforce. A number of people worked on the earliest versions of the port, but it too languished and seemed destined to suffer the same fate as earlier efforts. Then, two individuals stood up and started working on the port. Wojciech A. Koszek and Oleksandr Tymoshenko pulled in code from the prior efforts. Through their efforts of stabilizing this code, the port to the single user stage and ported it to three different platforms. Others ported it to a few more. Snapshots of this work were released from time to time. Cavium Networks picked up one of these snapshots and ported it to their multicore mips64 network processor. Cavium has kindly donated much of their work to the comminuty. In December, I started at Cisco systems. My first job was to merge all the divergent variants of FreeBSD/mips and get it into shape to push into the tree. With luck, this should be in the tree before I give my talk. In parallel to this, other advances in the embedded support for FreeBSD have been happening as well. I'll talk about new device drivers, new subsystems, and new build tools that help to support the embedded developer.

                                                                                                                              miros

                                                                                                                              mistakes

                                                                                                                              mitchell smith

                                                                                                                              monitoring

                                                                                                                              monowall

                                                                                                                              • Isaac 'Ike' Levy on m0n0wall and PFSense
                                                                                                                                Source: New York City *BSD User Group
                                                                                                                                Added: 2006-09-09
                                                                                                                                Tags: nycbug, presentation, monowall, pfsense, isaac levy
                                                                                                                                Files:  (9 Mb)

                                                                                                                                UNIX professionals are busy these days. Setting up routers and firewalls are fundamental to any network, but in environments where the focus is on various applications, (servers, workstations, and the software that runs on them), it's difficult for a business not to choose off-the-shelf SOHO routers and networking gear. The web management GUIs are understandable by everyone, (even techs without UNIX knowledge), and the gear is cheap - this saves time and money. In the meantime, the features of your average Linksys or Netgear router often leave MUCH to be desired, (https auth management, for one simple example). Enter m0n0wall and PFSense, 2 BSD based packaged router/firewall solutions that are as solid and full featured as you'd expect from any BSD system- PLUS THEY HAVE HTML WEB INTERFACES FOR MANAGEMENT! m0n0wall and PFSense become an easy sell in any small professional environment, any competent tech can manage the network within minutes... At home, in every hackers home network, they free the hacker to have trusted tools available, but are as time-saving as using any Linksys router. m0n0wall and PFSense are both light and clean, designed to run on embedded systems- (Soekris, WRAP), but are monsters when unleashed on even legacy PCs around the office. If you manage UNIX networks and systems all day, do you really want to manage the router for your DSL when you get home? But then doesn't it bug you to use a chincey Linksys box? Ike has been a member of NYC*BUG since we first launched in January 2004. He is a long-time member of the Lower East Side Mac Unix User Group. He has spoken frequently on a number of topics at various venues, particularly on the issue of FreeBSD's jail (8).

                                                                                                                              mov

                                                                                                                                mp

                                                                                                                                • EuroBSDCon 2008 - Aggelos Economopoulos - An MP-capable network stack for DragonFlyBSD with minimal use of locks
                                                                                                                                  Source: EuroBSDCon
                                                                                                                                  Added: 2008-October-22
                                                                                                                                  Tags: eurobsdcon, eurobsdcon2008, dragonflybsd, mp, network stack, aggelos economopoulos
                                                                                                                                  Files: OGG (1 byte, 42 minutes), MP3 (1 byte, 42 minutes), PDF (1 byte, n pages)

                                                                                                                                  Given the modern trend towards multi-core shared memory multiprocessors, it is inconceivable for production OS kernels not to be reentrant. The typical approach for allowing multiple execution contexts to simultaneously execute in kernel mode has been to use fine-grained locking for synchronising access to shared resources. While this technique has been proven efficient, empirical evidence suggests that the resulting locking rules tend to be cumbersome even for the experienced kernel programmer, leading to bugs that are hard to diagnose. Moreover, scaling to more processors requires extensive use of locks, which may impose unnecessary locking overhead for small scale multiprocessor systems. This talk will describe the typical approach and then discuss the alternative approach taken in the DragonFlyBSD network stack. We will give an overview of the various protocol threads employed for network I/O processing and the common-case code paths for packet reception and transmission. Additionally, we'll need to make a passing reference to DragonFlyBSD's message passing model. This should establish a baseline, allowing us to focus on the recent work by the author to eliminate use of the Big Giant Lock in the performance-critical paths for the TCP and UDP protocols. The decision to constrain this work on the two by far most widely-used transport protocols was made in order to (a) limit the amount of work necessary and (b) explore the effectiveness of the approach on the cases that matter at this point in time.

                                                                                                                                mp3

                                                                                                                                • Matthew Burnside: Integrated Enterprise Security Mgmt
                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                  Added: 2007-03-09
                                                                                                                                  Tags: mp3, presentation, enterprise security, matthew burnside
                                                                                                                                  Files: MP3 version

                                                                                                                                  Integrated Enterprise Security Management Security policies are a key component in protecting enterprise networks. But, while there are many diverse defensive options available, current models and mechanisms for mechanically-enforced security policies are limited to traditional admission-based access control. Defensive capabilities include among others logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, while policy enforcement is essentially limited to one-off access control. Furthermore, access-control mechanisms operate independently on each service, which can (and often does) lead to inconsistent or incorrect application of the intended system-wide policy. We propose a new scheme for global security policies. Every policy decision is made with near-global knowledge, and re-evaluated as global knowledge changes. Using a variety of actuators, we make the full array of defensive capabilities available to the global policy. Our goal is a coherent, enterprise-wide response to any network threat. Biography Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His main research interests are in computer security, trust management, and network anonymity.

                                                                                                                                mp4

                                                                                                                                  mpd

                                                                                                                                  mpeg

                                                                                                                                    multi project

                                                                                                                                    multicast

                                                                                                                                    • EuroBSDCon 2008 - George Neville-Neil - Multicast Performance in FreeBSD
                                                                                                                                      Source: EuroBSDCon
                                                                                                                                      Added: 2008-October-22
                                                                                                                                      Tags: eurobsdcon, eurobsdcon2008, multicast, freebsd, george neville-neil
                                                                                                                                      Files: OGG (1 byte, 39 minutes), MP3 (1 byte, 39 minutes), PDF (1 byte, n pages)

                                                                                                                                      In the past ten years most of the research in network protocols has gone into TCP, leaving UDP to languish as a local configuration protocol. While the majority of Internet traffic is TCP, UDP remains the only IP protocol that works over multicast and as such has some specific, and interesting uses in some areas of computing. In 2008 we undertook a study of the performance of UDP multicast on both 1Gbps and 10Gbps Ethernet networks in order to see if changing the physical layer of the network would give a linear decrease in packet latency. To measure the possible gains we developed a new network protocol test program, mctest, which is capable of recording packet round trip times from many hosts simultaneously and which we believe accurately represents how many environments use multicast. The mctest program has been integrated into FreeBSD and is now being used to verify the proper operation of multicast on various pieces of 10Gbps hardware.

                                                                                                                                    multicore

                                                                                                                                    nagios

                                                                                                                                    • Marc Spitzer on Nagios
                                                                                                                                      Source: New York City *BSD User Group
                                                                                                                                      Added: 2007-08-01
                                                                                                                                      Tags: nycbug, presentation, nagios, marc spitzer
                                                                                                                                      Files: MP3 version (19Mb)

                                                                                                                                      Nagios is a platform for monitoring services and the hosts they reside on. It provides a reasonable tool for monitoring your network and you can not beat the price. We plan on covering the following topics: what it is how it works where to get it how to install it how to configure it how to customize it for your environment where the data is stored how to write a basic plug-in About the Speaker Marc Spitzer started as a VAX/VMS operator who taught himself some basic scripting in DCL to help me remember how to do procedures that did not come up enough to actually remember all the steps, this was in 1990. Since then he has worked with HPUX, Solaris, Windows, Linux, and the BSDs, FreeBSD being his favorite. He has held a variety of positions, admin and engineering, where he has been able to introduce BSD into his work place. He currently works for Columbia University as a Systems Administrator. He is a founding member of NYCBUG and LispNYC and on the board of UNIGroup. Most of his career has been building tools to solve operational problems, with extra effort going to the ones that irritated him personally. He takes a great deal of pride in not needing a budget to solve most problems.

                                                                                                                                    nate lawson

                                                                                                                                    • Nate Lawson on ACPI
                                                                                                                                      Source: Bay Area FreeBSD User Group
                                                                                                                                      Added: 2006-09-09
                                                                                                                                      Tags: bafug, presentation, freebsd, acpi, nate lawson
                                                                                                                                      Files:  (245 Mb)

                                                                                                                                      Our Topic: FreeBSD's ACPI implementation: The details. Our Speaker: Nate Lawson, FreeBSD Committer. Our Topic: FreeBSD's ACPI implementation is based on code for ACPI released by Intel. Nate and others wrote the glue code to make this code work on FreeBSD. He explains how this was done, and why.

                                                                                                                                    nederlands

                                                                                                                                    nemo

                                                                                                                                      netasq

                                                                                                                                        netbsd

                                                                                                                                        network applications

                                                                                                                                        • Adrian Chad - What Not To Do When Writing Network Applications
                                                                                                                                          Source: BSDCan - The Technical BSD Conference
                                                                                                                                          Added: 2008-05-21
                                                                                                                                          Tags: bsdcan, bsdcan2008, slides, network applications, adrian chad
                                                                                                                                          Files: PDF file (73 pages, 190 Kb)

                                                                                                                                          What Not To Do When Writing Network Applications The lessons learnt working with not-so-high-performance network applications This talk will look at issues which face the modern network application developer, from the point of view of poorly-designed examples. This will cover internal code structure and dataflow, interaction with the TCP stack, IO scheduling in high and low latency environments and high-availability considerations. In essence, this presentation should be seen as a checklist of what not to do when writing network applications. Plenty of examples of well designed network applications exist in the open and closed source world today. Unfortunately there are just as many examples of fast network applications as there are "fast but workload specific"; sometimes failing miserably in handling the general case. This may be due to explicit design (eg Varnish) but many are simply due to the designer not fully appreciating the wide variance in "networks" - and their network application degrades ungracefully when under duress. My aim in this presentation is to touch on a wide number of issues which face network application programmers - most of which seem not "application related" to the newcomer - such as including pipelining into network communication, managing a balance between accepting new requests and servicing existing requests, or providing back-pressure to a L4 loadbalancer in case of traffic bursts. Various schemes for working with these issues will be presented, and hopefully participants will walk away with more of an understanding about how the network, application and operating systems interact.

                                                                                                                                        network refactoring

                                                                                                                                          network stack

                                                                                                                                          • EuroBSDCon 2008 - Robert Watson - FreeBSD Network Stack Performance Optimizations for Modern Hardware
                                                                                                                                            Source: EuroBSDCon
                                                                                                                                            Added: 2008-October-22
                                                                                                                                            Tags: eurobsdcon, eurobsdcon2008, freebsd, network stack, hardware, robert watson
                                                                                                                                            Files: OGG (1 byte, 53 minutes), MP3 (1 byte, 53 minutes), PDF (1 byte, n pages)

                                                                                                                                            The arrival of high CPU core density, with commodity quad-core notebooks and 32-core servers, combined with 10gbps networking have transformed network design principles for operating systems. This talk will describe changes in the FreeBSD 6.x, 7.x, and forthcoming 8.x network stacks required to exploit multiple cores and serve 10gbps networks. The goal of the session will be to introduce the audience to general strategies used to improve performance, their rationales, and their impact on applications and users: Introduction to the SMPng Project and the follow-on Netperf Project Workloads and performance measurement Efficient primitives to support modern network stacks Multi-core and cache-aware network memory allocator Fine-grained network stack locking Load-balancing and contention-avoidance across multiple CPUs CPU affinity for network stack data structures TCP performance enhancements including TSO, LRO, and TOE Zero-copy Berkely Packet Filter (BPF) buffers Direct network stack dispatch from interrupt handlers Multiple input and output queues Robert Watson is a researcher at the University of Cambridge Computer Laboratory investinging operating system and network security. Prior to joining the Computer Laboratory to work on a PhD, he was Senior Principal Scientist at McAfee Research, now SPARTA ISSO, a leading security research and development organization, directing government and commercial research contracts for customers that include DARPA, the US Navy, and Apple Computer. His research interests include operating system security, network stack structure and performance, and windowing system structure. He is also a member of the FreeBSD Core Team and president of the FreeBSD Foundation.

                                                                                                                                          • EuroBSDCon 2008 - Aggelos Economopoulos - An MP-capable network stack for DragonFlyBSD with minimal use of locks
                                                                                                                                            Source: EuroBSDCon
                                                                                                                                            Added: 2008-October-22
                                                                                                                                            Tags: eurobsdcon, eurobsdcon2008, dragonflybsd, mp, network stack, aggelos economopoulos
                                                                                                                                            Files: OGG (1 byte, 42 minutes), MP3 (1 byte, 42 minutes), PDF (1 byte, n pages)

                                                                                                                                            Given the modern trend towards multi-core shared memory multiprocessors, it is inconceivable for production OS kernels not to be reentrant. The typical approach for allowing multiple execution contexts to simultaneously execute in kernel mode has been to use fine-grained locking for synchronising access to shared resources. While this technique has been proven efficient, empirical evidence suggests that the resulting locking rules tend to be cumbersome even for the experienced kernel programmer, leading to bugs that are hard to diagnose. Moreover, scaling to more processors requires extensive use of locks, which may impose unnecessary locking overhead for small scale multiprocessor systems. This talk will describe the typical approach and then discuss the alternative approach taken in the DragonFlyBSD network stack. We will give an overview of the various protocol threads employed for network I/O processing and the common-case code paths for packet reception and transmission. Additionally, we'll need to make a passing reference to DragonFlyBSD's message passing model. This should establish a baseline, allowing us to focus on the recent work by the author to eliminate use of the Big Giant Lock in the performance-critical paths for the TCP and UDP protocols. The decision to constrain this work on the two by far most widely-used transport protocols was made in order to (a) limit the amount of work necessary and (b) explore the effectiveness of the approach on the cases that matter at this point in time.

                                                                                                                                          network testing

                                                                                                                                            networking

                                                                                                                                            nfs

                                                                                                                                            nick barkas

                                                                                                                                            • EuroBSDCon 2008 - Nick Barkas - Dynamic memory allocation for dirhash in UFS2
                                                                                                                                              Source: EuroBSDCon
                                                                                                                                              Added: 2008-October-22
                                                                                                                                              Tags: eurobsdcon, eurobsdcon2008, ufs2, nick barkas
                                                                                                                                              Files: OGG (1 byte, 32 minutes), MP3 (1 byte, 32 minutes), PDF (1 byte, n pages)

                                                                                                                                              Hello My name is Nick Barkas. I'm a master's student studying scientific computing at Kungliga Tekniska hgskolan (KTH) in Stockholm, Sweden. I have just begun work on a Google Summer of Code project with FreeBSD: Dynamic memory allocation for dirhash in UFS2 . I would like to present my results from this project at EuroBSDCon this year. This project is very much a work in progress now so it is a bit difficult to summarize what I would ultimately present. I will try to describe an outline, though. First I will give background information on dirhash: an explanation of the directory data structure in UFS2, how directory lookups in this structure necessitate a linear search, and how dirhash speeds these lookups up without having to change anything about the directory data structure. Next I will explain the current limitation that dirhash's maximum memory use must be manually specified by administrators, or left at a small conservative default of 2MB. I will explain some different methods I will have explored to try and make this maximum memory limit dynamically increase and decrease as the system has more or less free memory, and which method I will have ultimately settled on and implemented. Then I'll present some test results of performance of operations on very large directories with and without dynamic memory allocation enabled for dirhash. Next I will talk about how speed gains from dirhash are limited by the fact that the hash tables exist only in memory and must be recreated after each system boot, as big directories are scanned for the first time, or even have to be recreated for a directory that has not been scanned in some time if its dirhash has been discarded to free memory. These problems can be eliminated by using an on-disk index for directory entries. I will talk about some of the challenges of implementing on-disk indexing, such as remaining backwards compatible with older versions of UFS2 and interoperating properly with softupdates. Then, if my SoC project has permitted me time to work on this aspect of it, I will explain some possible methods for adding directory indexing to UFS2 that meets these challenges, and which of those ideas I will have implemented. Finally I will present results of some benchmarks on this filesystem with indices, and compare to performance with dirhash, and with no indices or dirhashes. Keywords: dirhash, ufs2, filesystems, performance tuning

                                                                                                                                            nick galbreath

                                                                                                                                            • Using Cryptography to Improve Web Application Performance and Security
                                                                                                                                              Source: New York City *BSD User Group
                                                                                                                                              Added: 2007-09-12
                                                                                                                                              Tags: nycbug, presentation, cryptography, nick galbreath
                                                                                                                                              Files: MP3 version (18Mb)

                                                                                                                                              Cryptography has a reputation of slowing down applications. However if done correctly, it can actually be used to improve performance by storing high-value/high-cost results "in public." In addition the same techniques can solve common security problems such as authorization, parameter scanning, and parameter rewriting. All are welcome - no previous experience with cryptography is required, and the techniques will be presented in a programming-language neutral format. Nick Galbreath have been working on high performance servers and web security at various high profile startups since 1994 (most recently Right Media). He holds a Master degree of Mathematics from Boston University, and published a book on cryptography. He currently lives in the Lower East Side.

                                                                                                                                            nikolai denev

                                                                                                                                            nllgg

                                                                                                                                            • Van FreeBSD Documentatie projectleider tot FreeBSD Developer - Remko Lodder
                                                                                                                                              Source: Nederlandse Linux Gebruikers Group
                                                                                                                                              Added: 2008-December-31
                                                                                                                                              Tags: nllgg, freebsd, documentation, nederlands, remko lodder
                                                                                                                                              Files: PDF version (594 Kb, 24 pages)

                                                                                                                                              In 2004 ben ik begonnen met het FreeBSD Dutch Documentation Project, een project dat inmiddels bijna het complete handboek vertaald heeft. Sinds die tijd zijn er vele wegen geweest die ik behandeld heb, van documentatie projectleider naar Security Team-lid tot aan FreeBSD Developer. Remko Lodder is momenteel 25 jaar en werkt als Unix Engineer voor het bedrijf Snow B.V. waar hij zich momenteel met name bezig houd met security (firewalls etc). Hij is sinds 2004 lid van het FreeBSD Development team en is momenteel 1 van de meest actieve developers binnen het team.

                                                                                                                                            • Een historisch overzicht van BSD - Hans van de Looy
                                                                                                                                              Source: Nederlandse Linux Gebruikers Group
                                                                                                                                              Added: 2008-December-31
                                                                                                                                              Tags: nllgg, bsd, history, hans van de looy
                                                                                                                                              Files: PDF version (5767 Kb, 38 pages)

                                                                                                                                              Hans zal een historisch overzicht geven van het ontstaan van *BSD vanaf de oorsprong van UNIX tot aan de nu bekende *BSD varianten. Hij zal daarbij met name ingaan wat de oorsprong en het ontstaan van een aantal *BSD-projecten zijn. Hierbij zal hij zeer kort ingaan op de verschillende licentieproblemen die we in het verleden gezien hebben en worden een aantal bekende personen en data weer eens even op de kaart geplaatst. Hans van de Looy is oprichter van Madison Gurkha. Een bedrijf dat gespecialiseerd is op het gebied van het uitvoeren van technische ICT-beveiligingsonderzoeken, in de media ook wel aangeduid met Etisch Hacken. Tijdens dergelijke onderzoeken maakt hij ook regelmatig gebruik van op BSD* gebaseerde systemen.

                                                                                                                                            no starch press

                                                                                                                                            nobuo kawaguti

                                                                                                                                              notes

                                                                                                                                              nsswitch

                                                                                                                                                nuug

                                                                                                                                                • Releaseparty, the Varnish HTTP accelerator
                                                                                                                                                  Source: Norwegian Unix Users Group
                                                                                                                                                  Added: 2006-October-03
                                                                                                                                                  Tags: nuug, presentation, varnish, poul-henning kamp
                                                                                                                                                  Files: Video version (230 Mb), MP3 version (47.8 Mb)

                                                                                                                                                  VG sponsored the creation of a web-accellerator called "Varnish" because Squid was too slow for them. Varnish is being developed by Poul-Henning Kamp and the Norwegian Linux consultancy Linpro. This is the releaseparty for version 1.0. The first half of the talk will introduce Varnish and present some of the novel features it brings to the business of web-serving. The second half of the talk, using Varnish as the example, will show ways to get the most performance out of modern hardware and operating systems. (The English text starts at about 5 minutes in the stream)

                                                                                                                                                nycbsdcon

                                                                                                                                                nycbsdcon2006

                                                                                                                                                nycbsdcon2007

                                                                                                                                                • BSD is Dying, Jason Dixon, NYCBSDCon 2007
                                                                                                                                                  Source: YouTube bsdconferences channel
                                                                                                                                                  Added: 2008-December-06
                                                                                                                                                  Tags: youtube, nycbsdcon, nycbsdcon2007, bsd is dying, jason dixon
                                                                                                                                                  Files: Flash (17:41)

                                                                                                                                                  A tongue-in-cheek look at the history and future of the BSD movement. Modeled after the presentation styles of Lessig and Hardt, the talk provides a light-hearted introspection of the leaders, technologies, and community that forges ahead despite having been left for dead some 15 years past. This presentation was given by Jason Dixon at the NYC BSD Conference at Columbia University on October 28, 2006 clive URL: http://www.youtube.com/watch?v=g7tvI6JCXD0

                                                                                                                                                nycbsdcon2008

                                                                                                                                                nycbug

                                                                                                                                                • NYCBSDCon Update with Isaac Levy and Steven Kreuzer
                                                                                                                                                  Source: bsdtalk
                                                                                                                                                  Added: 2008-08-19
                                                                                                                                                  Tags: bsdtalk, interview, nycbug, nycbsdcon, nycbsdcon2008, isaac levy, steven kreuzer
                                                                                                                                                  Files: MP3 version (7 Mb, 15 minutes), Ogg version (15 minutes)

                                                                                                                                                  An update on NYCBSDCon 2008 with Isaac Levy and Steven Kreuzer. More information on the conference can be found at http://www.nycbsdcon.org/

                                                                                                                                                • BSD Hacker Isaac "Ike" Levy
                                                                                                                                                  Source: bsdtalk
                                                                                                                                                  Added: 2007-07-16
                                                                                                                                                  Tags: bsdtalk, interview, nycbug, isaac levy
                                                                                                                                                  Files: MP3 version (13 Mb, 26 minutes), Ogg version (26 minutes)

                                                                                                                                                  Interview with BSD Hacker Isaac "Ike" Levy. To hear more of Ike and other NYCBUG audio, visit http://www.fetissov.org/public/nycbug/

                                                                                                                                                • What's your biggest Time Management problem?
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2009-03-13
                                                                                                                                                  Tags: nycbug, presentation, time management, tom limoncelli
                                                                                                                                                  Files: MP3 version (11 Mb)

                                                                                                                                                  What's your biggest Time Management problem? Tom Limoncelli is a FreeBSD user and the author of the O'Reilly book,"Time Management for System Administrators". He'll be giving a brief presentation with highlights from his book then will take questions from the audience. Whether you are a system administrator, a developer (or even a Linux user) this presentation will help you with something more precious a quad-processor AMD box.

                                                                                                                                                • Postfix Performance Tuning
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2009-02-21
                                                                                                                                                  Tags: nycbug, presentation, postfix, john mashey
                                                                                                                                                  Files: MP3 version (11 Mb)

                                                                                                                                                  Money can buy you bandwidth, but latency is forever! John Mashey, MIPS Victor will cover an array of issues connected to Postfix performance tuning, including: Latency, concurrency and throughput Postfix input processing Queue file format rationale Input processing bottlenecks Pre-queue filters, milters, content filters Tuning for fast (enough) input Postfix on-disk queues, requirements and architecture What is a "transport"? Postfix "nqmgr" scheduler algorithm Per-destination in memory queues Per-destination scheduler controls SMTP delivery Understanding delay logging Transport process limits, concurrency limits Scaling to thousands of output processes Connection caching, TLS session caching, feedback controls Speaker Bio Victor Duchovni trained in mathematics, switched tracks to CS in 1980s leaving Princeton with a master's degree in mathematics and newly acquired skills in Unix system administration and system programming. In 1990 moved to Lehman Brothers, worked on system management tooling, and network engineering. Ported "Moira" from MIT to Lehman, built efficient build systems that predated (and partly inspired) Jumpstart. In 1994 joined ESM to market "CMDB" tools to enterprise users, but this did not pan out, in the mean time learned Tcl, and contributed bunch of patches to the 7.x early 8.x TCL releases. In 1997 returned to New York, working in IT Security at Morgan Stanley since late 1999. At Morgan Stanley, developed a hobby in perimeter email security, becoming an active Postfix user and very soon contributor in May of 2001. In addition to many smaller feature improvements, contributed initial implementation of SMTP connection caching, overhauled and currently maintain LDAP and TLS support. Made significant design contributions to queue manager in collaboration with Wietse and Patrik Raq. In 2.6 contributing support for TLS EC ciphers and multi-instance management tooling, ideally also TLS SNI if time permits.

                                                                                                                                                • Introduction to Puppet
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2009-01-19
                                                                                                                                                  Tags: nycbug, presentation, puppet, larry ludwig
                                                                                                                                                  Files: MP3 version (11 Mb)

                                                                                                                                                  What it is and how can it make system administration less painful About the speaker: Larry Ludwig - Principal Consultant/Founder of Empowering Media. Empowering Media is a consulting firm and managed hosting provider. Larry Ludwig has been in the industry for over 15 years as a system administration and system programmer. He's had previous experience working for many Fortune 500 corporations and holds a BS in CS from Clemson University. Larry, along with Eric E. Moore and Brian Gupta are founding members of the NYC Puppet usergroup.

                                                                                                                                                • Hardware Performance Monitoring Counters
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2008-November-16
                                                                                                                                                  Tags: nycbug, presentation, george neville-neil, counters
                                                                                                                                                  Files: MP3 version (4 Mb)

                                                                                                                                                  Many modern CPUs provide on chip counters for performance events such as retiring instructions and cache misses. The hwpmc driver and libraries in FreeBSD give systems administrators and programmers access to APIs which make it possible to measure performance without modifying source code and with minimal intrusion into application execution. This talk will be a brief introduction to HWPMC, and how to use it. Bio: George Neville-Neil is the co-author with Kirk McKusick of The Design and Implementation of the FreeBSD Operating System. He works on networking an operating systems for fun and profit.

                                                                                                                                                • Public Key sudo
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2008-08-19
                                                                                                                                                  Tags: nycbug, presentation, sudo, public key, matthew burnside
                                                                                                                                                  Files: MP3 version (2 Mb)

                                                                                                                                                  Two tools which have become the norm in Linux- and Unix-based environments are SSH for secure communications, and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this talk, I describe a flaw in their interaction, and then present our solution called public-key sudo. Public-key sudo is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. I describe our implementation of a generic SSH authentication module and the sudo modifications required to use this module. Bio: Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His research interests are in network anonymity, trust management, and enterprise-scale policy enforcement.

                                                                                                                                                • Configuration Management with Cfengine
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2008-07-03
                                                                                                                                                  Tags: nycbug, presentation, configuration management, cfengine
                                                                                                                                                  Files: MP3 version (58 minutes, 6 Mb)

                                                                                                                                                  Configuration Management with Cfengine Cfengine is a policy-based configuration management system. Its primary function is to provide automated configuration and maintenance of computers, from a policy specification. The cfengine project was started in 1993 as a reaction to the complexity and non-portability of shell scripting for Unix configuration management, and continues today. The aim was to absorb frequently used coding paradigms into a declarative, domain-specific language that would offer self-documenting configuration. about the speaker: Steven Kreuzer has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.

                                                                                                                                                • Managing OpenBSD Environments
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2008-05-12
                                                                                                                                                  Tags: nycbug, presentation, openbsd, system management
                                                                                                                                                  Files: MP3 version (103 minutes, 11 Mb)

                                                                                                                                                  This talk is the result of an after-meeting discussion with a few folks, when it became apparent that there is some confusion as to how to deal with OpenBSD in small and large environments. The topic of installation and upgrading came up again. This talk is aimed to hopefully dispel many of the rumors, provide a thorough description and walk through of the various stages of running OpenBSD in any size environment, and some of the features and tools at the administrator's disposal. Okan Demirmen has been working with UNIX-like systems for as long as he can remember and has found OpenBSD to match some of the same philosophies in which he believes, namely simplicity and correctness, and reap the benefits of such.

                                                                                                                                                • Building a High-Performance Computing Cluster Using FreeBSD
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2008-03-22
                                                                                                                                                  Tags: nycbug, presentation, high performance computing, freebsd, brooks davis
                                                                                                                                                  Files: MP3 version (80 minutes, 9 Mb)

                                                                                                                                                  Special NYC*BUG meeting with FreeBSD developer Brooks Davis Since late 2000 we have developed and maintained a general purpose technical and scientific computing cluster running the FreeBSD operating system. In that time we have grown from a cluster of 8 dual Intel Pentium III systems to our current mix of 64 dual, quad-core Intel Xeon and 289 dual AMD Opteron systems. In this talk we reflect on the system architecture as documented in our BSDCon 2003 paper "Building a High-performance Computing Cluster Using FreeBSD" and our changes since that time. After a brief overview of the current cluster we revisit the architectural decisions in that paper and reflect on their long term success. We then discuss lessons learned in the process. Finally, we conclude with thoughts on future cluster expansion and designs. Bio Brooks Davis is an Engineering Specialist in the High Performance Computing Section of the Computer Systems Research Department at The Aerospace Corporation. He has been a FreeBSD user since 1994, a FreeBSD committer since 2001, and a core team member since 2006. He earned a Bachelors Degree in Computer Science from Harvey Mudd College in 1998. His computing interests include high performance computing, networking, security, mobility, and, of course, finding ways to use FreeBSD in all these areas. When not computing, he enjoys reading, cooking, brewing and pounding on red-hot iron in his garage blacksmith shop.

                                                                                                                                                • User Interfaces and How People Think
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2008-03-10
                                                                                                                                                  Tags: nycbug, presentation, user interfaces
                                                                                                                                                  Files: MP3 version (78 minutes, 9 Mb)

                                                                                                                                                  "User Interfaces and How People Think" will introduce concepts of designing software for different users by observing how they think about and do what they do. While much of design today focuses on the front-end of computer systems, there is opportunity to innovate in every area where a human interacts with software. Bio: Jeffery Mau is a user experience designer with the leading business and technology consulting firm Sapient. He has helped clients create great customer experiences in the financial services, education, entertainment and telecommunications industries. With a passion for connecting people with technology, Jeff specializes in Information Architecture and Business Strategy. Jeff holds a Masters in Design from the IIT Institute of Design in Chicago, Illinois.

                                                                                                                                                • Open Meeting on OpenSSH
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2008-02-19
                                                                                                                                                  Tags: nycbug, presentation, openssh
                                                                                                                                                  Files: MP3 version (63 minutes, 7 Mb)

                                                                                                                                                  Open Meeting on OpenSSH Febrary's NYCBUG meeting is a broad look at OpenSSH, the de facto method for remote administration and more. OpenSSH celebrated its 8th anniversary this past September, and we thought this would be a great opportunity to discuss OpenSSH, and for others to contribute their hacks and interesting applications.

                                                                                                                                                • SSARES
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2008-01-11
                                                                                                                                                  Tags: nycbug, presentation, ipv6, gene cronk
                                                                                                                                                  Files: MP3 version (67 minutes, 7 Mb), Paper (10 pages, 443 Kb)

                                                                                                                                                  SSARES: Secure Searchable Automated Remote Email Storage - A usable, secure email system on a remote untrusted server The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefit of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confidentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search. To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient. However, the system also incurs significant costs, primarily in terms of expanded storage requirements. We view our work as a starting point toward creating privacy-friendly hosted services. Angelos Keromytis is an Associate Professor with the Department of Computer Science at Columbia University, and director of the Network Security Laboratory. He received his B.Sc. in Computer Science from the University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer and Information Science (CIS) Department, University of Pennsylvania. He is the author and co-author of more than 100 papers on refereed conferences and journals, and has served on over 40 conference program committees. He is an associate editor of the ACM Transactions on Information and Systems Security (TISSEC). He recently co-authored a book on using graphics cards for security, and is a co-founder of StackSafe Inc. His current research interests revolve around systems and network security, and cryptography.

                                                                                                                                                • Gene Cronk on Implementing IPv6
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2007-October-06
                                                                                                                                                  Tags: nycbug, presentation, ipv6, gene cronk
                                                                                                                                                  Files: MP3 version (60 minutes, 14Mb)

                                                                                                                                                  This talk will be on some of the basics of IPv6 including addressing, subnetting, and tools to test connectivity. There will be a lab (network permitting), and setups for an as of yet undisclosed flavor of BSD as well as some of the well known daemons (Apache 2, SSHD) will be demonstrated. Setting up a BSD OS as an IPv6 router and tunneling system will also be covered. Bio Gene Cronk, CISSP-ISSAP, NSA-IAM is a freelance network security consultant, specializing in *NIX solutions. He has been working with computers for well over 20 years, electronics for over 15, and IPv6 specifically for 4 years. He has given talks on IPv6 and a multitude of other topics at DefCon, ShmooCon and other "underground" venues. Gene is from Jacksonville, FL. When not involved in matters concerning IPv6, he can be found gaming (Anarchy Online), helping out with the Jacksonville Linux User's Group, being one of the benevolent dictators of the Hacker Pimps Security Think Tank, or fixing up his house.

                                                                                                                                                • Using Cryptography to Improve Web Application Performance and Security
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2007-09-12
                                                                                                                                                  Tags: nycbug, presentation, cryptography, nick galbreath
                                                                                                                                                  Files: MP3 version (18Mb)

                                                                                                                                                  Cryptography has a reputation of slowing down applications. However if done correctly, it can actually be used to improve performance by storing high-value/high-cost results "in public." In addition the same techniques can solve common security problems such as authorization, parameter scanning, and parameter rewriting. All are welcome - no previous experience with cryptography is required, and the techniques will be presented in a programming-language neutral format. Nick Galbreath have been working on high performance servers and web security at various high profile startups since 1994 (most recently Right Media). He holds a Master degree of Mathematics from Boston University, and published a book on cryptography. He currently lives in the Lower East Side.

                                                                                                                                                • Marc Spitzer on Nagios
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2007-08-01
                                                                                                                                                  Tags: nycbug, presentation, nagios, marc spitzer
                                                                                                                                                  Files: MP3 version (19Mb)

                                                                                                                                                  Nagios is a platform for monitoring services and the hosts they reside on. It provides a reasonable tool for monitoring your network and you can not beat the price. We plan on covering the following topics: what it is how it works where to get it how to install it how to configure it how to customize it for your environment where the data is stored how to write a basic plug-in About the Speaker Marc Spitzer started as a VAX/VMS operator who taught himself some basic scripting in DCL to help me remember how to do procedures that did not come up enough to actually remember all the steps, this was in 1990. Since then he has worked with HPUX, Solaris, Windows, Linux, and the BSDs, FreeBSD being his favorite. He has held a variety of positions, admin and engineering, where he has been able to introduce BSD into his work place. He currently works for Columbia University as a Systems Administrator. He is a founding member of NYCBUG and LispNYC and on the board of UNIGroup. Most of his career has been building tools to solve operational problems, with extra effort going to the ones that irritated him personally. He takes a great deal of pride in not needing a budget to solve most problems.

                                                                                                                                                • Isaac 'Ike' Levy on the Real Unix Tradition
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2007-07-08
                                                                                                                                                  Tags: nycbug, presentation, unix tradition, isaac levy
                                                                                                                                                  Files: MP3 version (10Mb)

                                                                                                                                                  "The Real Unix Tradition" UNIX hackers, all standing on the shoulders of giants. "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 "Well, it was all Open Source, before anybody really called it that". - Brian Redman, 2003 UNIX is the oldest active and growing computing culture alive today. From it's humble roots in the back room at Bell Laboratories, to today's global internet infrastructure- UNIX has consistently been at the core of major advances in computing. Today, the BSD legacy is the most direct continuation of the most successful principles in UNIX, and continues to lead major advances in computing. Why? What's so great about UNIX? This lecture aims to prove that UNIX history is surprisingly useful (and fun)- for developers, sysadmins, and anyone working with BSD systems. About the speaker Isaac Levy, (ike) is a freelance BSD hadker based in NYC. He runs Diversaform Inc. as an engine to make his hacking feed itself, (and ike). Diversaform specializes in *BSD based solutions, providing 'IT special weapons and tatics' for various sized business clients, as well as running a small high-availability datacenter operation from lower Manhattan. With regard to FreeBSD jail(8), ike was a partner in the first jail (8)-based web hosting ISP in America, iMeme, and has been developing internet applications in and out of jails since 1999. Isaac is a proud member of NYC*BUG (the New York City *BSD Users Group), and a long time member of LESMUUG, (the Lower East Side Mac Unix Users Group).

                                                                                                                                                • Steven Kreuzer on Denial of Service Mitigation Techniques
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2007-06-08
                                                                                                                                                  Tags: nycbug, presentation, denialofservice, steven kreuzer
                                                                                                                                                  Files: MP3 version (10Mb)

                                                                                                                                                  Protecting your servers, workstations and networks can only go so far. Attacks which consume your available Internet-facing bandwidth, or overpower your CPU, can still take you offline. His presentation will discuss techniques for mitigating the effects of such attacks on servers designed to provide network intensive services such as HTTP or routing. About the speaker Steven Kreuzer is currently employed by Right Media as a Systems Administrator focusing on building and managing high transaction infrastructures around the globe. He has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.

                                                                                                                                                • Amitai Schlair on pkgsrcCon.
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2007-05-04
                                                                                                                                                  Tags: nycbug, presentation, pkgsrccon, netbsd, amitai schlair
                                                                                                                                                  Files: MP3 version (21Mb)

                                                                                                                                                  The fourth annual pkgsrcCon is April 27-29 in Barcelona. As might be expected when brains congregate, pkgsrcCon traditionally results in a flurry of activity toward new directions and initiatives. Mere hours after returning to New York, Amitai will give us a recap of the proceedings, including his presentation, "Packaging djbware." Amitai Schlair is a pkgsrc developer who has worked in such diverse areas as Mac OS X platform support and packages of software by Dan Bernstein. His full-time undergraduate studies at Columbia are another contributing factor to his impending insanity. He consults in software and IT.

                                                                                                                                                • Ray Lai: on OpenCVS
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2007-04-06
                                                                                                                                                  Tags: nycbug, presentation, cvs, openbsd, ray lai
                                                                                                                                                  Files: MP3 version

                                                                                                                                                  This presentation was inspired by the recent Subversion presentation. It will talk about the origins of OpenRCS and OpenCVS, its real-world usage in the OpenBSD project, and why OpenBSD will continue to use CVS. Ray is an OpenBSD developer who uses Subversion by day, CVS by night. Taking the phrase "complexity is the enemy of security" to heart, he believes that the beauty of UNIX's security is in its simplicity.

                                                                                                                                                • Ivan Ivanov on The Version Control System Subversion
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2007-02-09
                                                                                                                                                  Tags: nycbug, presentation, subversion, ivan ivanov
                                                                                                                                                  Files: MP3 version

                                                                                                                                                  The presentation will discuss Subversion from both client and server points of view. It will show how to create repositories and how to make them accessible over the network using different access schemes like http://, file:// or svn://. Pointers are given on securing the repositories and on authenticating and authorizing the clients. Next, the presentation shows how an user interacts with the repository and describes some of the important Subversion client commands. Finally, it deals with administrating the repository using "hook scripts". Ivan Ivanov is generally interested in Version Control Systems since his student years in Sofia University, Bulgaria, where he set up and maintained a CVS server for an academic project. When Subversion became a fact and proved to be "a better CVS" he researched it and last year deployed it for his NYC-based employer Ariel Partners (http://www.arielpartners.com/). He integrated the Subversion repositories with Apache Web Server over https to enable a reliable and secure way to access them from any point.

                                                                                                                                                • Okan Demirmen on PF
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2007-01-07
                                                                                                                                                  Tags: nycbug, presentation, openbsd, pf, okan demirmen
                                                                                                                                                  Files: MP3 version

                                                                                                                                                  We have had lots of meetings that have peripherally discussed OpenBSD's wildly popular PF firewall... but finally we will have a meeting focused on it.

                                                                                                                                                • New York City BSD Con 2006: BSD is Dying - A Cautionary Tale of Sex and Greed
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2006-November-02
                                                                                                                                                  Tags: nycbug, presentation, humor, bsd is dying, jason dixon
                                                                                                                                                  Files: QuickTime (19Mb), MP4 (31Mb), iPod (36Mb)

                                                                                                                                                  BSD is Dying A Cautionary Tale of Sex and Greed Jason Dixon October 28, 2006 First and foremost, I would like to thank the unique presentation styles of Dick Hardt and Lawrence Lessig for inspiring me to create this presentation. The following videos were created by exporting the original Keynote presentation slides into QuickTime video, then manually synchronizing them using iMovie HD with the audio recordings captured by Nikolai Fetissov. They were then exported into QuickTime, mpeg4 (H.264/AAC), and iPod movie formats. If you are having difficulties with the MP4 copy, and are unable to view QuickTime movies, please contact me and I'll try to assist.

                                                                                                                                                • New York City BSD Con 2006
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2006-November-01
                                                                                                                                                  Tags: nycbug, nycbsdcon, nycbsdcon2006, presentation
                                                                                                                                                  Files: Corey Benninger: Security with Ruby on Rails in BSD (14 Mb), Brian A. Seklecki: A Framework for NetBSD Network Appliances. (10 Mb), Bob Beck: PF, it is not just for firewalls anymore. (15 Mb), Bjorn Nelson: A Build System for FreeBSD (9 Mb), Johnny C. Lam: The "hidden dependency" problem. (13 Mb), Marco Peereboom: Bio & Sensors in OpenBSD. (11 Mb), Russell Sutherland: BSD on the Edge of the Enterprise. (12 Mb), Jason Dixon: BSD Is Dying. (5 Mb), Jason Wright: OpenBSD on sparc64. (9 Mb), Kristaps Johnson: BSD Virtualisation with sysjail. (15 Mb), Wietse Venema: Postfix as a Secure Programming Example. (16 Mb), Bob Beck: spamd - spam deferral daemon. (16 Mb)

                                                                                                                                                  Audio recordings of presentations given at New York City BSD Conference 2006. Courtesy of nikolai at fetissov.org. The main page also has links to the slides.

                                                                                                                                                • Isaac 'Ike' Levy on m0n0wall and PFSense
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2006-09-09
                                                                                                                                                  Tags: nycbug, presentation, monowall, pfsense, isaac levy
                                                                                                                                                  Files:  (9 Mb)

                                                                                                                                                  UNIX professionals are busy these days. Setting up routers and firewalls are fundamental to any network, but in environments where the focus is on various applications, (servers, workstations, and the software that runs on them), it's difficult for a business not to choose off-the-shelf SOHO routers and networking gear. The web management GUIs are understandable by everyone, (even techs without UNIX knowledge), and the gear is cheap - this saves time and money. In the meantime, the features of your average Linksys or Netgear router often leave MUCH to be desired, (https auth management, for one simple example). Enter m0n0wall and PFSense, 2 BSD based packaged router/firewall solutions that are as solid and full featured as you'd expect from any BSD system- PLUS THEY HAVE HTML WEB INTERFACES FOR MANAGEMENT! m0n0wall and PFSense become an easy sell in any small professional environment, any competent tech can manage the network within minutes... At home, in every hackers home network, they free the hacker to have trusted tools available, but are as time-saving as using any Linksys router. m0n0wall and PFSense are both light and clean, designed to run on embedded systems- (Soekris, WRAP), but are monsters when unleashed on even legacy PCs around the office. If you manage UNIX networks and systems all day, do you really want to manage the router for your DSL when you get home? But then doesn't it bug you to use a chincey Linksys box? Ike has been a member of NYC*BUG since we first launched in January 2004. He is a long-time member of the Lower East Side Mac Unix User Group. He has spoken frequently on a number of topics at various venues, particularly on the issue of FreeBSD's jail (8).

                                                                                                                                                • Alfred Perlstein on Sendmail Hacks
                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                  Added: 2006-08-07
                                                                                                                                                  Tags: nycbug, presentation, sendmail, alfred perlstein
                                                                                                                                                  Files:  (11 Mb)

                                                                                                                                                  Alfred will discuss the hacks used to turn Sendmail into a high performance solution for delivering millions of messages to OKCupid's subscribers. Topics covered will be system tuning and sendmail hacks used in house to achieve massive throughput. Alfred Perlstein is the CTO of OKcupid.com, the largest free online dating site. He has been a FreeBSD hacker for five years, he's worked on NFS, VFS, pthreads, networking and general system maintenance during his tenure on both FreeBSD and OS X kernels.

                                                                                                                                                oarc

                                                                                                                                                • Ham Radio on FreeBSD
                                                                                                                                                  Source: Ottawa Amateur Radio Club
                                                                                                                                                  Added: 2007-02-19
                                                                                                                                                  Tags: oarc, presentation, radio, diane bruce
                                                                                                                                                  Files: PDF file (23 pages)

                                                                                                                                                  Last month I attended a meeting of the Ottawa Amateur Radio Club (OARC) as a member of my local BUG was giving a presentation on Ham Radio on FreeBSD. Diane Bruce, call sign VA3DB, has had her operator license since 1969 and is well known in the BSD community and for the development of ircd-hybrid. In the past year she has assisted in the creation of the Hamradio category in the FreeBSD ports tree and has become the maintainer of over 20 of the hamradio ports. She also contributed to the FreeBSD entry at Hampedia, the Wikipedia for ham operators. Her presentation slides are a great introduction to the various ham utilities which are available, including both descriptions and screenshots of the utilities in action.

                                                                                                                                                odf

                                                                                                                                                  odp

                                                                                                                                                    ogg

                                                                                                                                                      okan demirmen

                                                                                                                                                      ollivier robert

                                                                                                                                                      one time passwords

                                                                                                                                                      • One Time Passwords
                                                                                                                                                        Source: bsdtalk
                                                                                                                                                        Added: 2007-06-14
                                                                                                                                                        Tags: bsdtalk, security, one time passwords
                                                                                                                                                        Files: MP3 version (4 Mb, 6 minutes), Ogg version (6 minutes)

                                                                                                                                                        Important when you don't trust the computer you are using, such as a library computer or internet kiosk. Available by default in Free/Net/Open BSD. FreeBSD uses OPIE, Net/Open use S/Key. One time passwords are based on your pass phrase, a non-repeating sequence number, and a seed. Initial setup should be done directly on the server. "skeyinit" for Net/Open, "opiepasswd -c" for FreeBSD. Enter a pass phrase that is not your regular account password. Find your current sequence number and seed with "opieinfo" or "skeyinfo", for example: "497 pc5246". Generate a list of the next 10 passwords and write them down, using "opiekey -n 10 497 pc5246" or "skey -n 10 497 pc5246". When you log in from a remote machine that might have a keystroke logger, you can now use a one time password instead of your regular password. For OpenBSD, log in as account:skey, for example "bob:skey", which will cause the system to present the s/key challenge. For NetBSD, the system will always present you with the s/key challenge if it is configured for your account, although you can still use your regular password. FreeBSD by default will force you to use a one time password if it is configured for your account. If you want both OPIE and password authentication, FreeBSD allows you to list trusted networks or hosts in /etc/opieaccess. Instead of carrying a list of passwords around, you can use s/key generators on a portable device that you trust, such as a palm pilot. For more info, check the man pages.

                                                                                                                                                      open source

                                                                                                                                                        open source development models

                                                                                                                                                        openbgpd

                                                                                                                                                          openbsd

                                                                                                                                                          • Asterisk Open Source Community Director John Todd
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2008-November-26
                                                                                                                                                            Tags: bsdtalk, interview, john todd, asterisk, openbsd
                                                                                                                                                            Files: MP3 version (11 Mb, 23 minutes), Ogg version (23 minutes)

                                                                                                                                                            An interview with Asterisk Open Source Community Director John Todd, who also happens to be a user of BSD. We talk about Asterisk on BSD, and his choice of OpenBSD for his systems.

                                                                                                                                                          • OpenBSD Developer Pierre-Yves Ritschard
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2007-02-02
                                                                                                                                                            Tags: bsdtalk, interview, openbsd, hoststated, pierre-yves ritschard
                                                                                                                                                            Files: MP3 version (8 Mb, 16 minutes), Ogg version (16 minutes)

                                                                                                                                                            Interview with OpenBSD Developer Pierre-Yves Ritschard. We talk about hoststated.

                                                                                                                                                          • Artist and Musician Ty Semaka
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2007-01-29
                                                                                                                                                            Tags: bsdtalk, interview, openbsd, artwork, ty semaka
                                                                                                                                                            Files: MP3 version (6 Mb, 12 minutes), Ogg version (12 minutes)

                                                                                                                                                            Interview with Artist and Musician Ty Semaka. You can find his work at http://www.tysemaka.com/, and also on the OpenBSD CDs, posters, and shirts.

                                                                                                                                                          • OpenBSD Developer Claudio Jeker
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2007-01-24
                                                                                                                                                            Tags: bsdtalk, interview, openbsd, claudio jeker
                                                                                                                                                            Files: MP3 version (7 Mb, 15 minutes), Ogg version (15 minutes)

                                                                                                                                                            Interview with OpenBSD Developer Claudio Jeker.

                                                                                                                                                          • OpenBSD Developer Jason Wright
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2006-November-10
                                                                                                                                                            Tags: bsdtalk, interview, openbsd, sparc, radio, jason wright
                                                                                                                                                            Files: MP3 version (8 Mb, 17 minutes), Ogg version (17 minutes)

                                                                                                                                                            Interview with OpenBSD developer Jason Wright. We talk about his work on sparc and also amateur radio.

                                                                                                                                                          • OpenBSD Developer David Gwynne
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2006-November-01
                                                                                                                                                            Tags: bsdtalk, interview, openbsd, david gwynne
                                                                                                                                                            Files: MP3 version (8 Mb, 16 minutes), Ogg version (16 minutes)

                                                                                                                                                            Interview with OpenBSD developer David Gwynne. We talk about the upcoming 4.0 release of OpenBSD and current projects that he is working on.

                                                                                                                                                          • OpenBSD Developer Marc Balmer
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2006-October-13
                                                                                                                                                            Tags: bsdtalk, interview, opencon, openbsd, marc balmer
                                                                                                                                                            Files: MP3 version (7 Mb, 15 minutes), Ogg version (15 minutes)

                                                                                                                                                            Interview with OpenBSD Developer Marc Balmer. We talk about www.opencon.org and his work with OpenBSD.

                                                                                                                                                          • Interview with Christoph Egger about Xen on OpenBSD
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2006-09-23
                                                                                                                                                            Tags: bsdtalk, interview, openbsd, xen, christoph egger
                                                                                                                                                            Files: MP3 version (7 Mb, 15 minutes), Ogg version (15 minutes)

                                                                                                                                                            Interview with Christoph Egger about Xen on OpenBSD.

                                                                                                                                                          • Interview with OpenBSD Developer Bob Beck
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2006-09-23
                                                                                                                                                            Tags: bsdtalk, interview, openbsd, bob beck
                                                                                                                                                            Files: MP3 version (12 Mb, 26 minutes), Ogg version (26 minutes)

                                                                                                                                                            Interview with OpenBSD Developer Bob Beck.

                                                                                                                                                          • OpenBSD Network Stack Internals
                                                                                                                                                            Source: YouTube bsdconferences channel
                                                                                                                                                            Added: 2009-05-24
                                                                                                                                                            Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, openbsd, claudio jeker
                                                                                                                                                            Files: Flash (53:41)

                                                                                                                                                            P8A: OpenBSD Network Stack Internals AsiaBSDCon 2008, Claudio Jeker clive URL: http://www.youtube.com/watch?v=V85It0dGUF4

                                                                                                                                                          • EuroBSDCon 2008 - Constantine Murenin - OpenBSD Hardware Sensors Framework
                                                                                                                                                            Source: EuroBSDCon
                                                                                                                                                            Added: 2008-October-22
                                                                                                                                                            Tags: eurobsdcon, eurobsdcon2008, presentation, openbsd, hardware sensors, constantine murenin
                                                                                                                                                            Files: PDF (539395 bytes, 38 pages)

                                                                                                                                                            In this talk, we will discuss the past and present history and the design principles of the OpenBSD hardware sensors framework. Sensors framework provides a unified interface for storing, registering and accessing information about hardware monitoring sensors. Sensor types include, but are not limited to, temperature, voltage, fan RPM, time offset and logical drive status. The framework spans sensor_attach(9), sysctl(3), sysctl(8), sensorsd(8), ntpd(8), snmpd(8) and more than 67 drivers, ranging from I2C temperature sensors and Super I/O hardware monitors to IPMI, RAID and SCSI enclosures. Several third-party tools are also available, for example, a plug-in for Nagios and ports/sysutils/symon. Originally based on some ideas from NetBSD, the framework has sustained many improvements in OpenBSD, and was ported and committed to FreeBSD and DragonFly BSD. Constantine A. Murenin is an MMath graduate student at the David R. Cheriton School of Computer Science at the University of Waterloo (CA). Prior to his graduate appointment, Constantine attended and subsequently graduated from East Carolina University (US) and De Montfort University (UK), receiving two bachelor degrees in computer science, with honors and honours respectively. A FreeBSD Google Summer of Code 2007 Student, OpenBSD Committer and Mozilla Contributor, Constantine's interests range from standards compliance and usability at all levels, to quiet computing and hardware monitoring. http://Constantine.SU/

                                                                                                                                                          • Managing OpenBSD Environments
                                                                                                                                                            Source: New York City *BSD User Group
                                                                                                                                                            Added: 2008-05-12
                                                                                                                                                            Tags: nycbug, presentation, openbsd, system management
                                                                                                                                                            Files: MP3 version (103 minutes, 11 Mb)

                                                                                                                                                            This talk is the result of an after-meeting discussion with a few folks, when it became apparent that there is some confusion as to how to deal with OpenBSD in small and large environments. The topic of installation and upgrading came up again. This talk is aimed to hopefully dispel many of the rumors, provide a thorough description and walk through of the various stages of running OpenBSD in any size environment, and some of the features and tools at the administrator's disposal. Okan Demirmen has been working with UNIX-like systems for as long as he can remember and has found OpenBSD to match some of the same philosophies in which he believes, namely simplicity and correctness, and reap the benefits of such.

                                                                                                                                                          • Ray Lai: on OpenCVS
                                                                                                                                                            Source: New York City *BSD User Group
                                                                                                                                                            Added: 2007-04-06
                                                                                                                                                            Tags: nycbug, presentation, cvs, openbsd, ray lai
                                                                                                                                                            Files: MP3 version

                                                                                                                                                            This presentation was inspired by the recent Subversion presentation. It will talk about the origins of OpenRCS and OpenCVS, its real-world usage in the OpenBSD project, and why OpenBSD will continue to use CVS. Ray is an OpenBSD developer who uses Subversion by day, CVS by night. Taking the phrase "complexity is the enemy of security" to heart, he believes that the beauty of UNIX's security is in its simplicity.

                                                                                                                                                          • Okan Demirmen on PF
                                                                                                                                                            Source: New York City *BSD User Group
                                                                                                                                                            Added: 2007-01-07
                                                                                                                                                            Tags: nycbug, presentation, openbsd, pf, okan demirmen
                                                                                                                                                            Files: MP3 version

                                                                                                                                                            We have had lots of meetings that have peripherally discussed OpenBSD's wildly popular PF firewall... but finally we will have a meeting focused on it.

                                                                                                                                                          • OpenBSD 4.5 Release Songs - Games
                                                                                                                                                            Source: OpenBSD
                                                                                                                                                            Added: 2008-05-25
                                                                                                                                                            Tags: openbsd, artwork
                                                                                                                                                            Files: MP3 version (6.4 Mb, 3:29 minutes), Ogg version (4.5 Mb, 3:29 minutes)

                                                                                                                                                            [Commentary still being written] For RSS readers: Please note that the download URL is an FTP site.

                                                                                                                                                          • OpenBSD 4.0 Release Songs - OpenVOX
                                                                                                                                                            Source: OpenBSD
                                                                                                                                                            Added: 2006-October-10
                                                                                                                                                            Tags: openbsd, artwork
                                                                                                                                                            Files: MP3 version (3.9 Mb, 4 minutes), Ogg version (6.0 Mb, 4 minutes)

                                                                                                                                                            This is an extra track by the artist Ty Semaka (who really has "had Puffy on his mind") which we included on the audio CD. This song details the process that Ty has to go through to make the art and music for each OpenBSD release. Ty and Theo really do go to a (very specific) bar and discuss what is going on in the project, and then try to find a theme that will work... For RSS readers: Please note that the download URL is an FTP site.

                                                                                                                                                          • OpenBSD 4.4 Release Song - "Source Wars - Episode IV - Trial of the BSD Knights"
                                                                                                                                                            Source: OpenBSD
                                                                                                                                                            Added: 2008-November-18
                                                                                                                                                            Tags: openbsd, artwork
                                                                                                                                                            Files: MP3 version (5.6 Mb, 3 minutes 5 seconds), Ogg version (4.4 Mb, 3 minutes 5 seconds)

                                                                                                                                                            Nearly 10 years ago Kirk McKusick wrote a history of the Berkeley Unix distributions for the O'Reilly book "Open Sources: Voices from the Open Source Revolution". We recommend you read his story, entitled "Twenty Years of Berkeley Unix From AT&T-Owned to Freely Redistributable" first, to see how Kirk remembers how we got here. Sadly, since it showed up in book form originally, this text has probably not been read by enough people. The USL(AT&T) vs BSDI/UCB court case settlement documents were not public until recently; their disclosure has made the facts more clear. But the story of how three people decided to free the BSD codebase of corporate pollution -- and release it freely -- is more interesting than the lawsuit which followed. Sure, a stupid lawsuit happened which hindered the acceptance of the BSD code during a critical period. But how did a bunch of guys go through the effort of replacing so much AT&T code in the first place? After all, companies had lots of really evil lawyers back then too -- were they not afraid? After a decade of development, most of the AT&T code had already been replaced by university researchers and their associates. So Keith Bostic, Mike Karels and Kirk McKusick (the main UCB CSRG group) started going through the 4.3BSD codebase to cleanse the rest. Keith, in particular, built a ragtag team (in those days, USENIX conferences were a gold mine for such team building) and led these rebels to rewrite and replace all the Imperial AT&T code, piece by piece, starting with the libraries and userland programs. Anyone who helped only got credit as a Contributor -- people like Chris Torek and a cast of .. hundreds more. Then Mike and Kirk purified the kernel. After a bit more careful checking, this led to the release of a clean tree called Net/2 which was given to the world in June 1991 -- the largest dump of free source code the world had ever received (for those days -- not modern monsters like OpenOffice). Some of these ragtags formed a company (BSDi) to sell a production system based on this free code base, and a year later Unix System Laboratories (basically AT&T) sued BSDi and UCB. Eventually AT&T lost and after a few trifling fixes (described in the lawsuit documents) the codebase was free. A few newer developments (and more free code) were added, and released in June 1994 as 4.4BSD-Lite. Just over 14 years later OpenBSD is releasing its own 4.4 release (and for a lot less than $1000 per copy). The OpenBSD 4.4 release is dedicated to Keith Bostic, Mike Karels, Kirk McKusick, and all of those who contributed to making Net/2 and 4.4BSD-Lite free.

                                                                                                                                                          • OpenBSD 4.3 Release Song - "Home to Hypocrisy"
                                                                                                                                                            Source: OpenBSD
                                                                                                                                                            Added: 2008-05-03
                                                                                                                                                            Tags: openbsd, artwork
                                                                                                                                                            Files: MP3 version (8.2 Mb, 4 minutes 48 seconds), Ogg version (6.5 Mb, 4 minutes 48 seconds)

                                                                                                                                                            We are just plain tired of being lectured to by a man who is a lot like Naomi Campbell. In 1998 when a United Airlines plane was waiting in the queue at Washington Dulles International Airport for take-off to New Orleans (where a Usenix conference was taking place), one man stood up from his seat, demanded that they stop waiting in the queue and be permitted to deplane. Even after orders from the crew and a pilot from the cockpit he refused to sit down. The plane exited the queue and returned to the airport gangway. Security personnel ran onto the plane and removed this man, Richard Stallman, from the plane. After Richard was removed from the plane, everyone else stayed onboard and continued their journey to New Orleans. A few OpenBSD developers were on that same plane, seated very closeby, so we have an accurate story of the events. This is the man who presumes that he should preach to us about morality, freedom, and what is best for us. He believes it is his God-given role to tell us what is best for us, when he has shown that he takes actions which are not best for everyone. He prefers actions which he thinks are best for him -- and him alone -- and then lies to the public. Richard Stallman is no Spock. We release our software in ways that are maximally free. We remove all restrictions on use and distribution, but leave a requirement to be known as the authors. We follow a pattern of free source code distribution that started in the mid-1980's in Berkeley, from before Richard Stallman had any powerful influence which he could use so falsely. We have a development sub-tree called "ports". Our "ports" tree builds software that is 'found on the net' into packages that OpenBSD users can use more easily. A scaffold of Makefiles and scripts automatically fetch these pieces of software, apply patches as required by OpenBSD, and then build them into nice neat little tarballs. This is provided as a convenience for users. The ports tree is maintained by OpenBSD entirely separately from our main source tree. Some of the software which is fetched and compiled is not as free as we would like, but what can we do. All the other operating system projects make exactly the same decision, and provide these same conveniences to their users. Richard felt that this "ports tree" of ours made OpenBSD non-free. He came to our mailing lists and lectured to us specifically, yet he said nothing to the many other vendors who do the same; many of them donate to the FSF and perhaps that has something to do with it. Meanwhile, Richard has personally made sure that all the official GNU software -- including Emacs -- compiles and runs on Windows. That man is a false leader. He is a hypocrite. There may be some people who listen to him. But we don't listen to people who do not follow their own stupid rules.

                                                                                                                                                          • OpenBSD 4.2 Release Song - "100001 1010101"
                                                                                                                                                            Source: OpenBSD
                                                                                                                                                            Added: 2007-November-02
                                                                                                                                                            Tags: openbsd, artwork
                                                                                                                                                            Files: MP3 version (4.0 Mb, 4 minutes 40 seconds), Ogg version (6.4 Mb, 4 minutes 4- seconds)

                                                                                                                                                            Those of us who work on OpenBSD are often asked why we do what we do. This song's lyrics express the core motivations and goals which have remained unchanged over the years - secure, free, reliable software, that can be shared with anyone. Many other projects purport to share these same goals, and love to wrap themselves in a banner of "Open Source" and "Free Software". Given how many projects there are one would think it might be easy to stick to those goals, but it doesn't seem to work out that way. A variety of desires drag many projects away from the ideals very quickly. Much of any operating system's usability depends on device support, and there are some very tempting alternative ways to support devices available to those who will surrender their moral code. A project could compromise by entering into NDA agreements with vendors, or including binary objects in the operating system for which no source code exists, or tying their users down with contract terms hidden inside copyright notices. All of these choices surrender some subset of the ideals, and we simply will not do this. Sure, we care about getting devices working, but not at the expense of our original goals. Of course since "free to share with anyone" is part of our goals, we've been at the forefront of many licensing and NDA issues, resulting in a good number of successes. This success had led to much recognition for the advancement of Free Software causes, but has also led to other issues. We fully admit that some BSD licensed software has been taken and used by many commercial entities, but contributions come back more often than people seem to know, and when they do, they're always still properly attributed to the original authors, and given back in the same spirit that they were given in the first place. That's the best we can expect from companies. After all, we make our stuff so free so that everyone can benefit -- it remains a core goal; we really have not strayed at all in 10 years. But we can expect more from projects who talk about sharing -- such as the various Linux projects. Now rather than seeing us as friends who can cooperatively improve all codebases, we are seen as foes who oppose the GPL. The participants of "the race" are being manipulated by the FSF and their legal arm, the SFLC, for the FSF's aims, rather than the goal of getting good source into Linux (and all other code bases). We don't want this to come off as some conspiracy theory, but we simply urge those developers caution -- they should ensure that the path they are being shown by those who have positioned themselves as leaders is still true. Run for yourself, not for their agenda. The Race is there to be run, for ourselves, not for others. We do what we do to run our own race, and finish it the best we can. We don't rush off at every distraction, or worry how this will affect our image. We are here to have fun doing right.

                                                                                                                                                          • OpenBSD 4.1 Release Song - Puffy Baba and the 40 Vendors
                                                                                                                                                            Source: OpenBSD
                                                                                                                                                            Added: 2007-05-02
                                                                                                                                                            Tags: openbsd, artwork
                                                                                                                                                            Files: MP3 version (4.1 Mb, 4 minutes 19 seconds), Ogg version (8.3 Mb, 4 minutes 19 seconds)

                                                                                                                                                            As developers of a free operating system, one of our prime responsibilities is device support. No matter how nice an operating system is, it remains useless and unusable without solid support for a wide percentage of the hardware that is available on the market. It is therefore rather unsurprising that more than half of our efforts focus on various aspects relating to device support. Most parts of the operating system (from low kernel, through to libraries, all the way up to X, and then even to applications) use fairly obvious interface layers, where the "communication protocols" or "argument passing" mechanisms (ie. APIs) can be understood by any developer who takes the time to read the free code. Device drivers pose an additional and significant challenge though: because many vendors refuse to document the exact behavior of their devices. The devices are black boxes. And often they are surprisingly weird, or even buggy. When vendor documentation does not exist, the development process can become extremely hairy. Groups of developers have found themselves focused for months at a time, figuring out the most simple steps, simply because the hardware is a complete mystery. Access to documentation can ease these difficulties rapidly. However, getting access to the chip documentation from vendors is ... almost always a negotiation. If we had open access to documentation, anyone would be able to see how simple all these devices actually are, and device driver development would flourish (and not just in OpenBSD, either). When we proceed into negotiations with vendors, asking for documentation, our position is often weak. One would assume that the modern market is fair, and that selling chips would be the primary focus of these vendors. But unfortunately a number of behemoth software vendors have spent the last 10 or 20 years building political hurdles against the smaller players. A particularly nasty player in this regard has been the Linux vendors and some Linux developers, who have played along with an American corporate model of requiring NDAs for chip documentation. This has effectively put Linux into the club with Microsoft, but has left all the other operating system communities -- and their developers -- with much less available clout for requesting documentation. In a more fair world, the Linux vendors would work with us, and the device driver support in all free operating systems would be fantastic by now. We only ask that users help us in changing the political landscape.

                                                                                                                                                          • OpenBSD 4.0 Release Song - Humppa negala
                                                                                                                                                            Source: OpenBSD
                                                                                                                                                            Added: 2006-October-10
                                                                                                                                                            Tags: openbsd, artwork
                                                                                                                                                            Files: MP3 version (2.3 Mb, 2 minutes 40 seconds), Ogg version (3.6 Mb, 2 minutes 40 seconds)

                                                                                                                                                            The last 10 years, every 6 month period has (without fail) resulted in an official OpenBSD release making it to the FTP servers. But CDs are also manufactured, which the project sells to continue our development goals. While tests of the release binaries are done by developers around the world, Theo and some developers from Calgary or Edmonton (such as Peter Valchev or Bob Beck) test that the discs are full of (only) correct code. Ty Semaka works for approximately two months to design and draw artwork that will fit the designated theme, and coordinates with his music buddies to write and record a song that also matches the theme. Then the discs and all the artwork gets delivered to the plant, so that they can be pressed in time for an official release date. This release, instead of bemoaning vendors or organizations that try to make our task of writing free software more difficult, we instead celebrate the 10 years that we have been given (so far) to write free software, express our themes in art, and the 5 years that we have made music with a group of talented musicians. OpenBSD developers have been torturing each other for years now with Humppa-style music, so this release our users get a taste of this too. Sometimes at hackathons you will hear the same songs being played on multiple laptops, out of sync. It is under such duress that much of our code gets written. We feel like Pufferix and Bobilix delivering The Three Discs of Freedom to those who want them whenever the need arises, then returning to celebrate the (unlocked) source tree with all the other developers. For RSS readers: Please note that the download URL is an FTP site.

                                                                                                                                                          • Installing OpenBSD in 5 minutes
                                                                                                                                                            Source: Linux and FreeBSD video tutorials. For everyone.
                                                                                                                                                            Added: 2007-05-03
                                                                                                                                                            Tags: unix-tutorial, flash, openbsd

                                                                                                                                                            Installing OpenBSD. In real time :)

                                                                                                                                                          • Constantine A. Murenin - Quiet Computing with BSD
                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                            Added: 2009-05-25
                                                                                                                                                            Tags: bsdcan, bsdcan2009, presentation, openbsd, hardware sensors, constantine murenin
                                                                                                                                                            Files: Slides (16 pages, 264 Kb)

                                                                                                                                                            Quiet Computing with BSD Programming system hardware monitors for quiet computing In this talk, we will present a detailed overview of the features and common problems of microprocessor system hardware monitors as they relate to the topic of silent computing. In a nutshell, the topic of programmable fan control will be explored. Silent computing is an important subject as its practice reduces the amount of unnecessary stress and improves the motivation of the workforce, at home and in the office. Attendees will gain knowledge on how to effectively programme the chips to minimise fan noise and avoid system failure or shutdown during temperature fluctuations, as well as some basic principles regarding quiet computing. Shortly before the talk, a patch for programming the most popular chips (like those from Winbond) will be released for the OpenBSD operating system, although the talk itself will be more specific to the microprocessor system hardware monitors themselves, as opposed to the interfacing with thereof in modern operating systems like OpenBSD, NetBSD, DragonFly BSD and FreeBSD.

                                                                                                                                                          • Peter Hansteen - Building the Network You Need with PF, the OpenBSD packet filter
                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                            Added: 2009-05-25
                                                                                                                                                            Tags: bsdcan, bsdcan2009, tutorial, pf, openbsd, peter hansteen
                                                                                                                                                            Files: Slides (68 pages, 2.5 Mb)

                                                                                                                                                            Building the Network You Need with PF, the OpenBSD packet filter. Building the network you need is the central theme for any network admin. This tutorial is for aspiring or seasoned network professionals with at least a basic knowledge of networking in general and TCP/IP particular. The session aims at teaching tools and techniques to make sure you build your network to work the way it's supposed to, keeping you in charge. Central to the toolbox is the OpenBSD PF packet filter, supplemented with tools that interact with it. Whether you are a greybeard looking for ways to optimize your setups or a greenhorn just starting out, this session will give you valuable insight into the inner life of your network and provide pointers to how to use that knowledge to build the network you need. The session will also offer some fresh information on changes introduced in OpenBSD 4.5, the most recent version of PF and OpenBSD. The tutorial is loosely based on Hansteen's recent book, /The Book of PF/ (No Starch Press), with updates and adaptations based on developments since the book's publication date.

                                                                                                                                                          • John Pertalion - An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD
                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                            Added: 2008-05-26
                                                                                                                                                            Tags: bsdcan, bsdcan2008, slides, openbsd, openvpn, john pertalion
                                                                                                                                                            Files: PDF file (26 pages, 127 Kb)

                                                                                                                                                            An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD Solving the problem At Appalachian State University, we utilize an open source VPN to allow faculty, staff and vendors secure access to Appalachian State University's internal network from any location that has an Internet connection. To implement our virtual private network project, we needed a secure VPN that is flexible enough to work with our existing network registration and LDAP authentication systems, has simple client installation, is redundant, allows multiple VPN server instances for special site-to-site tunnels and unique configurations, and can run on multiple platforms. Using OpenVPN running on OpenBSD, we met those requirements and added a distributed administration system that allows select users to allow VPN access to specific computers for external users and vendors without requiring intervention from our network or security personnel. Our presentation will start with a quick overview of OpenVPN and OpenBSD and then detail the specifics of our VPN implementation. Dissatisfied with IPSec for road warrior VPN usage we went looking for a better solution. We had hopped that we could find a solution that would run on multiple platforms, was flexible and worked well. We found OpenVPN and have been pleased. Initially we ran it on RHEL. We migrated to OpenBSD for pf functionality and general security concerns. ...and because we like OpenBSD. Our presentation will focus on the specifics of our VPN implementation. We will quickly cover the basics of OpenVPN and the most used features of OpenBSD. Moving along we will cover multiple authentication methods, redundancy, running multiple instances, integration with our netreg system, how pf has extended functionality, embedding in appliances, and client configuration. The system has proven helpful with providing vendor access where needed and we'll cover this aspect as well. Time permitting we will cover current enhancement efforts and future plans. OpenVPN has been called the "Swiss army knife" of VPN solutions. We hope our presentation leaves participants with that feeling.

                                                                                                                                                          openbsm

                                                                                                                                                          opencommunitycamp

                                                                                                                                                          opencon

                                                                                                                                                          openfest

                                                                                                                                                          openfest2006

                                                                                                                                                          openfest2007

                                                                                                                                                          openssh

                                                                                                                                                          • Open Meeting on OpenSSH
                                                                                                                                                            Source: New York City *BSD User Group
                                                                                                                                                            Added: 2008-02-19
                                                                                                                                                            Tags: nycbug, presentation, openssh
                                                                                                                                                            Files: MP3 version (63 minutes, 7 Mb)

                                                                                                                                                            Open Meeting on OpenSSH Febrary's NYCBUG meeting is a broad look at OpenSSH, the de facto method for remote administration and more. OpenSSH celebrated its 8th anniversary this past September, and we thought this would be a great opportunity to discuss OpenSSH, and for others to contribute their hacks and interesting applications.

                                                                                                                                                          openvpn

                                                                                                                                                          • John Pertalion - An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD
                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                            Added: 2008-05-26
                                                                                                                                                            Tags: bsdcan, bsdcan2008, slides, openbsd, openvpn, john pertalion
                                                                                                                                                            Files: PDF file (26 pages, 127 Kb)

                                                                                                                                                            An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD Solving the problem At Appalachian State University, we utilize an open source VPN to allow faculty, staff and vendors secure access to Appalachian State University's internal network from any location that has an Internet connection. To implement our virtual private network project, we needed a secure VPN that is flexible enough to work with our existing network registration and LDAP authentication systems, has simple client installation, is redundant, allows multiple VPN server instances for special site-to-site tunnels and unique configurations, and can run on multiple platforms. Using OpenVPN running on OpenBSD, we met those requirements and added a distributed administration system that allows select users to allow VPN access to specific computers for external users and vendors without requiring intervention from our network or security personnel. Our presentation will start with a quick overview of OpenVPN and OpenBSD and then detail the specifics of our VPN implementation. Dissatisfied with IPSec for road warrior VPN usage we went looking for a better solution. We had hopped that we could find a solution that would run on multiple platforms, was flexible and worked well. We found OpenVPN and have been pleased. Initially we ran it on RHEL. We migrated to OpenBSD for pf functionality and general security concerns. ...and because we like OpenBSD. Our presentation will focus on the specifics of our VPN implementation. We will quickly cover the basics of OpenVPN and the most used features of OpenBSD. Moving along we will cover multiple authentication methods, redundancy, running multiple instances, integration with our netreg system, how pf has extended functionality, embedding in appliances, and client configuration. The system has proven helpful with providing vendor access where needed and we'll cover this aspect as well. Time permitting we will cover current enhancement efforts and future plans. OpenVPN has been called the "Swiss army knife" of VPN solutions. We hope our presentation leaves participants with that feeling.

                                                                                                                                                          packages

                                                                                                                                                          packet construction set

                                                                                                                                                          paper

                                                                                                                                                          papers

                                                                                                                                                          paul richards

                                                                                                                                                          pawel jakub

                                                                                                                                                          pawel jakub dawidek

                                                                                                                                                          pawel solyga

                                                                                                                                                          pbi

                                                                                                                                                          • Kris Moore - Building self-contained PBIs from Ports (Automagically)
                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                            Added: 2008-05-26
                                                                                                                                                            Tags: bsdcan, bsdcan2008, slides, pc-bsd, ports, pbi, kris moore
                                                                                                                                                            Files: PDF file (26 pages, 120 Kb)

                                                                                                                                                            Building self-contained PBIs from Ports (Automagically) Creating a self-contained application from the ports tree PC-BSD provides a user-friendly desktop experience, for experts and casual users alike. PC-BSD is 100% FreeBSD under the hood, while providing desktop essentials, such as a graphical installation system, point-n-click package-management using the PBI system, and easy to use system management tools; All integrated into an easy to use K Desktop Environment (KDE). The PBI (Push Button Installer) format is the cornerstone of the PC-BSD desktop, which allows users to install applications in a self-contained format, free from dependency problems, and compile issues that stop most casual users from desktop adoption. The PBI format also provides power and flexibility in user interaction, and scripting support, which allows applications to be fine-tuned to the best possible user experience. This talk would go over in some detail our new PBI building system, which converts a FreeBSD port, such as FireFox, into a standalone self-contained PBI installer for PC-BSD desktops. The presentation will be divided into two main sections: The Push Button Installer (PBI) Format The basics of the PBI format The PBI format construction Add & Remove scripting support within PBI Building PBIs from Ports "Auto-magically" The PBI build server & standalone software Module creation & configuration Converting messy ports into PBIs

                                                                                                                                                          pc-bsd

                                                                                                                                                          • Kris Moore
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2008-October-06
                                                                                                                                                            Tags: bsdtalk, interview, kris more, pc-bsd
                                                                                                                                                            Files: MP3 version (6 Mb, 12 minutes), Ogg version (12 minutes)

                                                                                                                                                            Interview with Kris Moore. We talk about the recent release of PC-BSD 7.0.

                                                                                                                                                          • PBI 4 with Kris Moore
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2008-02-27
                                                                                                                                                            Tags: bsdtalk, interview, pc-bsd, kris moore
                                                                                                                                                            Files: MP3 version (5 Mb, 10 minutes), Ogg version (10 minutes)

                                                                                                                                                            Interview with PC-BSD founder Kris Moore about the new features in PBI 4.

                                                                                                                                                          • PC-BSD Founder Kris Moore
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2007-08-07
                                                                                                                                                            Tags: bsdtalk, interview, pc-bsd, kris moore
                                                                                                                                                            Files: MP3 version (6 Mb, 12 minutes), Ogg version (12 minutes)

                                                                                                                                                            Interview with PC-BSD Founder Kris Moore. We talk about the upcoming 1.4 release.

                                                                                                                                                          • Kris Moore from PC-BSD
                                                                                                                                                            Source: bsdtalk
                                                                                                                                                            Added: 2006-October-26
                                                                                                                                                            Tags: bsdtalk, interview, pc-bsd, kris moore
                                                                                                                                                            Files: MP3 version (10 Mb, 21 minutes), Ogg version (21 minutes)

                                                                                                                                                            Interview with Kris Moore from PC-BSD.

                                                                                                                                                          • PC-BSD, Matt Olander, AsiaBSDCon 2008
                                                                                                                                                            Source: YouTube bsdconferences channel
                                                                                                                                                            Added: 2009-02-21
                                                                                                                                                            Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, pc-bsd, matt olander
                                                                                                                                                            Files: Flash (28:50)

                                                                                                                                                            PC-BSD, Matt Olander, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=N0q37X-MJzY

                                                                                                                                                          • PC-BSD: FreeBSD on the Desktop
                                                                                                                                                            Source: YouTube bsdconferences channel
                                                                                                                                                            Added: 2008-December-06
                                                                                                                                                            Tags: youtube, meetbsd, meetbsd2007, pc-bsd, matt olander
                                                                                                                                                            Files: Flash (31:30)

                                                                                                                                                            "PC-BSD: FreeBSD on the Desktop", Matt Olander at MeetBSD 2007 in Warsaw, Poland. clive URL: http://www.youtube.com/watch?v=oC4gsipGfQU

                                                                                                                                                          • Kris Moore - PC-BSD - Making FreeBSD on the desktop a reality
                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                            Added: 2009-05-25
                                                                                                                                                            Tags: bsdcan, bsdcan2009, presentation, pc-bsd, freebsd, kris moore
                                                                                                                                                            Files: Slides (35 pages, 512 Kb), Paper (9 pages, 351 Kb)

                                                                                                                                                            PC-BSD - Making FreeBSD on the desktop a reality FreeBSD on the Desktop While FreeBSD is a all-around great operating system, it is greatly lagging behind in desktop appeal. Why is this? In this talk, we will take a look at some of the desktop drawbacks of FreeBSD, and how are are attempting to fix them through PC-BSD. FreeBSD has a reputation for its rock-solid reliability, and top-notch performance in the server world, but is noticeably absent when it comes to the vast market of desktop computing. Why is this? FreeBSD offers many, if not almost all of the same open-source packages and software that can be found in the more popular Linux desktop distributions, yet even with the speed and reliability FreeBSD offers, a relative few number of users are deploying it on their desktops. In this presentation we will take a look at some of the reasons why FreeBSD has not been as widely adopted in the desktop market as it has on the server side. Several of the desktop weaknesses of FreeBSD will be shown, along with how we are trying to fix these short-comings through a desktop-centric version of FreeBSD, known as PC-BSD. We will also take a look at the package management system employed by all open-source operating systems alike, and some of the pitfalls it brings, which may hinder widespread desktop adoption.

                                                                                                                                                          • Kris Moore - Building self-contained PBIs from Ports (Automagically)
                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                            Added: 2008-05-26
                                                                                                                                                            Tags: bsdcan, bsdcan2008, slides, pc-bsd, ports, pbi, kris moore
                                                                                                                                                            Files: PDF file (26 pages, 120 Kb)

                                                                                                                                                            Building self-contained PBIs from Ports (Automagically) Creating a self-contained application from the ports tree PC-BSD provides a user-friendly desktop experience, for experts and casual users alike. PC-BSD is 100% FreeBSD under the hood, while providing desktop essentials, such as a graphical installation system, point-n-click package-management using the PBI system, and easy to use system management tools; All integrated into an easy to use K Desktop Environment (KDE). The PBI (Push Button Installer) format is the cornerstone of the PC-BSD desktop, which allows users to install applications in a self-contained format, free from dependency problems, and compile issues that stop most casual users from desktop adoption. The PBI format also provides power and flexibility in user interaction, and scripting support, which allows applications to be fine-tuned to the best possible user experience. This talk would go over in some detail our new PBI building system, which converts a FreeBSD port, such as FireFox, into a standalone self-contained PBI installer for PC-BSD desktops. The presentation will be divided into two main sections: The Push Button Installer (PBI) Format The basics of the PBI format The PBI format construction Add & Remove scripting support within PBI Building PBIs from Ports "Auto-magically" The PBI build server & standalone software Module creation & configuration Converting messy ports into PBIs

                                                                                                                                                          pcbsd

                                                                                                                                                          pcc

                                                                                                                                                          pdf

                                                                                                                                                          pedro giffuni

                                                                                                                                                          • EuroBSDCon 2008 - Pedro Giffuni - Working with Engineering Applications in FreeBSD
                                                                                                                                                            Source: EuroBSDCon
                                                                                                                                                            Added: 2008-October-22
                                                                                                                                                            Tags: eurobsdcon, eurobsdcon2008, freebsd, engineering applications, pedro giffuni
                                                                                                                                                            Files: OGG (1 byte, 51 minutes), MP3 (1 byte, 51 minutes), PDF (1 byte, n pages)

                                                                                                                                                            In recent years, traditional branches of engineering like Civil, Chemical, Mechanical, Electrical and Industrial Engineering are requiring extensive computing facilities for their needs. Several well known labs (Sandia, Lawrence Livermore) rely on huge clusters to do all types of complex analysis that were unthinkable a couple of decades ago. While the free BSD variants share the environment with traditional UNIX systems, frequently used for such computations, it was not common to find adequate free software packages to carry complex calculations. Eventually commercial versions of important math related packages started to appear for the Linux platform. Even when the big packages were distant, the BSDs learned and adapted in resourceful ways: Matlab and Mathematica, running under Linux emulation, demanded functionality from the BSDs and NetBSD implemented a signal trampoline to be able to run AutoCAD with IRIX binary compatibility. A notable project that was always available under a free license was Berkeley's Spice circuit analysis program, however it was an exception rather than the rule. Even when the scientific community pressed for a while to get other important tools like NASA's FEA package Nastran under a free license, the objective of being able to access and enhance open scientific tools was elusive. About a decade ago the situation started to improve: FreeBSD's ports system started growing exponentially, first with a high content in the math category, afterwards with a CAD section and after sustained growth in those categories a science section was created. This growth was mostly pushed by Universities and their research projects and in general are not well known with respect to the commercial counterparts. I started porting math/engineering code for FreeBSD around 1996. Back then it was absolutely unthinkable for a Mechanical Engineer to depend only on FreeBSD for it's daily work. The situation nowadays is different: there are some very high quality engineering analysis packages like EDF's Code Aster, with more than 12 years of professional development, that just can't be ignored. A Finite Element package, like Code Aster, can easily cost 5000 US$, is priced according to the maximum problem size it can solve, can require yearly licenses, and is rarely available with source code. In NASTRAN's case the source code is only available for US citizens under a yearly fee. Free software does have serious limitations though; just like in office applications there are proprietary CAD formats or sometimes the package simply doesn't have the required functionality. Having the sources, of course, always has the advantage of being able to implement (or pay for) some specific functionality you might need. Many commercial packages have been recently ported to Linux, but even when they gain some of the advantages of an open environment they still have yet another limitation: they have been very slow to make use of the multicored features of the new processors in the market, a huge limitation now that the speed war between processors has been limited by the overheating problem. The objective of the talk is to give an overview of several CAD/CAE packages that have been made available recently as part of FreeBSD's ports system and the decisions that were made to port them. BRLCAD and Varkon are two CAD utilities that made a transition from closed source to an open environment and in the process in the process of getting ported to BSD have gained greater portability and general "bug" fixes critical for their consolidation as usable and maintainable projects. There are also some tricks that have not been well documented: it is possible to enable threads and some extra optimizations on some packages, and it is also possible to replace the standard BLAS library with the faster GOTO BLAS without rebuilding the package. It is also possible to build the packages optimized for a clustered environment, but perhaps what is most interesting of all is how all the packages interrelate with each other and can turn FreeBSD into a complete enginering environment. No OS distribution so far is offering all the engineering specific utilities offered through FreeBSD's ports system: from design to visualization, passing through analysis FreeBSD is becoming an option that can't be ignored, and best of all, it is an effort that will benefit not only FreeBSD but the wider audience. Pedro F. Giffuni M. Sc. Industrial Engineering - University of Pittsburgh Mechanical Engineer - Universidad Nacional de Colombia I was born in Bogota, Colombia but I am an Italian citizen. My experience with computers started when I was about 12 years old With the TRS-80 Color Computer first using Basic and the OS-9. I studied electronics for 3 years but became tired of worrying about "whatever happened to electrons in there" and moved to Mechanical Engineering. For a while I rested from the computer world until the Internet came stepping along. I started using FreeBSD around 1995 and soon fell in love with the idea of being able to install a complete version of UNIX from the net with just one floppy. After submitting a the 999th port to the FreeBSD project Walnut Creek was kind enough to give me a subscription for several years to FreeBSD's CD-ROM. Since then I've been on and off porting software packages or fixing the bugs I have caused while porting them. Of course there has always been great respect for the other BSDs and their wonderful license and while I've given up on the idea of one day seeing a "UnifiedBSD" I am glad to see different approaches sharing ideas in a healthful environment. Keywords: BSD, engineering, CAE, CAD, math, mechanical, FreeBSD ports

                                                                                                                                                          performance

                                                                                                                                                          peter hansteen

                                                                                                                                                          • Peter Hansteen - Building the Network You Need with PF, the OpenBSD packet filter
                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                            Added: 2009-05-25
                                                                                                                                                            Tags: bsdcan, bsdcan2009, tutorial, pf, openbsd, peter hansteen
                                                                                                                                                            Files: Slides (68 pages, 2.5 Mb)

                                                                                                                                                            Building the Network You Need with PF, the OpenBSD packet filter. Building the network you need is the central theme for any network admin. This tutorial is for aspiring or seasoned network professionals with at least a basic knowledge of networking in general and TCP/IP particular. The session aims at teaching tools and techniques to make sure you build your network to work the way it's supposed to, keeping you in charge. Central to the toolbox is the OpenBSD PF packet filter, supplemented with tools that interact with it. Whether you are a greybeard looking for ways to optimize your setups or a greenhorn just starting out, this session will give you valuable insight into the inner life of your network and provide pointers to how to use that knowledge to build the network you need. The session will also offer some fresh information on changes introduced in OpenBSD 4.5, the most recent version of PF and OpenBSD. The tutorial is loosely based on Hansteen's recent book, /The Book of PF/ (No Starch Press), with updates and adaptations based on developments since the book's publication date.

                                                                                                                                                          peter losher

                                                                                                                                                          peter n m hansteen

                                                                                                                                                          peter wemm

                                                                                                                                                          peternmhansteen

                                                                                                                                                            pf

                                                                                                                                                            • PF with Peter N. M. Hansteen
                                                                                                                                                              Source: bsdtalk
                                                                                                                                                              Added: 2007-December-21
                                                                                                                                                              Tags: bsdtalk, interview, pf, michael dexter, peter n m hansteen, book of pf
                                                                                                                                                              Files: MP3 version (7 Mb, 16 minutes), Ogg version (15 minutes)

                                                                                                                                                              An interview with Peter N. M. Hansteen, recorded by Michael Dexter on behalf of BSDTalk. If you would like to learn more about the PF firewall, check out "The Book of PF" which is available at http://nostarch.com/frameset.php?startat=pf

                                                                                                                                                            • Intro to PF with Jason Dixon
                                                                                                                                                              Source: bsdtalk
                                                                                                                                                              Added: 2007-04-01
                                                                                                                                                              Tags: bsdtalk, interview, pf, jason dixon
                                                                                                                                                              Files: MP3 version (12 Mb, 25 minutes), Ogg version (25 minutes)

                                                                                                                                                              Introduction to PF with Jason Dixon.

                                                                                                                                                            • Max Laier - PF - Extended Introduction
                                                                                                                                                              Source: Swiss Unix Users Group Conference 2004
                                                                                                                                                              Added: 2007-01-14
                                                                                                                                                              Tags: suug, presentation, pf, altq, max laier
                                                                                                                                                              Files: Slides (1 Mb), Video/MPEG (94 Mb), Audio/MP3 (22 Mb)

                                                                                                                                                              The talk will introduce packet filter (pf) - a *BSD firewall system - and summarize its history and projected future. After providing a short overview of pf's general functionality and some firewall basics, it will concentrate on packet filter's advanced feature-set from the administrator's point of view. The talk will also cover the integration of ALTQ, a mature framework for traffic shaping and priorization. Finally it will provide a short overview of the "Common Address Redundancy Protocol" (CARP) and its integration in pf.

                                                                                                                                                            • Okan Demirmen on PF
                                                                                                                                                              Source: New York City *BSD User Group
                                                                                                                                                              Added: 2007-01-07
                                                                                                                                                              Tags: nycbug, presentation, openbsd, pf, okan demirmen
                                                                                                                                                              Files: MP3 version

                                                                                                                                                              We have had lots of meetings that have peripherally discussed OpenBSD's wildly popular PF firewall... but finally we will have a meeting focused on it.

                                                                                                                                                            • Peter Hansteen - Building the Network You Need with PF, the OpenBSD packet filter
                                                                                                                                                              Source: BSDCan - The Technical BSD Conference
                                                                                                                                                              Added: 2009-05-25
                                                                                                                                                              Tags: bsdcan, bsdcan2009, tutorial, pf, openbsd, peter hansteen
                                                                                                                                                              Files: Slides (68 pages, 2.5 Mb)

                                                                                                                                                              Building the Network You Need with PF, the OpenBSD packet filter. Building the network you need is the central theme for any network admin. This tutorial is for aspiring or seasoned network professionals with at least a basic knowledge of networking in general and TCP/IP particular. The session aims at teaching tools and techniques to make sure you build your network to work the way it's supposed to, keeping you in charge. Central to the toolbox is the OpenBSD PF packet filter, supplemented with tools that interact with it. Whether you are a greybeard looking for ways to optimize your setups or a greenhorn just starting out, this session will give you valuable insight into the inner life of your network and provide pointers to how to use that knowledge to build the network you need. The session will also offer some fresh information on changes introduced in OpenBSD 4.5, the most recent version of PF and OpenBSD. The tutorial is loosely based on Hansteen's recent book, /The Book of PF/ (No Starch Press), with updates and adaptations based on developments since the book's publication date.

                                                                                                                                                            pfsense

                                                                                                                                                            • Isaac 'Ike' Levy on m0n0wall and PFSense
                                                                                                                                                              Source: New York City *BSD User Group
                                                                                                                                                              Added: 2006-09-09
                                                                                                                                                              Tags: nycbug, presentation, monowall, pfsense, isaac levy
                                                                                                                                                              Files:  (9 Mb)

                                                                                                                                                              UNIX professionals are busy these days. Setting up routers and firewalls are fundamental to any network, but in environments where the focus is on various applications, (servers, workstations, and the software that runs on them), it's difficult for a business not to choose off-the-shelf SOHO routers and networking gear. The web management GUIs are understandable by everyone, (even techs without UNIX knowledge), and the gear is cheap - this saves time and money. In the meantime, the features of your average Linksys or Netgear router often leave MUCH to be desired, (https auth management, for one simple example). Enter m0n0wall and PFSense, 2 BSD based packaged router/firewall solutions that are as solid and full featured as you'd expect from any BSD system- PLUS THEY HAVE HTML WEB INTERFACES FOR MANAGEMENT! m0n0wall and PFSense become an easy sell in any small professional environment, any competent tech can manage the network within minutes... At home, in every hackers home network, they free the hacker to have trusted tools available, but are as time-saving as using any Linksys router. m0n0wall and PFSense are both light and clean, designed to run on embedded systems- (Soekris, WRAP), but are monsters when unleashed on even legacy PCs around the office. If you manage UNIX networks and systems all day, do you really want to manage the router for your DSL when you get home? But then doesn't it bug you to use a chincey Linksys box? Ike has been a member of NYC*BUG since we first launched in January 2004. He is a long-time member of the Lower East Side Mac Unix User Group. He has spoken frequently on a number of topics at various venues, particularly on the issue of FreeBSD's jail (8).

                                                                                                                                                            • Chris Buechler and Scott Ullrich - pfSense: 2.0 and beyond
                                                                                                                                                              Source: BSDCan - The Technical BSD Conference
                                                                                                                                                              Added: 2009-05-25
                                                                                                                                                              Tags: bsdcan, bsdcan2009, presentation, pfsense, chris buechler, scott ullrich
                                                                                                                                                              Files: Slides (36 pages, 3.2 Mb)

                                                                                                                                                              pfSense: 2.0 and beyond From firewall distribution to appliance building platform pfSense is a BSD licensed customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. This session will start with an introduction to the project and its common uses, which have expanded considerably beyond firewalling. We will cover much of the new functionality coming in the 2.0 release, which contains significant enhancements to nearly every portion of the system as well as numerous new features. While the primary function of the project is a firewalling and routing platform, with changes coming in pfSense 2.0, it has also become an appliance building framework enabling the creation of customized special purpose appliances. The m0n0wall code where pfSense originated has proved popular for this purpose, with AskoziaPBX and FreeNAS also based upon it, in addition to a number of commercial solutions. The goal of this appliance building framework is to enable creation of projects such as these without having to fork and maintain another code base. The existing appliances, including a DNS server using TinyDNS, VoIP with FreeSWITCH, and others will be discussed. For those interested in creating appliances, an overview of the process will be provided along with references for additional information.

                                                                                                                                                            • Scott Ullrich, Chris Buechler - pfSense Tutorial
                                                                                                                                                              Source: BSDCan - The Technical BSD Conference
                                                                                                                                                              Added: 2008-05-28
                                                                                                                                                              Tags: bsdcan, bsdcan2008, tutorial, freebsd, pfsense, scott ullrich, chris buechler
                                                                                                                                                              Files: PDF file (91 pages, 4.1 Kb)

                                                                                                                                                              pfSense Tutorial From Zero to Hero with pfSense pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices. This tutorial is being presented by the founders of the pfSense project, Chris Buechler and Scott Ullrich. The session will start with an introduction to the project, hardware sizing and selection, installation, firewalling concepts and basic configuration, and continue to cover all the most popular features of the system. Common usage scenarios, deployment considerations, step by step configuration guidance, and best practices will be covered for each feature. Most configurations will be demonstrated in a live lab environment. Attendees are assumed to have basic knowledge of TCP/IP and firewalling concepts, however no in-depth knowledge in these areas or prior knowledge of pfSense or FreeBSD is necessary.

                                                                                                                                                            phil pereira

                                                                                                                                                            philip paeps

                                                                                                                                                            phillip coblentz

                                                                                                                                                            photos

                                                                                                                                                            pie

                                                                                                                                                              pierre yves ritschard

                                                                                                                                                                pierre-yves ritschard

                                                                                                                                                                pipes

                                                                                                                                                                  pkgsrc

                                                                                                                                                                  pkgsrccon

                                                                                                                                                                  plugfest

                                                                                                                                                                  • Sean Bruno - Firewire BoF Plugfest
                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                    Added: 2009-05-25
                                                                                                                                                                    Tags: bsdcan, bsdcan2009, presentation, firewire, plugfest, sean bruno
                                                                                                                                                                    Files: Slides (1 page, 37 Kb)

                                                                                                                                                                    Firewire BoF Plugfest Debugging and testing of Firewire products with FreeBSD Come one come all to a Firewire plugfest. Let's debug and test together and see if we can't knock out some features and bugs. A hands-on testing and debugging session of the Firewire stack in FreeBSD. Everyone who wishes to attend should bring their Firewire devices, ext Drives and Cameras, and their Laptops. I will be debugging and capturing data points to enhance and improve features in the Firewire stack. We should be able to knock out quite a bunch of bugs if folks can bring their various Firewire devices along with their various PCs. Even if your Firewire device works perfectly, bring it by so it can be documented as supported by the Firewire team!

                                                                                                                                                                  pmctools

                                                                                                                                                                  png

                                                                                                                                                                    podcast clients

                                                                                                                                                                    polish

                                                                                                                                                                    port manager

                                                                                                                                                                    portmgr

                                                                                                                                                                    ports

                                                                                                                                                                    • EuroBSDCon 2008 - Ion-Mihai Tetcu - Improving FreeBSD ports/packages quality
                                                                                                                                                                      Source: EuroBSDCon
                                                                                                                                                                      Added: 2008-October-22
                                                                                                                                                                      Tags: eurobsdcon, eurobsdcon2008, freebsd, ports, packages, ion-mihai tetcu
                                                                                                                                                                      Files: OGG (1 byte, 56 minutes), MP3 (1 byte, 56 minutes), PDF (1 byte, n pages)

                                                                                                                                                                      This talk is focused on ways to improve the quality of FreeBSD's ports and packages and it's partially based on the 5 months experience of writing and running the consecutive versions of "QA Tindy". Ion-Mihai "IOnut" Tetcu is a 28 years old FreeBSD ports committer and maintains about 40 ports scattered in the Ports Tree. He lives in Bucharest, Romania where he runs and co-owns an IT company and he's a member of Romanian FreeBSD and FreeUnix User Group (RoFUG). His non-IT interests include history, philosophy and mountain climbing.

                                                                                                                                                                    • FreeBSD: using ports system
                                                                                                                                                                      Source: Linux and FreeBSD video tutorials. For everyone.
                                                                                                                                                                      Added: 2007-05-03
                                                                                                                                                                      Tags: unix-tutorial, flash, freebsd, ports

                                                                                                                                                                      Using ports system in FreeBSD to install etherape.

                                                                                                                                                                    • Kris Moore - Building self-contained PBIs from Ports (Automagically)
                                                                                                                                                                      Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                      Added: 2008-05-26
                                                                                                                                                                      Tags: bsdcan, bsdcan2008, slides, pc-bsd, ports, pbi, kris moore
                                                                                                                                                                      Files: PDF file (26 pages, 120 Kb)

                                                                                                                                                                      Building self-contained PBIs from Ports (Automagically) Creating a self-contained application from the ports tree PC-BSD provides a user-friendly desktop experience, for experts and casual users alike. PC-BSD is 100% FreeBSD under the hood, while providing desktop essentials, such as a graphical installation system, point-n-click package-management using the PBI system, and easy to use system management tools; All integrated into an easy to use K Desktop Environment (KDE). The PBI (Push Button Installer) format is the cornerstone of the PC-BSD desktop, which allows users to install applications in a self-contained format, free from dependency problems, and compile issues that stop most casual users from desktop adoption. The PBI format also provides power and flexibility in user interaction, and scripting support, which allows applications to be fine-tuned to the best possible user experience. This talk would go over in some detail our new PBI building system, which converts a FreeBSD port, such as FireFox, into a standalone self-contained PBI installer for PC-BSD desktops. The presentation will be divided into two main sections: The Push Button Installer (PBI) Format The basics of the PBI format The PBI format construction Add & Remove scripting support within PBI Building PBIs from Ports "Auto-magically" The PBI build server & standalone software Module creation & configuration Converting messy ports into PBIs

                                                                                                                                                                    • BSDCan-2007 - Videos
                                                                                                                                                                      Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                      Added: 2007-08-14
                                                                                                                                                                      Tags: bsdcan, bsdcan2007, talks, erwin lansing, ports
                                                                                                                                                                      Files: MOV file (20 minutes, 39 Mb)

                                                                                                                                                                      The 2007 BSDCan conference Erwin Lansing - The state of the FreeBSD Ports Tree

                                                                                                                                                                    • Server deployment in mass-hosting environment using FreeBSD Ports system by Stanislav Sedov (in russian)
                                                                                                                                                                      Source: Hostobzor, the Russian conference of hosting provider
                                                                                                                                                                      Added: 2008-November-24
                                                                                                                                                                      Tags: hostobzor, hostobzor12, freebsd, ports, stanislav sedov, russian
                                                                                                                                                                      Files: PDF version (61 Kb, 5 pages), PDF version (470 Kb, 30 pages)

                                                                                                                                                                      Recently I have been attending Hostobzor 12th, the Russian conference of hosting providers, beeing held at Raivola hotel near St. Petersburg. The event was great as always thanks to organizers. There was a number of intersting talks given, a lot of interesting discussions held, and, what I appreciate better, a lot of new people with great ideas met. I gave a talk on using the FreeBSD Ports system to mange a large-scale virtual hosting installations based on Hosting Telesystems experience. I tried to describe in detail how we use the ports collection to deploy a large number of servers diverced by architecture and OS versions, how we build packages and distribute them among servers, talked about how we use Mercurial VCS to incrementally merge upstream changes into our modified ports collection and FreeBSD src trees. Hopefully, I've not screwed it much... At least, some people was interested a lot and asked interesting questions.

                                                                                                                                                                    ports collection

                                                                                                                                                                    portsnap

                                                                                                                                                                    postfix

                                                                                                                                                                    • Postfix Performance Tuning
                                                                                                                                                                      Source: New York City *BSD User Group
                                                                                                                                                                      Added: 2009-02-21
                                                                                                                                                                      Tags: nycbug, presentation, postfix, john mashey
                                                                                                                                                                      Files: MP3 version (11 Mb)

                                                                                                                                                                      Money can buy you bandwidth, but latency is forever! John Mashey, MIPS Victor will cover an array of issues connected to Postfix performance tuning, including: Latency, concurrency and throughput Postfix input processing Queue file format rationale Input processing bottlenecks Pre-queue filters, milters, content filters Tuning for fast (enough) input Postfix on-disk queues, requirements and architecture What is a "transport"? Postfix "nqmgr" scheduler algorithm Per-destination in memory queues Per-destination scheduler controls SMTP delivery Understanding delay logging Transport process limits, concurrency limits Scaling to thousands of output processes Connection caching, TLS session caching, feedback controls Speaker Bio Victor Duchovni trained in mathematics, switched tracks to CS in 1980s leaving Princeton with a master's degree in mathematics and newly acquired skills in Unix system administration and system programming. In 1990 moved to Lehman Brothers, worked on system management tooling, and network engineering. Ported "Moira" from MIT to Lehman, built efficient build systems that predated (and partly inspired) Jumpstart. In 1994 joined ESM to market "CMDB" tools to enterprise users, but this did not pan out, in the mean time learned Tcl, and contributed bunch of patches to the 7.x early 8.x TCL releases. In 1997 returned to New York, working in IT Security at Morgan Stanley since late 1999. At Morgan Stanley, developed a hobby in perimeter email security, becoming an active Postfix user and very soon contributor in May of 2001. In addition to many smaller feature improvements, contributed initial implementation of SMTP connection caching, overhauled and currently maintain LDAP and TLS support. Made significant design contributions to queue manager in collaboration with Wietse and Patrik Raq. In 2.6 contributing support for TLS EC ciphers and multi-instance management tooling, ideally also TLS SNI if time permits.

                                                                                                                                                                    postgresql

                                                                                                                                                                    poul-henning kamp

                                                                                                                                                                    ppt

                                                                                                                                                                      presentation

                                                                                                                                                                      • Marshall Kirk McKusick at DCBSDCon
                                                                                                                                                                        Source: bsdtalk
                                                                                                                                                                        Added: 2009-02-21
                                                                                                                                                                        Tags: bsdtalk, presentation, bsd, history, kirk mckusick
                                                                                                                                                                        Files: MP3 version (26 Mb, 55 minutes), Ogg version (55 minutes)

                                                                                                                                                                        A recording of Marshall Kirk McKusick's talk "A Narrative History of BSD" at DCBSDCon this past weekend. You can get a much more complete history here: http://www.mckusick.com/history/index.html

                                                                                                                                                                      • Using BSD in SchmooCon Labs
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-05-24
                                                                                                                                                                        Tags: youtube, presentation, dcbsdcon, dcbsdcon2009, bsd, schmoocon, ken caruso
                                                                                                                                                                        Files: Flash (35:08)

                                                                                                                                                                        Using BSD in SchmooCon Labs DCBSDCon 2009, Ken Caruso clive URL: http://www.youtube.com/watch?v=9ZhfuP4jghY

                                                                                                                                                                      • Sleeping Beauty - NetBSD on Modern laptops
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-05-24
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, netbsd, laptops, jorg sonnenberger
                                                                                                                                                                        Files: Flash (1:20:56)

                                                                                                                                                                        P9A: Sleeping Beauty - NetBSD on Modern Laptops AsiaBSDCon 2008, Jorg Sonnenberger clive URL: http://www.youtube.com/watch?v=v9ygBFjGR50

                                                                                                                                                                      • OpenBSD Network Stack Internals
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-05-24
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, openbsd, claudio jeker
                                                                                                                                                                        Files: Flash (53:41)

                                                                                                                                                                        P8A: OpenBSD Network Stack Internals AsiaBSDCon 2008, Claudio Jeker clive URL: http://www.youtube.com/watch?v=V85It0dGUF4

                                                                                                                                                                      • P6A: A Portable iSCSI Initiator
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-05-24
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, iscsi, alistair crooks
                                                                                                                                                                        Files: Flash (40:57)

                                                                                                                                                                        P3B: A Portable iSCSI Initiator AsiaBSDCon 2008, Alistair Crooks clive URL: http://www.youtube.com/watch?v=MiZY7PMu7Ic

                                                                                                                                                                      • P3B: BSD Implementations of XCAST6
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-03-27
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, xcast6, yuji imai
                                                                                                                                                                        Files: Flash (55:42)

                                                                                                                                                                        P3B: BSD Implementations of XCAST6 AsiaBSDCon 2008, Yuji Imai clive URL: http://www.youtube.com/watch?v=g1Ga48smqyI

                                                                                                                                                                      • P5A: Logical Resource Isolation in the NetBSD Kernel
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-03-27
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, netbsd, kristaps dzonsons
                                                                                                                                                                        Files: Flash (56:29)

                                                                                                                                                                        P5A: Logical Resource Isolation in the NetBSD Kernel AsiaBSDCon 2008, Kristaps Dzonsons clive URL: http://www.youtube.com/watch?v=c63VneyQI-k

                                                                                                                                                                      • P4B: Send and Receive of File System Protocols: Userspace Approach With puffs
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-03-27
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, puffs, antti kantee
                                                                                                                                                                        Files: Flash (47:29)

                                                                                                                                                                        P4B: Send and Receive of File System Protocols: Userspace Approach With puffs AsiaBSDCon 2008, Antti Kantee clive URL: http://www.youtube.com/watch?v=ziGeB8iRA0c

                                                                                                                                                                      • P1B: Tracking FreeBSD in a Commercial Setting
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-03-27
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, freebsd, warner losh
                                                                                                                                                                        Files: Flash (33:40)

                                                                                                                                                                        P1B: Tracking FreeBSD in a Commercial Setting AsiaBSDCon 2008, M. Warner Losh clive URL: http://www.youtube.com/watch?v=VaZ9Ef04bJg

                                                                                                                                                                      • A Brief History of the BSD Fast Filesystem, Kirk McKusick
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-03-13
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, bsd fast filesystem, kirk mckusick
                                                                                                                                                                        Files: Flash (42:01)

                                                                                                                                                                        A Brief History of the BSD Fast Filesystem, Kirk McKusick AsiaBSDCon 2008, Dr. Kirk McKusick clive URL: http://www.youtube.com/watch?v=tzieR5MM06M

                                                                                                                                                                      • PC-BSD, Matt Olander, AsiaBSDCon 2008
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-02-21
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, pc-bsd, matt olander
                                                                                                                                                                        Files: Flash (28:50)

                                                                                                                                                                        PC-BSD, Matt Olander, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=N0q37X-MJzY

                                                                                                                                                                      • Using FreeBSD to Promote Open Source Development Methods, Brooks Davis, AsiaBSDCon 2008
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-02-21
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, freebsd, promotion, open source development models, brooks davis
                                                                                                                                                                        Files: Flash (30:07)

                                                                                                                                                                        Using FreeBSD to Promote Open Source Development Methods, Brooks Davis, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=4lcrinKBMas

                                                                                                                                                                      • GEOM - in Infrastructure We Trust, Pawel Jakub Dawidek, AsiaBSDCon 2008
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-02-21
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, geom, pawel jakub dawidek
                                                                                                                                                                        Files: Flash (46:38)

                                                                                                                                                                        GEOM - in Infrastructure We Trust, Pawel Jakub Dawidek, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=xMpmOezBJZo

                                                                                                                                                                      • Reducing Lock Contention in a Multi-Core System, Randall Stewart, AsiaBSDCon 2008
                                                                                                                                                                        Source: YouTube bsdconferences channel
                                                                                                                                                                        Added: 2009-02-21
                                                                                                                                                                        Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, multicore, lock contention, randall stewart
                                                                                                                                                                        Files: Flash (28:12)

                                                                                                                                                                        Reducing Lock Contention in a Multi-Core System, Randall Stewart, AsiaBSDCon 2008 clive URL: http://www.youtube.com/watch?v=OQOMva1SmbY

                                                                                                                                                                      • Lousy virtualization, Happy users: FreeBSD's jail(2) facility
                                                                                                                                                                        Source: UKUUG
                                                                                                                                                                        Added: 2007-04-02
                                                                                                                                                                        Tags: ukuug, presentation, freebsd, jails, poul-henning kamp
                                                                                                                                                                        Files: Slides (2.7 Mb)

                                                                                                                                                                        Lousy virtualization, Happy users: FreeBSD's jail(2) facility by Poul-Henning Kamp (phk@FreeBSD.org)

                                                                                                                                                                      • Poul-Henning Kamp - GBDE -- Spook strength disk encryption
                                                                                                                                                                        Source: Swiss Unix Users Group Conference 2004
                                                                                                                                                                        Added: 2007-01-14
                                                                                                                                                                        Tags: suug, presentation, gbde, poul-henning kamp
                                                                                                                                                                        Files: Paper (104 Kb), Slides (113 Kb)

                                                                                                                                                                        GBDE is a disk encryption facility designed with both usability and strength as requirements and it attempts to protect both the user and the data. The talk is about avoiding self-deceiving analysis, how to make real world usable cryptography and generally protect yourself and your data. Required skill level: Laptop user.

                                                                                                                                                                      • Max Laier - PF - Extended Introduction
                                                                                                                                                                        Source: Swiss Unix Users Group Conference 2004
                                                                                                                                                                        Added: 2007-01-14
                                                                                                                                                                        Tags: suug, presentation, pf, altq, max laier
                                                                                                                                                                        Files: Slides (1 Mb), Video/MPEG (94 Mb), Audio/MP3 (22 Mb)

                                                                                                                                                                        The talk will introduce packet filter (pf) - a *BSD firewall system - and summarize its history and projected future. After providing a short overview of pf's general functionality and some firewall basics, it will concentrate on packet filter's advanced feature-set from the administrator's point of view. The talk will also cover the integration of ALTQ, a mature framework for traffic shaping and priorization. Finally it will provide a short overview of the "Common Address Redundancy Protocol" (CARP) and its integration in pf.

                                                                                                                                                                      • Poul-Henning Kamp - Old mistakes repeated (but you do get the source code now)
                                                                                                                                                                        Source: Swiss Unix Users Group Conference 2004
                                                                                                                                                                        Added: 2007-01-14
                                                                                                                                                                        Tags: suug, presentation, unix, mistakes, poul-henning kamp
                                                                                                                                                                        Files: Slides (65 Kb)

                                                                                                                                                                        UNIX is the best operating system ever designed so everybody is running UNIX on their computer, right ? This presentation takes a partisan looks a why UNIX never became a big success in the eighties, failed to win the market in the nineties, and still struggles in the market in the new millennium. Poul-Henning will take a critical look at the mistakes of the past and the mistakes of the present and try to make it really clear what needs to happen for UNIX to become a real success.

                                                                                                                                                                      • EuroBSDCon 2008 - Constantine Murenin - OpenBSD Hardware Sensors Framework
                                                                                                                                                                        Source: EuroBSDCon
                                                                                                                                                                        Added: 2008-October-22
                                                                                                                                                                        Tags: eurobsdcon, eurobsdcon2008, presentation, openbsd, hardware sensors, constantine murenin
                                                                                                                                                                        Files: PDF (539395 bytes, 38 pages)

                                                                                                                                                                        In this talk, we will discuss the past and present history and the design principles of the OpenBSD hardware sensors framework. Sensors framework provides a unified interface for storing, registering and accessing information about hardware monitoring sensors. Sensor types include, but are not limited to, temperature, voltage, fan RPM, time offset and logical drive status. The framework spans sensor_attach(9), sysctl(3), sysctl(8), sensorsd(8), ntpd(8), snmpd(8) and more than 67 drivers, ranging from I2C temperature sensors and Super I/O hardware monitors to IPMI, RAID and SCSI enclosures. Several third-party tools are also available, for example, a plug-in for Nagios and ports/sysutils/symon. Originally based on some ideas from NetBSD, the framework has sustained many improvements in OpenBSD, and was ported and committed to FreeBSD and DragonFly BSD. Constantine A. Murenin is an MMath graduate student at the David R. Cheriton School of Computer Science at the University of Waterloo (CA). Prior to his graduate appointment, Constantine attended and subsequently graduated from East Carolina University (US) and De Montfort University (UK), receiving two bachelor degrees in computer science, with honors and honours respectively. A FreeBSD Google Summer of Code 2007 Student, OpenBSD Committer and Mozilla Contributor, Constantine's interests range from standards compliance and usability at all levels, to quiet computing and hardware monitoring. http://Constantine.SU/

                                                                                                                                                                      • The presentation I gave at SUCON 04
                                                                                                                                                                        Source: Andre Opperman
                                                                                                                                                                        Added: 2007-01-14
                                                                                                                                                                        Tags: sucon, presentation, freebsd, networking, andre opperman
                                                                                                                                                                        Files: FreeBSD-5.3-Networking.pdf (115 Kb)

                                                                                                                                                                        The presentation I gave at SUCON 04 on 2nd September 2004 about enhancements/changes in FreeBSD 5.3 Networking Stack.

                                                                                                                                                                      • What's your biggest Time Management problem?
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2009-03-13
                                                                                                                                                                        Tags: nycbug, presentation, time management, tom limoncelli
                                                                                                                                                                        Files: MP3 version (11 Mb)

                                                                                                                                                                        What's your biggest Time Management problem? Tom Limoncelli is a FreeBSD user and the author of the O'Reilly book,"Time Management for System Administrators". He'll be giving a brief presentation with highlights from his book then will take questions from the audience. Whether you are a system administrator, a developer (or even a Linux user) this presentation will help you with something more precious a quad-processor AMD box.

                                                                                                                                                                      • Postfix Performance Tuning
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2009-02-21
                                                                                                                                                                        Tags: nycbug, presentation, postfix, john mashey
                                                                                                                                                                        Files: MP3 version (11 Mb)

                                                                                                                                                                        Money can buy you bandwidth, but latency is forever! John Mashey, MIPS Victor will cover an array of issues connected to Postfix performance tuning, including: Latency, concurrency and throughput Postfix input processing Queue file format rationale Input processing bottlenecks Pre-queue filters, milters, content filters Tuning for fast (enough) input Postfix on-disk queues, requirements and architecture What is a "transport"? Postfix "nqmgr" scheduler algorithm Per-destination in memory queues Per-destination scheduler controls SMTP delivery Understanding delay logging Transport process limits, concurrency limits Scaling to thousands of output processes Connection caching, TLS session caching, feedback controls Speaker Bio Victor Duchovni trained in mathematics, switched tracks to CS in 1980s leaving Princeton with a master's degree in mathematics and newly acquired skills in Unix system administration and system programming. In 1990 moved to Lehman Brothers, worked on system management tooling, and network engineering. Ported "Moira" from MIT to Lehman, built efficient build systems that predated (and partly inspired) Jumpstart. In 1994 joined ESM to market "CMDB" tools to enterprise users, but this did not pan out, in the mean time learned Tcl, and contributed bunch of patches to the 7.x early 8.x TCL releases. In 1997 returned to New York, working in IT Security at Morgan Stanley since late 1999. At Morgan Stanley, developed a hobby in perimeter email security, becoming an active Postfix user and very soon contributor in May of 2001. In addition to many smaller feature improvements, contributed initial implementation of SMTP connection caching, overhauled and currently maintain LDAP and TLS support. Made significant design contributions to queue manager in collaboration with Wietse and Patrik Raq. In 2.6 contributing support for TLS EC ciphers and multi-instance management tooling, ideally also TLS SNI if time permits.

                                                                                                                                                                      • Introduction to Puppet
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2009-01-19
                                                                                                                                                                        Tags: nycbug, presentation, puppet, larry ludwig
                                                                                                                                                                        Files: MP3 version (11 Mb)

                                                                                                                                                                        What it is and how can it make system administration less painful About the speaker: Larry Ludwig - Principal Consultant/Founder of Empowering Media. Empowering Media is a consulting firm and managed hosting provider. Larry Ludwig has been in the industry for over 15 years as a system administration and system programmer. He's had previous experience working for many Fortune 500 corporations and holds a BS in CS from Clemson University. Larry, along with Eric E. Moore and Brian Gupta are founding members of the NYC Puppet usergroup.

                                                                                                                                                                      • Hardware Performance Monitoring Counters
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-November-16
                                                                                                                                                                        Tags: nycbug, presentation, george neville-neil, counters
                                                                                                                                                                        Files: MP3 version (4 Mb)

                                                                                                                                                                        Many modern CPUs provide on chip counters for performance events such as retiring instructions and cache misses. The hwpmc driver and libraries in FreeBSD give systems administrators and programmers access to APIs which make it possible to measure performance without modifying source code and with minimal intrusion into application execution. This talk will be a brief introduction to HWPMC, and how to use it. Bio: George Neville-Neil is the co-author with Kirk McKusick of The Design and Implementation of the FreeBSD Operating System. He works on networking an operating systems for fun and profit.

                                                                                                                                                                      • New York City BSD Con 2008: BSD v. GPL - a.k.a. not the sequel to "BSD is Dying"
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-October-14
                                                                                                                                                                        Tags: nycbsdcon, nycbsdcon2008, presentation, humor, bsd versus gpl, jason dixon
                                                                                                                                                                        Files: MP4 (15 Mb)

                                                                                                                                                                        BSD vs GPL is a sweeping epic, focused on the dichotomy between good and evil. It peers inside the hearts and minds of the creators of these movements and dissects their battle for world domination. No common documentary will dare to follow the path that BSD vs GPL blazes.

                                                                                                                                                                      • New York City BSD Con 2008
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-November-24
                                                                                                                                                                        Tags: nycbsdcon2008, nycbsdcon, presentation
                                                                                                                                                                        Files: Adrian Chadd: High-throughput concurrent disk IO in FreeBSD. (197 Kb, 92 pages), Metthew Dillon: The HAMMER File System. (820 Kb, 16 pages), Anders Magnusson: Design and Implementation of the Portable C Compiler. (123 Kb, 29 pages), Kurt Miller: OpenBSD's Position Independent Executables (PIE) Implementation. (21 pages), Mike Silbersack: Detecting TCP regressions with tcpdiff. (88 Kb, 28 pages), Jason L Wright: When Hardware Is Wrong, or "They can Fix It In Software". (1.7 Mb, 22 pages), Julio M. Merino Vidal: An introduction to the Automated Testing Framework (ATF) for NetBSD. (570 Kb, 18 pages)

                                                                                                                                                                        Slides of presentations given at New York City BSD Conference 2008.

                                                                                                                                                                      • New York City BSD Con 2008
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-October-13
                                                                                                                                                                        Tags: nycbsdcon2008, nycbsdcon, presentation
                                                                                                                                                                        Files: Adrian Chadd: High-throughput concurrent disk IO in FreeBSD. (14 Mb), Jason L Wright: When Hardware Is Wrong, or "They can Fix It In Software". (9 Mb), Metthew Dillon: The HAMMER File System. (14 Mb), Anders Magnusson: Design and Implementation of the Portable C Compiler. (15 Mb), Michael Shalayeff: Porting PCC.  (11 Mb), Julio M. Merino Vidal: An introduction to the Automated Testing Framework (ATF) for NetBSD. (10 Mb), Jeremy C. Reed: Introduction to DNSSEC. (15 Mb), Jason Dixon: BSD versus GPL. (4 Mb), Pawel Jakub Dawidek: A closer look at the ZFS file system. (16 Mb), Kurt Miller: OpenBSD's Position Independent Executables (PIE) Implementation. (10 Mb), Mike Silbersack: Detecting TCP regressions with tcpdiff. (11 Mb), Michael Lucas: Network Refactoring, or doing an oil change at 80 MPH. (10 Mb)

                                                                                                                                                                        Audio recordings of presentations given at New York City BSD Conference 2008. Courtesy of nikolai at fetissov.org. The main page also has links to the slides.

                                                                                                                                                                      • Public Key sudo
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-08-19
                                                                                                                                                                        Tags: nycbug, presentation, sudo, public key, matthew burnside
                                                                                                                                                                        Files: MP3 version (2 Mb)

                                                                                                                                                                        Two tools which have become the norm in Linux- and Unix-based environments are SSH for secure communications, and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this talk, I describe a flaw in their interaction, and then present our solution called public-key sudo. Public-key sudo is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. I describe our implementation of a generic SSH authentication module and the sudo modifications required to use this module. Bio: Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His research interests are in network anonymity, trust management, and enterprise-scale policy enforcement.

                                                                                                                                                                      • Configuration Management with Cfengine
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-07-03
                                                                                                                                                                        Tags: nycbug, presentation, configuration management, cfengine
                                                                                                                                                                        Files: MP3 version (58 minutes, 6 Mb)

                                                                                                                                                                        Configuration Management with Cfengine Cfengine is a policy-based configuration management system. Its primary function is to provide automated configuration and maintenance of computers, from a policy specification. The cfengine project was started in 1993 as a reaction to the complexity and non-portability of shell scripting for Unix configuration management, and continues today. The aim was to absorb frequently used coding paradigms into a declarative, domain-specific language that would offer self-documenting configuration. about the speaker: Steven Kreuzer has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.

                                                                                                                                                                      • Managing OpenBSD Environments
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-05-12
                                                                                                                                                                        Tags: nycbug, presentation, openbsd, system management
                                                                                                                                                                        Files: MP3 version (103 minutes, 11 Mb)

                                                                                                                                                                        This talk is the result of an after-meeting discussion with a few folks, when it became apparent that there is some confusion as to how to deal with OpenBSD in small and large environments. The topic of installation and upgrading came up again. This talk is aimed to hopefully dispel many of the rumors, provide a thorough description and walk through of the various stages of running OpenBSD in any size environment, and some of the features and tools at the administrator's disposal. Okan Demirmen has been working with UNIX-like systems for as long as he can remember and has found OpenBSD to match some of the same philosophies in which he believes, namely simplicity and correctness, and reap the benefits of such.

                                                                                                                                                                      • Building a High-Performance Computing Cluster Using FreeBSD
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-03-22
                                                                                                                                                                        Tags: nycbug, presentation, high performance computing, freebsd, brooks davis
                                                                                                                                                                        Files: MP3 version (80 minutes, 9 Mb)

                                                                                                                                                                        Special NYC*BUG meeting with FreeBSD developer Brooks Davis Since late 2000 we have developed and maintained a general purpose technical and scientific computing cluster running the FreeBSD operating system. In that time we have grown from a cluster of 8 dual Intel Pentium III systems to our current mix of 64 dual, quad-core Intel Xeon and 289 dual AMD Opteron systems. In this talk we reflect on the system architecture as documented in our BSDCon 2003 paper "Building a High-performance Computing Cluster Using FreeBSD" and our changes since that time. After a brief overview of the current cluster we revisit the architectural decisions in that paper and reflect on their long term success. We then discuss lessons learned in the process. Finally, we conclude with thoughts on future cluster expansion and designs. Bio Brooks Davis is an Engineering Specialist in the High Performance Computing Section of the Computer Systems Research Department at The Aerospace Corporation. He has been a FreeBSD user since 1994, a FreeBSD committer since 2001, and a core team member since 2006. He earned a Bachelors Degree in Computer Science from Harvey Mudd College in 1998. His computing interests include high performance computing, networking, security, mobility, and, of course, finding ways to use FreeBSD in all these areas. When not computing, he enjoys reading, cooking, brewing and pounding on red-hot iron in his garage blacksmith shop.

                                                                                                                                                                      • User Interfaces and How People Think
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-03-10
                                                                                                                                                                        Tags: nycbug, presentation, user interfaces
                                                                                                                                                                        Files: MP3 version (78 minutes, 9 Mb)

                                                                                                                                                                        "User Interfaces and How People Think" will introduce concepts of designing software for different users by observing how they think about and do what they do. While much of design today focuses on the front-end of computer systems, there is opportunity to innovate in every area where a human interacts with software. Bio: Jeffery Mau is a user experience designer with the leading business and technology consulting firm Sapient. He has helped clients create great customer experiences in the financial services, education, entertainment and telecommunications industries. With a passion for connecting people with technology, Jeff specializes in Information Architecture and Business Strategy. Jeff holds a Masters in Design from the IIT Institute of Design in Chicago, Illinois.

                                                                                                                                                                      • Open Meeting on OpenSSH
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-02-19
                                                                                                                                                                        Tags: nycbug, presentation, openssh
                                                                                                                                                                        Files: MP3 version (63 minutes, 7 Mb)

                                                                                                                                                                        Open Meeting on OpenSSH Febrary's NYCBUG meeting is a broad look at OpenSSH, the de facto method for remote administration and more. OpenSSH celebrated its 8th anniversary this past September, and we thought this would be a great opportunity to discuss OpenSSH, and for others to contribute their hacks and interesting applications.

                                                                                                                                                                      • SSARES
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-01-11
                                                                                                                                                                        Tags: nycbug, presentation, ipv6, gene cronk
                                                                                                                                                                        Files: MP3 version (67 minutes, 7 Mb), Paper (10 pages, 443 Kb)

                                                                                                                                                                        SSARES: Secure Searchable Automated Remote Email Storage - A usable, secure email system on a remote untrusted server The increasing centralization of networked services places user data at considerable risk. For example, many users store email on remote servers rather than on their local disk. Doing so allows users to gain the benefit of regular backups and remote access, but it also places a great deal of unwarranted trust in the server. Since most email is stored in plaintext, a compromise of the server implies the loss of confidentiality and integrity of the email stored therein. Although users could employ an end-to-end encryption scheme (e.g., PGP), such measures are not widely adopted, require action on the sender side, only provide partial protection (the email headers remain in the clear), and prevent the users from performing some common operations, such as server-side search. To address this problem, we present Secure Searchable Automated Remote Email Storage (SSARES), a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. Our solution encrypts email (the headers, body, and attachments) as it arrives on the server using public-key encryption. SSARES uses a combination of Identity Based Encryption and Bloom Filters to create a searchable index. This index reveals little information about search keywords and queries, even against adversaries that compromise the server. SSARES remains largely transparent to both the sender and recipient. However, the system also incurs significant costs, primarily in terms of expanded storage requirements. We view our work as a starting point toward creating privacy-friendly hosted services. Angelos Keromytis is an Associate Professor with the Department of Computer Science at Columbia University, and director of the Network Security Laboratory. He received his B.Sc. in Computer Science from the University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer and Information Science (CIS) Department, University of Pennsylvania. He is the author and co-author of more than 100 papers on refereed conferences and journals, and has served on over 40 conference program committees. He is an associate editor of the ACM Transactions on Information and Systems Security (TISSEC). He recently co-authored a book on using graphics cards for security, and is a co-founder of StackSafe Inc. His current research interests revolve around systems and network security, and cryptography.

                                                                                                                                                                      • Gene Cronk on Implementing IPv6
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2007-October-06
                                                                                                                                                                        Tags: nycbug, presentation, ipv6, gene cronk
                                                                                                                                                                        Files: MP3 version (60 minutes, 14Mb)

                                                                                                                                                                        This talk will be on some of the basics of IPv6 including addressing, subnetting, and tools to test connectivity. There will be a lab (network permitting), and setups for an as of yet undisclosed flavor of BSD as well as some of the well known daemons (Apache 2, SSHD) will be demonstrated. Setting up a BSD OS as an IPv6 router and tunneling system will also be covered. Bio Gene Cronk, CISSP-ISSAP, NSA-IAM is a freelance network security consultant, specializing in *NIX solutions. He has been working with computers for well over 20 years, electronics for over 15, and IPv6 specifically for 4 years. He has given talks on IPv6 and a multitude of other topics at DefCon, ShmooCon and other "underground" venues. Gene is from Jacksonville, FL. When not involved in matters concerning IPv6, he can be found gaming (Anarchy Online), helping out with the Jacksonville Linux User's Group, being one of the benevolent dictators of the Hacker Pimps Security Think Tank, or fixing up his house.

                                                                                                                                                                      • Using Cryptography to Improve Web Application Performance and Security
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2007-09-12
                                                                                                                                                                        Tags: nycbug, presentation, cryptography, nick galbreath
                                                                                                                                                                        Files: MP3 version (18Mb)

                                                                                                                                                                        Cryptography has a reputation of slowing down applications. However if done correctly, it can actually be used to improve performance by storing high-value/high-cost results "in public." In addition the same techniques can solve common security problems such as authorization, parameter scanning, and parameter rewriting. All are welcome - no previous experience with cryptography is required, and the techniques will be presented in a programming-language neutral format. Nick Galbreath have been working on high performance servers and web security at various high profile startups since 1994 (most recently Right Media). He holds a Master degree of Mathematics from Boston University, and published a book on cryptography. He currently lives in the Lower East Side.

                                                                                                                                                                      • Marc Spitzer on Nagios
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2007-08-01
                                                                                                                                                                        Tags: nycbug, presentation, nagios, marc spitzer
                                                                                                                                                                        Files: MP3 version (19Mb)

                                                                                                                                                                        Nagios is a platform for monitoring services and the hosts they reside on. It provides a reasonable tool for monitoring your network and you can not beat the price. We plan on covering the following topics: what it is how it works where to get it how to install it how to configure it how to customize it for your environment where the data is stored how to write a basic plug-in About the Speaker Marc Spitzer started as a VAX/VMS operator who taught himself some basic scripting in DCL to help me remember how to do procedures that did not come up enough to actually remember all the steps, this was in 1990. Since then he has worked with HPUX, Solaris, Windows, Linux, and the BSDs, FreeBSD being his favorite. He has held a variety of positions, admin and engineering, where he has been able to introduce BSD into his work place. He currently works for Columbia University as a Systems Administrator. He is a founding member of NYCBUG and LispNYC and on the board of UNIGroup. Most of his career has been building tools to solve operational problems, with extra effort going to the ones that irritated him personally. He takes a great deal of pride in not needing a budget to solve most problems.

                                                                                                                                                                      • Isaac 'Ike' Levy on the Real Unix Tradition
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2007-07-08
                                                                                                                                                                        Tags: nycbug, presentation, unix tradition, isaac levy
                                                                                                                                                                        Files: MP3 version (10Mb)

                                                                                                                                                                        "The Real Unix Tradition" UNIX hackers, all standing on the shoulders of giants. "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 "Well, it was all Open Source, before anybody really called it that". - Brian Redman, 2003 UNIX is the oldest active and growing computing culture alive today. From it's humble roots in the back room at Bell Laboratories, to today's global internet infrastructure- UNIX has consistently been at the core of major advances in computing. Today, the BSD legacy is the most direct continuation of the most successful principles in UNIX, and continues to lead major advances in computing. Why? What's so great about UNIX? This lecture aims to prove that UNIX history is surprisingly useful (and fun)- for developers, sysadmins, and anyone working with BSD systems. About the speaker Isaac Levy, (ike) is a freelance BSD hadker based in NYC. He runs Diversaform Inc. as an engine to make his hacking feed itself, (and ike). Diversaform specializes in *BSD based solutions, providing 'IT special weapons and tatics' for various sized business clients, as well as running a small high-availability datacenter operation from lower Manhattan. With regard to FreeBSD jail(8), ike was a partner in the first jail (8)-based web hosting ISP in America, iMeme, and has been developing internet applications in and out of jails since 1999. Isaac is a proud member of NYC*BUG (the New York City *BSD Users Group), and a long time member of LESMUUG, (the Lower East Side Mac Unix Users Group).

                                                                                                                                                                      • Steven Kreuzer on Denial of Service Mitigation Techniques
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2007-06-08
                                                                                                                                                                        Tags: nycbug, presentation, denialofservice, steven kreuzer
                                                                                                                                                                        Files: MP3 version (10Mb)

                                                                                                                                                                        Protecting your servers, workstations and networks can only go so far. Attacks which consume your available Internet-facing bandwidth, or overpower your CPU, can still take you offline. His presentation will discuss techniques for mitigating the effects of such attacks on servers designed to provide network intensive services such as HTTP or routing. About the speaker Steven Kreuzer is currently employed by Right Media as a Systems Administrator focusing on building and managing high transaction infrastructures around the globe. He has been working with Open Source technologies since as long as he can remember, starting out with a 486 salvaged from a dumpster behind his neighborhood computer store. In his spare time he enjoys doing things with technology that have absolutely no redeeming social value.

                                                                                                                                                                      • Amitai Schlair on pkgsrcCon.
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2007-05-04
                                                                                                                                                                        Tags: nycbug, presentation, pkgsrccon, netbsd, amitai schlair
                                                                                                                                                                        Files: MP3 version (21Mb)

                                                                                                                                                                        The fourth annual pkgsrcCon is April 27-29 in Barcelona. As might be expected when brains congregate, pkgsrcCon traditionally results in a flurry of activity toward new directions and initiatives. Mere hours after returning to New York, Amitai will give us a recap of the proceedings, including his presentation, "Packaging djbware." Amitai Schlair is a pkgsrc developer who has worked in such diverse areas as Mac OS X platform support and packages of software by Dan Bernstein. His full-time undergraduate studies at Columbia are another contributing factor to his impending insanity. He consults in software and IT.

                                                                                                                                                                      • Ray Lai: on OpenCVS
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2007-04-06
                                                                                                                                                                        Tags: nycbug, presentation, cvs, openbsd, ray lai
                                                                                                                                                                        Files: MP3 version

                                                                                                                                                                        This presentation was inspired by the recent Subversion presentation. It will talk about the origins of OpenRCS and OpenCVS, its real-world usage in the OpenBSD project, and why OpenBSD will continue to use CVS. Ray is an OpenBSD developer who uses Subversion by day, CVS by night. Taking the phrase "complexity is the enemy of security" to heart, he believes that the beauty of UNIX's security is in its simplicity.

                                                                                                                                                                      • Matthew Burnside: Integrated Enterprise Security Mgmt
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2007-03-09
                                                                                                                                                                        Tags: mp3, presentation, enterprise security, matthew burnside
                                                                                                                                                                        Files: MP3 version

                                                                                                                                                                        Integrated Enterprise Security Management Security policies are a key component in protecting enterprise networks. But, while there are many diverse defensive options available, current models and mechanisms for mechanically-enforced security policies are limited to traditional admission-based access control. Defensive capabilities include among others logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, while policy enforcement is essentially limited to one-off access control. Furthermore, access-control mechanisms operate independently on each service, which can (and often does) lead to inconsistent or incorrect application of the intended system-wide policy. We propose a new scheme for global security policies. Every policy decision is made with near-global knowledge, and re-evaluated as global knowledge changes. Using a variety of actuators, we make the full array of defensive capabilities available to the global policy. Our goal is a coherent, enterprise-wide response to any network threat. Biography Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His main research interests are in computer security, trust management, and network anonymity.

                                                                                                                                                                      • Ivan Ivanov on The Version Control System Subversion
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2007-02-09
                                                                                                                                                                        Tags: nycbug, presentation, subversion, ivan ivanov
                                                                                                                                                                        Files: MP3 version

                                                                                                                                                                        The presentation will discuss Subversion from both client and server points of view. It will show how to create repositories and how to make them accessible over the network using different access schemes like http://, file:// or svn://. Pointers are given on securing the repositories and on authenticating and authorizing the clients. Next, the presentation shows how an user interacts with the repository and describes some of the important Subversion client commands. Finally, it deals with administrating the repository using "hook scripts". Ivan Ivanov is generally interested in Version Control Systems since his student years in Sofia University, Bulgaria, where he set up and maintained a CVS server for an academic project. When Subversion became a fact and proved to be "a better CVS" he researched it and last year deployed it for his NYC-based employer Ariel Partners (http://www.arielpartners.com/). He integrated the Subversion repositories with Apache Web Server over https to enable a reliable and secure way to access them from any point.

                                                                                                                                                                      • Okan Demirmen on PF
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2007-01-07
                                                                                                                                                                        Tags: nycbug, presentation, openbsd, pf, okan demirmen
                                                                                                                                                                        Files: MP3 version

                                                                                                                                                                        We have had lots of meetings that have peripherally discussed OpenBSD's wildly popular PF firewall... but finally we will have a meeting focused on it.

                                                                                                                                                                      • New York City BSD Con 2006: BSD is Dying - A Cautionary Tale of Sex and Greed
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2006-November-02
                                                                                                                                                                        Tags: nycbug, presentation, humor, bsd is dying, jason dixon
                                                                                                                                                                        Files: QuickTime (19Mb), MP4 (31Mb), iPod (36Mb)

                                                                                                                                                                        BSD is Dying A Cautionary Tale of Sex and Greed Jason Dixon October 28, 2006 First and foremost, I would like to thank the unique presentation styles of Dick Hardt and Lawrence Lessig for inspiring me to create this presentation. The following videos were created by exporting the original Keynote presentation slides into QuickTime video, then manually synchronizing them using iMovie HD with the audio recordings captured by Nikolai Fetissov. They were then exported into QuickTime, mpeg4 (H.264/AAC), and iPod movie formats. If you are having difficulties with the MP4 copy, and are unable to view QuickTime movies, please contact me and I'll try to assist.

                                                                                                                                                                      • New York City BSD Con 2006
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2006-November-01
                                                                                                                                                                        Tags: nycbug, nycbsdcon, nycbsdcon2006, presentation
                                                                                                                                                                        Files: Corey Benninger: Security with Ruby on Rails in BSD (14 Mb), Brian A. Seklecki: A Framework for NetBSD Network Appliances. (10 Mb), Bob Beck: PF, it is not just for firewalls anymore. (15 Mb), Bjorn Nelson: A Build System for FreeBSD (9 Mb), Johnny C. Lam: The "hidden dependency" problem. (13 Mb), Marco Peereboom: Bio & Sensors in OpenBSD. (11 Mb), Russell Sutherland: BSD on the Edge of the Enterprise. (12 Mb), Jason Dixon: BSD Is Dying. (5 Mb), Jason Wright: OpenBSD on sparc64. (9 Mb), Kristaps Johnson: BSD Virtualisation with sysjail. (15 Mb), Wietse Venema: Postfix as a Secure Programming Example. (16 Mb), Bob Beck: spamd - spam deferral daemon. (16 Mb)

                                                                                                                                                                        Audio recordings of presentations given at New York City BSD Conference 2006. Courtesy of nikolai at fetissov.org. The main page also has links to the slides.

                                                                                                                                                                      • Isaac 'Ike' Levy on m0n0wall and PFSense
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2006-09-09
                                                                                                                                                                        Tags: nycbug, presentation, monowall, pfsense, isaac levy
                                                                                                                                                                        Files:  (9 Mb)

                                                                                                                                                                        UNIX professionals are busy these days. Setting up routers and firewalls are fundamental to any network, but in environments where the focus is on various applications, (servers, workstations, and the software that runs on them), it's difficult for a business not to choose off-the-shelf SOHO routers and networking gear. The web management GUIs are understandable by everyone, (even techs without UNIX knowledge), and the gear is cheap - this saves time and money. In the meantime, the features of your average Linksys or Netgear router often leave MUCH to be desired, (https auth management, for one simple example). Enter m0n0wall and PFSense, 2 BSD based packaged router/firewall solutions that are as solid and full featured as you'd expect from any BSD system- PLUS THEY HAVE HTML WEB INTERFACES FOR MANAGEMENT! m0n0wall and PFSense become an easy sell in any small professional environment, any competent tech can manage the network within minutes... At home, in every hackers home network, they free the hacker to have trusted tools available, but are as time-saving as using any Linksys router. m0n0wall and PFSense are both light and clean, designed to run on embedded systems- (Soekris, WRAP), but are monsters when unleashed on even legacy PCs around the office. If you manage UNIX networks and systems all day, do you really want to manage the router for your DSL when you get home? But then doesn't it bug you to use a chincey Linksys box? Ike has been a member of NYC*BUG since we first launched in January 2004. He is a long-time member of the Lower East Side Mac Unix User Group. He has spoken frequently on a number of topics at various venues, particularly on the issue of FreeBSD's jail (8).

                                                                                                                                                                      • Alfred Perlstein on Sendmail Hacks
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2006-08-07
                                                                                                                                                                        Tags: nycbug, presentation, sendmail, alfred perlstein
                                                                                                                                                                        Files:  (11 Mb)

                                                                                                                                                                        Alfred will discuss the hacks used to turn Sendmail into a high performance solution for delivering millions of messages to OKCupid's subscribers. Topics covered will be system tuning and sendmail hacks used in house to achieve massive throughput. Alfred Perlstein is the CTO of OKcupid.com, the largest free online dating site. He has been a FreeBSD hacker for five years, he's worked on NFS, VFS, pthreads, networking and general system maintenance during his tenure on both FreeBSD and OS X kernels.

                                                                                                                                                                      • Nate Lawson on ACPI
                                                                                                                                                                        Source: Bay Area FreeBSD User Group
                                                                                                                                                                        Added: 2006-09-09
                                                                                                                                                                        Tags: bafug, presentation, freebsd, acpi, nate lawson
                                                                                                                                                                        Files:  (245 Mb)

                                                                                                                                                                        Our Topic: FreeBSD's ACPI implementation: The details. Our Speaker: Nate Lawson, FreeBSD Committer. Our Topic: FreeBSD's ACPI implementation is based on code for ACPI released by Intel. Nate and others wrote the glue code to make this code work on FreeBSD. He explains how this was done, and why.

                                                                                                                                                                      • Network Protocol Development Tools and Techniques for FreeBSD
                                                                                                                                                                        Source: Bay Area FreeBSD User Group
                                                                                                                                                                        Added: 2006-08-10
                                                                                                                                                                        Tags: bafug, presentation, freebsd, packet construction set, george neville-neil
                                                                                                                                                                        Files:  (211 Mb)

                                                                                                                                                                        Our Topic: Network Protocol Development Tools and Techniques for FreeBSD Our Speaker: George Neville-Neil, co-author of the "Design and Implementation of the FreeBSD Operating System" "daemon" book. Our Topic: While computers have gotten faster and more powerful the tools we use to develop network protocols, such as TCP, UDP, IPv4 and IPv6 have not. Most network protocols are developed, in C, in the kernel, and require a lot of work to test. Over the past year or so I have been working with virtual machines, a couple of pieces of open source software, and begun developing a library for use in protocol testing. This talk will cover three topics: Developing and testing kernel code with Virtual Machines Finding good tests for networking code Packet Construction Set (PCS) a new library for writing protocol tests

                                                                                                                                                                      • Tim Kientzler on developing libarchive and tar
                                                                                                                                                                        Source: Bay Area FreeBSD User Group
                                                                                                                                                                        Added: 2006-07-13
                                                                                                                                                                        Tags: bafug, presentation, libarchive, tim kientzler
                                                                                                                                                                        Files: Part 1 (50 Mb), Part 2 (125 Mb), Part 3 (30 Mb)

                                                                                                                                                                        libarchive..........Tim Kientzler on developing libarchive and tar.

                                                                                                                                                                      • COMPLETE Hard Disk Encryption with FreeBSD
                                                                                                                                                                        Source: 22nd Chaos Communication Congress
                                                                                                                                                                        Added: 2006-08-23
                                                                                                                                                                        Tags: ccc, ccc2005, ccc22, presentation, freebsd, harddisk encryption, marc schiesser
                                                                                                                                                                        Files: Slides (679Kb), Bittorrent link (37Kb)

                                                                                                                                                                        COMPLETE Hard Disk Encryption with FreeBSD, by Marc Schiesser Learn how to effectively protect not only your data but also your applications. Most technologies and techniques intended for securing digital data focus on protection while the machine is turned on mostly by defending against remote attacks. An attacker with physical access to the machine, however, can easily circumvent these defenses by reading out the contents of the storage medium on a different, fully accessible system or even compromise program code on it in order to leak encrypted information. Especially for mobile users, that threat is real. And for those carrying around sensitive data, the risk is most likely high. This talk will introduce a method of mitigating that particular risk by protecting not only the data through encryption, but also the applications and the operating system from being compromised while the machine is turned off.

                                                                                                                                                                      • FreeBSD Security Officer funktionen
                                                                                                                                                                        Source: AArhus Unix Users Group
                                                                                                                                                                        Added: 2007-01-15
                                                                                                                                                                        Tags: aauug, presentation, danish, freebsd, security officer, simon l nielsen
                                                                                                                                                                        Files: PDF (danish) (211 Kb)

                                                                                                                                                                        "FreeBSD Security Officer funktionen" at the AAUUG, AAUUG, 22 August 2006 by Simon L. Nielsen (FreeBSD Deputy Security Officer)

                                                                                                                                                                      • FreeBSD Security Officer funktionen
                                                                                                                                                                        Source: BSD UNIX bruger gruppe i Danmark
                                                                                                                                                                        Added: 2007-01-15
                                                                                                                                                                        Tags: aauug, presentation, danish, freebsd, security officer, simon l nielsen
                                                                                                                                                                        Files: PDF (danish) (210 Kb)

                                                                                                                                                                        "FreeBSD Security Officer funktionen" at the BSD-DK, 26 August 2006 by Simon L. Nielsen (FreeBSD Deputy Security Officer)

                                                                                                                                                                      • Releaseparty, the Varnish HTTP accelerator
                                                                                                                                                                        Source: Norwegian Unix Users Group
                                                                                                                                                                        Added: 2006-October-03
                                                                                                                                                                        Tags: nuug, presentation, varnish, poul-henning kamp
                                                                                                                                                                        Files: Video version (230 Mb), MP3 version (47.8 Mb)

                                                                                                                                                                        VG sponsored the creation of a web-accellerator called "Varnish" because Squid was too slow for them. Varnish is being developed by Poul-Henning Kamp and the Norwegian Linux consultancy Linpro. This is the releaseparty for version 1.0. The first half of the talk will introduce Varnish and present some of the novel features it brings to the business of web-serving. The second half of the talk, using Varnish as the example, will show ways to get the most performance out of modern hardware and operating systems. (The English text starts at about 5 minutes in the stream)

                                                                                                                                                                      • Dimitri Vasileva - Visualizing Security Threats with Social Networking Software
                                                                                                                                                                        Source: OpenFest
                                                                                                                                                                        Added: 2008-03-27
                                                                                                                                                                        Tags: openfest, openfest2007, presentation, freebsd, security, social networking, dimitri vasileva
                                                                                                                                                                        Files: AVI (331 Mb)

                                                                                                                                                                        Dimitri Vasileva - Visualizing Security Threats with Social Networking Software (Bulgarian)

                                                                                                                                                                      • Shcheryana Shopova - SNMP monitoring
                                                                                                                                                                        Source: OpenFest
                                                                                                                                                                        Added: 2008-03-27
                                                                                                                                                                        Tags: openfest, openfest2007, presentation, freebsd, snmp, monitoring, shcheryana shopova
                                                                                                                                                                        Files: AVI (271 Mb)

                                                                                                                                                                        Shcheryana Shopova - SNMP monitoring (Bulgarian)

                                                                                                                                                                      • Willow Vachkov - FreeBSD and the new network and transport protocols (IPv6 and SCTP)
                                                                                                                                                                        Source: OpenFest
                                                                                                                                                                        Added: 2008-03-27
                                                                                                                                                                        Tags: openfest, openfest2007, presentation, freebsd, ipv6, sctp, willow vanchkov
                                                                                                                                                                        Files: AVI (251 Mb)

                                                                                                                                                                        Willow Vachkov - FreeBSD and the new network and transport protocols (IPv6 and SCTP) (Bulgarian)

                                                                                                                                                                      • Atanas Bchvarov - Packet Filtering in FreeBSD
                                                                                                                                                                        Source: OpenFest
                                                                                                                                                                        Added: 2008-03-27
                                                                                                                                                                        Tags: openfest, openfest2007, presentation, freebsd, atanas bchvarov
                                                                                                                                                                        Files: AVI (186 Mb)

                                                                                                                                                                        Atanas Bchvarov - Packet Filtering in FreeBSD (Bulgarian)

                                                                                                                                                                      • Nikolai Denev - FreeBSD goes Zettabyte
                                                                                                                                                                        Source: OpenFest
                                                                                                                                                                        Added: 2008-03-27
                                                                                                                                                                        Tags: openfest, openfest2007, presentation, freebsd, zettabyte, nikolai denev
                                                                                                                                                                        Files: AVI (358 Mb)

                                                                                                                                                                        Nikolai Denev - FreeBSD goes Zettabyte (Bulgarian)

                                                                                                                                                                      • Vasil Dimov - The FreeBSD ports collection - tips and tricks
                                                                                                                                                                        Source: OpenFest
                                                                                                                                                                        Added: 2008-03-27
                                                                                                                                                                        Tags: openfest, openfest2007, presentation, freebsd, ports collection, vasil dimov
                                                                                                                                                                        Files: AVI (341 Mb)

                                                                                                                                                                        Vasil Dimov - The FreeBSD ports collection - tips and tricks (Bulgarian)

                                                                                                                                                                      • FreeBSD ports Erwin Lansing
                                                                                                                                                                        Source: OpenFest
                                                                                                                                                                        Added: 2007-01-15
                                                                                                                                                                        Tags: openfest, openfest2006, presentation, freebsd, port manager, erwin lansing
                                                                                                                                                                        Files: PDF (128 Kb)

                                                                                                                                                                        Case study : managing a worldwide open source project: FreeBSD port manager

                                                                                                                                                                      • Ham Radio on FreeBSD
                                                                                                                                                                        Source: Ottawa Amateur Radio Club
                                                                                                                                                                        Added: 2007-02-19
                                                                                                                                                                        Tags: oarc, presentation, radio, diane bruce
                                                                                                                                                                        Files: PDF file (23 pages)

                                                                                                                                                                        Last month I attended a meeting of the Ottawa Amateur Radio Club (OARC) as a member of my local BUG was giving a presentation on Ham Radio on FreeBSD. Diane Bruce, call sign VA3DB, has had her operator license since 1969 and is well known in the BSD community and for the development of ircd-hybrid. In the past year she has assisted in the creation of the Hamradio category in the FreeBSD ports tree and has become the maintainer of over 20 of the hamradio ports. She also contributed to the FreeBSD entry at Hampedia, the Wikipedia for ham operators. Her presentation slides are a great introduction to the various ham utilities which are available, including both descriptions and screenshots of the utilities in action.

                                                                                                                                                                      • Chris Buechler and Scott Ullrich - pfSense: 2.0 and beyond
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, pfsense, chris buechler, scott ullrich
                                                                                                                                                                        Files: Slides (36 pages, 3.2 Mb)

                                                                                                                                                                        pfSense: 2.0 and beyond From firewall distribution to appliance building platform pfSense is a BSD licensed customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. This session will start with an introduction to the project and its common uses, which have expanded considerably beyond firewalling. We will cover much of the new functionality coming in the 2.0 release, which contains significant enhancements to nearly every portion of the system as well as numerous new features. While the primary function of the project is a firewalling and routing platform, with changes coming in pfSense 2.0, it has also become an appliance building framework enabling the creation of customized special purpose appliances. The m0n0wall code where pfSense originated has proved popular for this purpose, with AskoziaPBX and FreeNAS also based upon it, in addition to a number of commercial solutions. The goal of this appliance building framework is to enable creation of projects such as these without having to fork and maintain another code base. The existing appliances, including a DNS server using TinyDNS, VoIP with FreeSWITCH, and others will be discussed. For those interested in creating appliances, an overview of the process will be provided along with references for additional information.

                                                                                                                                                                      • Luigi Rizzo - GEOM based disk schedulers for FreeBSD
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, freebsd, geom, disk schedulers, luigi rzzo
                                                                                                                                                                        Files: Slides (40 pages, 430 Kb)

                                                                                                                                                                        GEOM based disk schedulers for FreeBSD The high cost of seek operations makes the throughput of disk devices very sensitive to the offered workload. A disk scheduler can then help reorder requests to improve the overall throughput of the device, or improve the service guarantees for individual users, or both. Research results in recent years have introduced, and proven the effectiveness of, a technique called "anticipatory scheduling". The basic idea behind this technique is that, in some cases, requests that cause a seek should not be served immediately; instead, the scheduler should wait for a short period of time in case other requests arrive that do not require a seek to be served. With many common workloads, dominated by sequential synchronous requests, the potential loss of throughput caused by the disk idling times is more than balanced by the overall reduction of seeks. While a fair amount of research on disk scheduling has been conducted on FreeBSD, the results were never integrated in the OS, perhaps because the various prototype implementations were very device-specific and operated within the device drivers. Ironically, anticipatory schedulers are instead a standard part of Linux kernels. This talk has two major contributions: First, we will show how, thanks to the flexibility of the GEOM architecture, an anticipatory disk scheduling framework has been implemented in FreeBSD with little or no modification to a GENERIC kernel. While these schedulers operate slightly above the layer where one would naturally put a scheduler, they can still achieve substantial performance improvements over the standard disk scheduler; in particular, even the simplest anticipatory schedulers can prevent the complete trashing of the disk performance that often occurs in presence of multiple processes accessing the disk. Secondly, we will discuss how the basic anticipatory scheduling technique can be used not only to improve the overall throughput of the disk, but also to give service guarantees to individual disk clients, a feature that is extremely important in practice e.g., when serving applications with pseudo-real-time constraints such as audio or video streaming ones. A prototype implementation of the scheduler that will be covered in the presentation is available at http://info.iet.unipi.it/~luigi/FreeBSD/

                                                                                                                                                                      • Constantine A. Murenin - Quiet Computing with BSD
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, openbsd, hardware sensors, constantine murenin
                                                                                                                                                                        Files: Slides (16 pages, 264 Kb)

                                                                                                                                                                        Quiet Computing with BSD Programming system hardware monitors for quiet computing In this talk, we will present a detailed overview of the features and common problems of microprocessor system hardware monitors as they relate to the topic of silent computing. In a nutshell, the topic of programmable fan control will be explored. Silent computing is an important subject as its practice reduces the amount of unnecessary stress and improves the motivation of the workforce, at home and in the office. Attendees will gain knowledge on how to effectively programme the chips to minimise fan noise and avoid system failure or shutdown during temperature fluctuations, as well as some basic principles regarding quiet computing. Shortly before the talk, a patch for programming the most popular chips (like those from Winbond) will be released for the OpenBSD operating system, although the talk itself will be more specific to the microprocessor system hardware monitors themselves, as opposed to the interfacing with thereof in modern operating systems like OpenBSD, NetBSD, DragonFly BSD and FreeBSD.

                                                                                                                                                                      • Fernando Gont - Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, bsd, security assessment, fernado gont
                                                                                                                                                                        Files: Proposal (3 pages, 93 Kb), Security Assessment of the Internet Protocol (63 pages, 660 Kb), Security Assessment of the Transmission Control Protocol (TCP) (130 pages, 1.4 Mb), Slides (64 pages, 473 Kb)

                                                                                                                                                                        Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies Fernando Gont will present the results of security assessment of the TCP and IP protocols carried out on behalf of the United Kingdom's Centre for the Protection of National Infrastructure (Centre for the Protection of National Infrastructure). His presentation will provide an overview of the aforementioned project, and will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems with respect to the aforementioned issues. During the last twenty years, many vulnerabilities have been identified in the TCP/IP stacks of a number of systems. The discovery of these vulnerabilities led in most cases to reports being published by a number of CSIRTs and vendors, which helped to raise awareness about the threats and the best possible mitigations known at the time the reports were published. For some reason, much of the effort of the security community on the Internet protocols did not result in official documents (RFCs) being issued by the organization in charge of the standardization of the communication protocols in use by the Internet: the Internet Engineering Task Force (IETF). This basically led to a situation in which "known" security problems have not always been addressed by all vendors. In addition, in many cases vendors have implemented quick "fixes" to the identified vulnerabilities without a careful analysis of their effectiveness and their impact on interoperability. As a result, producing a secure TCP/IP implementation nowadays is a very difficult task, in large part because of the hard task of identifying relevant documentation and differentiating between that which provides correct advisory, and that which provides misleading advisory based on inaccurate or wrong assumptions. During 2006, the United Kingdom's Centre for the Protection of National Infrastructure embarked itself in an ambitious and arduous project: performing a security assessment of the TCP and IP protocols. The project did not limit itself to an analysis of the relevant IETF specifications, but also included an analysis of common implementation strategies found in the most popular TCP and IP implementations. The result of the project was a set of documents which identifies possible threats for the TCP and IP protocols and, where possible, proposes counter-measures to mitigate the identified threats. This presentation will will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems.

                                                                                                                                                                      • Randi Harper - Automating FreeBSD Installations
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, freebsd, pxe, sysinstall, randi harper
                                                                                                                                                                        Files: Slides (14 pages, 33 Kb)

                                                                                                                                                                        Automating FreeBSD Installations PXE Booting and install.cfg Demystified This paper will provide an explanation of the tools involved in performing an automated FreeBSD install and a live demonstration of the process. FreeBSD's sysinstall provides a powerful and flexible mechanism for automated installs but doesn't get used very often because of a lack of documentation.

                                                                                                                                                                      • Brooks Davis - Isolating Cluster Jobs for Performance and Predictability
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, freebsd, cluster, brooks davis
                                                                                                                                                                        Files: Slides (27 pages, 1.4 Mb)

                                                                                                                                                                        Isolating Cluster Jobs for Performance and Predictability At The Aerospace Corporation, we run a large FreeBSD based computing cluster to support engineering applications. These applications come in all shapes, sizes, and qualities of implementation. To support them and our diverse userbase we have been searching for ways to isolate jobs from one another in ways that are more effective than Unix time sharing and more fine grained than allocating whole nodes to jobs. In this talk we discuss the problem space and our efforts so far. These efforts include implementation of partial file systems virtualization and CPU isolation using CPU sets.

                                                                                                                                                                      • John Baldwin - Multiple Passes of the FreeBSD Device Tree
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, freebsd, device tree, john baldwin
                                                                                                                                                                        Files: Paper (8 pages, 103 Kb), Slides (15 pages, 60 Kb)

                                                                                                                                                                        Multiple Passes of the FreeBSD Device Tree The existing device driver framework in FreeBSD works fairly well for many tasks. However, there are a few problems that are not easily solved with the current design. These problems include having "real" device drivers for low-level hardware such as clocks and interrupt controllers, proper resource discovery and management, and allowing most drivers to always probe and attach in an environment where interrupts are enabled. I propose extending the device driver framework to support multiple passes over the device tree during boot. This would allow certain classes of drivers to be attached earlier and perform boot-time setup before other drivers are probed and attached. This in turn can be used to develop solutions to the earlier list of problems.

                                                                                                                                                                      • Colin Percival - scrypt: A new key derivation function
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, scrypt, colin percival
                                                                                                                                                                        Files: Paper (16 pages, 201 Kb), Slides (21 pages, 556 Kb)

                                                                                                                                                                        scrypt: A new key derivation function Doing our best to thwart TLAs armed with ASICs Password-based key derivation functions are used for two primary purposes: First, to hash passwords so that an attacker who gains access to a password file does not immediately possess the passwords contained therewithin; and second, to generate cryptographic keys to be used for encrypting or authenticating data. In both cases, if passwords do not have sufficient entropy, an attacker with the relevant data can perform a brute force attack, hashing potential passwords repeatedly until the correct key is found. While commonly used key derivation functions, such as Kamp's iterated MD5, Provos and Mazieres' bcrypt, and RSA Laboratories' PBKDF1 and PBKDF2 make an attempt to increase the difficulty of brute-force attacks, they all require very little memory, making them ideally suited to attack by custom hardware. In this talk, I will introduce the concepts of memory-hard and sequential memory-hard functions, and argue that key derivation functions should be sequential memory-hard. I will present a key derivation function which, subject to common assumptions about cryptographic hash functions, is provably sequential memory-hard, and a variation which appears to be stronger (but not provably so). Finally, I will provide some estimates of the cost of performing brute force attacks on a variety of password strengths and key derivation functions.

                                                                                                                                                                      • Stephen Borrill - Building products with NetBSD - thin-clients
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, netbsd, thin client, stephen borrill
                                                                                                                                                                        Files: Slides (60 pages, 499 Kb)

                                                                                                                                                                        Building products with NetBSD - thin-clients NetBSD: delivering the goods This talk will discuss what thin-clients are, why they are useful and why NetBSD is good choice to build such a device. This talk will provide information on some alternatives and the strengths and weaknesses of NetBSD when used in such a device. It will discuss problems that needed to be addressed such as how to get a device with rich functionality running from a small amount of flash storage, as well as recent developments in NetBSD that have helped improve the product.

                                                                                                                                                                      • Cat Allman and Leslie Hawthorn - Getting Started in Free and Open Source
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, getting started, cat allman, leslie hawthorn
                                                                                                                                                                        Files: Slides (25 pages, 893 Kb)

                                                                                                                                                                        Getting Started in Free and Open Source Interested in getting involved? But don't really know where or how to start? The talk is called "Getting Started in Free and Open Source". It's a talk for beginners who are interested to getting involved but don't really know where or how to start. We cover the basics of: -why you might want to get involved -what you can get out of participating -more than coding is needed -how to chose a project -how to get started -etiquette of lists and other communication -dos and don't of joining a community

                                                                                                                                                                      • Warner Losh - Tracking FreeBSD in a commercial Environment
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, freebsd, commercial environment, waner losh
                                                                                                                                                                        Files: Slides (10 pages, 104 Kb), Paper (45 pages, 624 Kb)

                                                                                                                                                                        Tracking FreeBSD in a commercial Environment How to stay current while staying sane The FreeBSD project publishes two lines of source code: current and stable. All changes must first be committed to current and then are merged into stable. Commercial organizations wishing to use FreeBSD in their products must be aware of this policy. Four different strategies have developed for tracking FreeBSD over time. A company can choose to run only unmodified release versions of FreeBSD. A company may choose to import FreeBSD's sources once and then never merge newer versions. A company can choose to import each new stable branch as it is created, adding its own changes to that branch, as well as integrating new versions from FreeBSD from time to time. A company can track FreeBSD's current branch, adding to it their changes as well as newer FreeBSD changes. Which method a company chooses depends on the needs of the company. These methods are explored in detail, and their advantages and disadvantages are discussed. Tracking FreeBSD's ports and packages is not discussed. Companies building products based upon FreeBSD have many choices in how to use the projects sources and binaries. The choices range from using unmodified binaries from FreeBSD's releases, to tracking modify FreeBSD heavily and tracking FreeBSD's evolution in a merged tree. Some companies may only need to maintain a stable version of FreeBSD with more bug fixes or customizations than the FreeBSD project wishes to place in that branch. Some companies also wish to contribute some subset of their changes back to the FreeBSD project. FreeBSD provides an excellent base technology with which to base products. It is a proven leader in performance, reliability and scalability. The technology also offers a very business friendly license that allows companies to pick and choose which changes they wish to contribute to the community rather than forcing all changes to be contributed back, or attaching other undesirable license conditions to the code. However, the FreeBSD project does not focus on integration of its technology into customized commercial products. Instead, the project focuses on producing a good, reliable, fast and scalable operating system and associated packages. The project maintains two lines of development. A current branch, where the main development of the project takes place, and a stable branch which is managed for stability and reliability. While the project maintains documentation on the system, including its development model, relatively little guidance has been given to companies in how to integrate FreeBSD into their products with a minimum of trouble. Developing a sensible strategy to deal with both these portions of FreeBSD requires careful planning and analysis. FreeBSD's lack of guidelines to companies leaves it up to them to develop a strategy. FreeBSD's development model differs from some of the other Free and Open Source projects. People familiar with those systems often discover that methods that were well suited to them may not work as well with FreeBSD's development model. These two issues cause many companies to make poor decisions without understanding the problems that lie in their future. Very little formal guidance exists for companies wishing to integrate FreeBSD into their products. Some email threads can be located via a Google search that could help companies, but many of them are full of contradictory information, and it is very disorganized. While the information about the FreeBSD development process is in the FreeBSD handbook, the implications of that process for companies integrating FreeBSD into their products are not discussed.

                                                                                                                                                                      • Kris Moore - PC-BSD - Making FreeBSD on the desktop a reality
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, pc-bsd, freebsd, kris moore
                                                                                                                                                                        Files: Slides (35 pages, 512 Kb), Paper (9 pages, 351 Kb)

                                                                                                                                                                        PC-BSD - Making FreeBSD on the desktop a reality FreeBSD on the Desktop While FreeBSD is a all-around great operating system, it is greatly lagging behind in desktop appeal. Why is this? In this talk, we will take a look at some of the desktop drawbacks of FreeBSD, and how are are attempting to fix them through PC-BSD. FreeBSD has a reputation for its rock-solid reliability, and top-notch performance in the server world, but is noticeably absent when it comes to the vast market of desktop computing. Why is this? FreeBSD offers many, if not almost all of the same open-source packages and software that can be found in the more popular Linux desktop distributions, yet even with the speed and reliability FreeBSD offers, a relative few number of users are deploying it on their desktops. In this presentation we will take a look at some of the reasons why FreeBSD has not been as widely adopted in the desktop market as it has on the server side. Several of the desktop weaknesses of FreeBSD will be shown, along with how we are trying to fix these short-comings through a desktop-centric version of FreeBSD, known as PC-BSD. We will also take a look at the package management system employed by all open-source operating systems alike, and some of the pitfalls it brings, which may hinder widespread desktop adoption.

                                                                                                                                                                      • Sean Bruno - Implementation of TARGET_MODE applications
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, freebsd, firewire, sean bruno
                                                                                                                                                                        Files: Slides (22 pages, 72 Kb)

                                                                                                                                                                        Implementation of TARGET_MODE applications How we used TARGET_MODE in the kernel to create and interesting product This presentation will cover a real world implementation of the TARGET_MODE infrastructure in the kernel (stable/6). Topics to include: drivers used (isp, aic7xxx, firewire). scsi_target userland code vs kernel drivers missing drivers (4/8G isp support, iSCSI target) Target Mode describes a feature within certain drivers that allows a FreeBSD system to emulate a Target in the SCSI sense of the word. By recompiling your kernel with this feature enabled, it permits one to turn a FreeBSD system into an external hard disk. This feature of the FreeBSD kernel provides many interesting implementations and is highly desirable to many organizations whom run FreeBSD as their platform. I have been tasked with the maintenance of a proprietary target driver that interfaces with the FreeBSD kernel to do offsite data mirroring at the block level. This talk will discuss the implementation of that kernel mode driver and the process my employer went through to implement a robust and flexible appliance. Since I took over the implementation, we have implemented U160 SCSI(via aic7xxx), 2G Fibre Channel(via isp) and Firewire 400 (via sbp_targ). Each driver has it's own subtleties and requirements. I personally enhanced the existing Firewire target driver and was able to get some interesting results. I hope to demonstrate a functional Firewire 400/800 target and show how useful this application can be for the embedded space. Also, I wish to demonstrate the need for iSCSI. USB and 4/8G Fibre Channel target implementations that use the TARGET_MODE infrastructure that is currently in place to allow others to expand their various interface types. The presentation should consist of a high level overview, followed by detailed implementation instructions with regards to the Firewire implementation and finish up with a hands-on demonstration with a FreeBSD PC flipped into TARGET_MODE and a Mac.

                                                                                                                                                                      • George Neville-Neil - Understanding and Tuning SCHED_ULE
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, freebsd, sched_ule, george neville-neil
                                                                                                                                                                        Files: Slides (29 pages, 228 Kb)

                                                                                                                                                                        Understanding and Tuning SCHED_ULE With the advent of widespread SMP and multicore CPU architectures it was necessary to implement a new scheduler in the FreeBSD operating system. The SCHEDULE scheduler was added for the 5 series of FreeBSD releases and has now matured to the point where it is the default scheduler in the 7.1 release. While scheduling processes was a difficult enough task in the uniprocessor world, moving to multiple processors, and multiple cores, has significantly increased the number of problems that await engineers who wish to squeeze every last ounce of performance out of their system. This talk will cover the basic design of SCHEDULE and focus a great deal of attention on how to tune the scheduler for different workloads, using the sysctl interfaces that have been provided for that purpose. Understanding and tuning a scheduler used to be done only by operating systems designers and perhaps a small minority of engineers focusing on esoteric high performance systems. With the advent of widespread multi-processor and multi-core architectures it has become necessary for more users and administrators to decide how to tune their systems for the best performance. The SCHEDULE scheduler in FreeBSD provides a set of sysctl interfaces for tuning the scheduler at run time, but in order to use these interfaces effectively the scheduling process must first be understood. This presentation will give an overview of how SCHEDULE works and then will show several examples of tuning the system with the interfaces provided. The goal of modifying the scheduler's parameters is to change the overall performance of programs on the system. One of the first problems presented to the person who wants to tune the scheduler is how to measure the effects of their changes. Simply tweaking the parameters and hoping that that will help is not going to lead to good results. In our recent experiments we have used the top(1) program to measure our results.

                                                                                                                                                                      • Lawrence Stewart - Improving the FreeBSD TCP Implementation
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, freebsd, tcp, lawrence stewart
                                                                                                                                                                        Files: Slides (38 pages, 2.1 Mb)

                                                                                                                                                                        Improving the FreeBSD TCP Implementation. An update on all things TCP in FreeBSD and how they affect you. My involvement in improving the FreeBSD TCP stack has continued this past year, with much of the work targeted at FreeBSD 8. This talk will cover what these changes entail, why they are of interest to the FreeBSD community and how they help to improve our TCP implementation. It has been a busy year since attending my inaugural BSDCan in 2008, where I talked about some of my work with TCP in FreeBSD. I have continued the work on TCP analysis/debugging tools and integrating modular congestion control into FreeBSD as part of the NewTCP research project. I will provide a progress update on this work. Additionally, a grant win from the FreeBSD Foundation to undertake a project titled "Improving the FreeBSD TCP Implementation" at Swinburne University's Centre for Advanced Internet Architectures has been progressing well. The project focuses on bringing TCP Appropriate Byte Counting (RFC 3465), reassembly queue auto-tuning and integration of low-level analysis/debugging tools to the base system, all of which I will also discuss.

                                                                                                                                                                      • Joerg Sonnenberger - Journaling FFS with WAPBL
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, netbsd, wapbl, ffs, joerg sonnenberger
                                                                                                                                                                        Files: Slides (24 pages, 10 Kb)

                                                                                                                                                                        Journaling FFS with WAPBL NetBSD 5 is the first NetBSD release with a journaling filesystem. This lecture introduces the structure of the Fast File System, the modifications for WAPBL and specific constraints of the implementation. The Fast File System (FFS) has been used in the BSD land for more than two decades. The original implementation offered two operational modes: safe and slow (sync) unsafe and fast (async) One decade ago, Kirk McKusick introduced the soft dependency mechanism to offset the performance impact without risk of mortal peril on the first crash. With the advent of Terabyte hard disks, the need for a file system check (fsck) after a crash becomes finally unacceptable. Even a background fsck like supported on FreeBSD consumes lots of CPU time and IO bandwidth. Based on a donation from Wasabi Systems, Write Ahead Physical Block Logging (WAPBL) provides journaling for FFS with similar or better performance than soft dependencies during normal operation. Recovery time after crashes depends on the amount of outstanding IO operations and normally takes a few seconds. This lecture gives a short overview of FFS and the consistency constraints for meta data updates. It introduces the WAPBL changes, both in terms of the on-disk format and the implementation in NetBSD. Finally the implementation is compared to the design of comparable file systems and specific issues of and plans for the current implementation are discussed.

                                                                                                                                                                      • Ivan Voras - Remote and mass management of systems with finstall
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, finstall, management, freebsd, ivan voras
                                                                                                                                                                        Files: Slides (24 pages, 377 Kb)

                                                                                                                                                                        Remote and mass management of systems with finstall Automated management on a largish scale An important part of the "finstall" project, created as a graphical installer for FreeBSD, is a configuration server that can be used to remotely administer and configure arbitrary systems. It allows for remote scripting of administration tasks and is flexible enough to support complete reconfiguration of running systems. The finstall project has two major parts - the front-end and the back-end. The front-end is just a GUI allowing the users to install the system in a convenient way. The back-end is a network-enabled XML-RPC server that is used by the front-end to perform its tasks. It can be used as a stand-alone configuration daemon. This talk will describe a way to make use of this property of finstall to remotely manage large groups of systems.

                                                                                                                                                                      • Mike Silbersack - Detecting TCP regressions with tcpdiff
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, tcpdiff, freebsd, mike silbersack
                                                                                                                                                                        Files: Slides (33 pages, 89 Kb)

                                                                                                                                                                        Detecting TCP regressions with tcpdiff Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. The initial version of tcpdiff presented at NYCBSDCon 2008 demonstrated that it could be used to detect at least two major TCP bugs that were introduced into FreeBSD in the past few years. The work from that presentation can be viewed at http://www.silby.com/nycbsdcon08/. For BSDCan 2009, I hope to fix a number of bugs in tcpdiff, make it easier to use, set up nightly tests of FreeBSD, and improve it so that additional known bugs can be detected. Additionally, I plan to run it on OSes other than FreeBSD.

                                                                                                                                                                      • Philip Paeps - Crypto Acceleration on FreeBSD
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, crypto acceleration, freebsd, philip paeps
                                                                                                                                                                        Files: Slides (28 pages, 361 Kb)

                                                                                                                                                                        Crypto Acceleration on FreeBSD As more and more services on the internet become cryptographically secured, the load of cryptography on systems becomes heavier and heavier. Crypto acceleration hardware is available in different forms for different workloads. Embedded communications processors from VIA and AMD have limited acceleration facilities in silicon and various manufacturers build hardware for accelerating secure web traffic and IPSEC VPN tunnels. This talk gives an overview of FreeBSD's crypto framework in the kernel and how it can be used together with OpenSSL to leverage acceleration hardware. Some numbers will be presented to demonstrate how acceleration can improve performance - and how it can curiously bring a system to a grinding halt. Philip originally started playing with crypto acceleration when he saw the "crypto block" in one of his Soekris boards. As usual, addiction was instant and by the grace of the "you touch it, you own it" principle, he has been fiddling the crypto framework more than is good for him.

                                                                                                                                                                      • Sean Bruno - Firewire BoF Plugfest
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2009-05-25
                                                                                                                                                                        Tags: bsdcan, bsdcan2009, presentation, firewire, plugfest, sean bruno
                                                                                                                                                                        Files: Slides (1 page, 37 Kb)

                                                                                                                                                                        Firewire BoF Plugfest Debugging and testing of Firewire products with FreeBSD Come one come all to a Firewire plugfest. Let's debug and test together and see if we can't knock out some features and bugs. A hands-on testing and debugging session of the Firewire stack in FreeBSD. Everyone who wishes to attend should bring their Firewire devices, ext Drives and Cameras, and their Laptops. I will be debugging and capturing data points to enhance and improve features in the Firewire stack. We should be able to knock out quite a bunch of bugs if folks can bring their various Firewire devices along with their various PCs. Even if your Firewire device works perfectly, bring it by so it can be documented as supported by the Firewire team!

                                                                                                                                                                      • Daniel Braniss
                                                                                                                                                                        Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                        Added: 2008-05-28
                                                                                                                                                                        Tags: bsdcan, bsdcan2008, presentation, iscsi, daniel braniss
                                                                                                                                                                        Files: PDF file (30 pages, 1.4 Mb)

                                                                                                                                                                        iSCSI not an Apple appliance. iSCSI is not an Apple appliance. The i in iSCSI stands for internet, some say for insecure, personally I like to think interesting. I'll try to share the road followed from RFC-3720 to the actual working driver, the challenges, the frustrations.

                                                                                                                                                                      • PmcTools talk at the Bangalore chapter of the ACM
                                                                                                                                                                        Source: Joseph Koshy
                                                                                                                                                                        Added: 2009-05-24
                                                                                                                                                                        Tags: freebsd, presentation, freebsd, pmctools, joseph koshy
                                                                                                                                                                        Files: PDF version (550 Kb, 48 pages)

                                                                                                                                                                        In April 2009 I was invited to speak on FreeBSD/PmcTools by the Bangalore chapter of the ACM. This was an overview talk. The talk briefly touched upon: the motivations and goals of the project, the programming APIs, some aspects of the implementation and on possible future work.

                                                                                                                                                                      privacy

                                                                                                                                                                      profiling

                                                                                                                                                                      promotion

                                                                                                                                                                      public key

                                                                                                                                                                      • Public Key sudo
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2008-08-19
                                                                                                                                                                        Tags: nycbug, presentation, sudo, public key, matthew burnside
                                                                                                                                                                        Files: MP3 version (2 Mb)

                                                                                                                                                                        Two tools which have become the norm in Linux- and Unix-based environments are SSH for secure communications, and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this talk, I describe a flaw in their interaction, and then present our solution called public-key sudo. Public-key sudo is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. I describe our implementation of a generic SSH authentication module and the sudo modifications required to use this module. Bio: Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His research interests are in network anonymity, trust management, and enterprise-scale policy enforcement.

                                                                                                                                                                      puffs

                                                                                                                                                                      puppet

                                                                                                                                                                      • Introduction to Puppet
                                                                                                                                                                        Source: New York City *BSD User Group
                                                                                                                                                                        Added: 2009-01-19
                                                                                                                                                                        Tags: nycbug, presentation, puppet, larry ludwig
                                                                                                                                                                        Files: MP3 version (11 Mb)

                                                                                                                                                                        What it is and how can it make system administration less painful About the speaker: Larry Ludwig - Principal Consultant/Founder of Empowering Media. Empowering Media is a consulting firm and managed hosting provider. Larry Ludwig has been in the industry for over 15 years as a system administration and system programmer. He's had previous experience working for many Fortune 500 corporations and holds a BS in CS from Clemson University. Larry, along with Eric E. Moore and Brian Gupta are founding members of the NYC Puppet usergroup.

                                                                                                                                                                      pxe

                                                                                                                                                                      qing li

                                                                                                                                                                      quicktime

                                                                                                                                                                        radio

                                                                                                                                                                        • OpenBSD Developer Jason Wright
                                                                                                                                                                          Source: bsdtalk
                                                                                                                                                                          Added: 2006-November-10
                                                                                                                                                                          Tags: bsdtalk, interview, openbsd, sparc, radio, jason wright
                                                                                                                                                                          Files: MP3 version (8 Mb, 17 minutes), Ogg version (17 minutes)

                                                                                                                                                                          Interview with OpenBSD developer Jason Wright. We talk about his work on sparc and also amateur radio.

                                                                                                                                                                        • Ham Radio on FreeBSD
                                                                                                                                                                          Source: Ottawa Amateur Radio Club
                                                                                                                                                                          Added: 2007-02-19
                                                                                                                                                                          Tags: oarc, presentation, radio, diane bruce
                                                                                                                                                                          Files: PDF file (23 pages)

                                                                                                                                                                          Last month I attended a meeting of the Ottawa Amateur Radio Club (OARC) as a member of my local BUG was giving a presentation on Ham Radio on FreeBSD. Diane Bruce, call sign VA3DB, has had her operator license since 1969 and is well known in the BSD community and for the development of ircd-hybrid. In the past year she has assisted in the creation of the Hamradio category in the FreeBSD ports tree and has become the maintainer of over 20 of the hamradio ports. She also contributed to the FreeBSD entry at Hampedia, the Wikipedia for ham operators. Her presentation slides are a great introduction to the various ham utilities which are available, including both descriptions and screenshots of the utilities in action.

                                                                                                                                                                        radio clocks

                                                                                                                                                                          rafal jaworowski

                                                                                                                                                                          ragge

                                                                                                                                                                          randall stewart

                                                                                                                                                                          randi harper

                                                                                                                                                                          ray lai

                                                                                                                                                                          • Ray Lai: on OpenCVS
                                                                                                                                                                            Source: New York City *BSD User Group
                                                                                                                                                                            Added: 2007-04-06
                                                                                                                                                                            Tags: nycbug, presentation, cvs, openbsd, ray lai
                                                                                                                                                                            Files: MP3 version

                                                                                                                                                                            This presentation was inspired by the recent Subversion presentation. It will talk about the origins of OpenRCS and OpenCVS, its real-world usage in the OpenBSD project, and why OpenBSD will continue to use CVS. Ray is an OpenBSD developer who uses Subversion by day, CVS by night. Taking the phrase "complexity is the enemy of security" to heart, he believes that the beauty of UNIX's security is in its simplicity.

                                                                                                                                                                          refuse

                                                                                                                                                                            release engineer

                                                                                                                                                                            remko lodder

                                                                                                                                                                            research

                                                                                                                                                                            resources

                                                                                                                                                                              richard stallman

                                                                                                                                                                              rick macklem

                                                                                                                                                                              rick van der zwet

                                                                                                                                                                                rms

                                                                                                                                                                                robert ricci

                                                                                                                                                                                robert watson

                                                                                                                                                                                romain kuntz

                                                                                                                                                                                  rootkits

                                                                                                                                                                                  routing

                                                                                                                                                                                    routing arp and nd6

                                                                                                                                                                                    ruby

                                                                                                                                                                                      ruby on rails

                                                                                                                                                                                        run your own server

                                                                                                                                                                                        russel sutherland

                                                                                                                                                                                        • EuroBSDCon 2008 - Russel Sutherland - UTORvpn: A BSD based VPN service for the masses
                                                                                                                                                                                          Source: EuroBSDCon
                                                                                                                                                                                          Added: 2008-October-22
                                                                                                                                                                                          Tags: eurobsdcon, eurobsdcon2008, freebsd, vpn, russel sutherland
                                                                                                                                                                                          Files: OGG (1 byte, 52 minutes), MP3 (1 byte, 52 minutes), PDF (1 byte, n pages)

                                                                                                                                                                                          The University of Toronto is a large educational institutional with over 70,000 students and 10,000 staff and faculty. For the past three years, we have developed and implemented a ubiquitous VPN service, based up on OpenVPN and FreeBSD. The service has over 3000 active customers, with up to 35 simultaneous users. The system supports, Linux, Mac OS X and Windows XP/Vista/2000 clients. Tools have been developed to create a central CA which enables users to log in to a secure server and get their customized client, certificates and configuration. The NSIS installer is used to generate the customized windows installers. Similar packages are generated for the various Unix based clients. Additional WWW/PHP based tools, have been developed to monitor and log usage of the service, using standard graphs, alarms for excessive use and a certificate revocation mechanism. The system has been integrated into the local identity management system (Kerberos/LDAP) in order to authorize and authenticate users upon initiation and per session usage. All code is Open Source and freely available.

                                                                                                                                                                                        russian

                                                                                                                                                                                        • Server deployment in mass-hosting environment using FreeBSD Ports system by Stanislav Sedov (in russian)
                                                                                                                                                                                          Source: Hostobzor, the Russian conference of hosting provider
                                                                                                                                                                                          Added: 2008-November-24
                                                                                                                                                                                          Tags: hostobzor, hostobzor12, freebsd, ports, stanislav sedov, russian
                                                                                                                                                                                          Files: PDF version (61 Kb, 5 pages), PDF version (470 Kb, 30 pages)

                                                                                                                                                                                          Recently I have been attending Hostobzor 12th, the Russian conference of hosting providers, beeing held at Raivola hotel near St. Petersburg. The event was great as always thanks to organizers. There was a number of intersting talks given, a lot of interesting discussions held, and, what I appreciate better, a lot of new people with great ideas met. I gave a talk on using the FreeBSD Ports system to mange a large-scale virtual hosting installations based on Hosting Telesystems experience. I tried to describe in detail how we use the ports collection to deploy a large number of servers diverced by architecture and OS versions, how we build packages and distribute them among servers, talked about how we use Mercurial VCS to incrementally merge upstream changes into our modified ports collection and FreeBSD src trees. Hopefully, I've not screwed it much... At least, some people was interested a lot and asked interesting questions.

                                                                                                                                                                                        ryan bickhart

                                                                                                                                                                                          ryuji wakikawa

                                                                                                                                                                                            sam leffler

                                                                                                                                                                                              sam smith

                                                                                                                                                                                                sangoma

                                                                                                                                                                                                scada

                                                                                                                                                                                                • Poul-Henning Kamp - Measured (almost) does Air Traffic Control
                                                                                                                                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                  Added: 2008-05-26
                                                                                                                                                                                                  Tags: bsdcan, bsdcan2008, slides, air traffic control, scada, poul-henning kamp
                                                                                                                                                                                                  Files: PDF file (46 pages, 7.7 Mb)

                                                                                                                                                                                                  Measured (almost) does Air Traffic Control Monitoring weird hardware reliably The new Danish Air Traffic Control system, CASIMO, prompted the development on a modular and general software platform for data collection, control and monitoring of "weird hardware" of all sorts. The talk will present the "measured" daemon, and detail some of the uses it has been put to, as an, admittedly peripheral, component of the ATC system. Many "SCADA" systems suffer from lack of usable interfaces for external access to the data. Measured takes the opposite point of view and makes real-time situation available, and accepts control instructions as ASCII text stream over TCP connections. Several examples of how this can be used will be demonstrated. Measured will run on any FreeBSD system, but has not been ported to other UNIX variants yet, and it is perfect for that "intelligent house" project of yours. I believe I gave a WIP presentation of this about two years ago.

                                                                                                                                                                                                scalability

                                                                                                                                                                                                sched_ule

                                                                                                                                                                                                • George Neville-Neil - Understanding and Tuning SCHED_ULE
                                                                                                                                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                  Added: 2009-05-25
                                                                                                                                                                                                  Tags: bsdcan, bsdcan2009, presentation, freebsd, sched_ule, george neville-neil
                                                                                                                                                                                                  Files: Slides (29 pages, 228 Kb)

                                                                                                                                                                                                  Understanding and Tuning SCHED_ULE With the advent of widespread SMP and multicore CPU architectures it was necessary to implement a new scheduler in the FreeBSD operating system. The SCHEDULE scheduler was added for the 5 series of FreeBSD releases and has now matured to the point where it is the default scheduler in the 7.1 release. While scheduling processes was a difficult enough task in the uniprocessor world, moving to multiple processors, and multiple cores, has significantly increased the number of problems that await engineers who wish to squeeze every last ounce of performance out of their system. This talk will cover the basic design of SCHEDULE and focus a great deal of attention on how to tune the scheduler for different workloads, using the sysctl interfaces that have been provided for that purpose. Understanding and tuning a scheduler used to be done only by operating systems designers and perhaps a small minority of engineers focusing on esoteric high performance systems. With the advent of widespread multi-processor and multi-core architectures it has become necessary for more users and administrators to decide how to tune their systems for the best performance. The SCHEDULE scheduler in FreeBSD provides a set of sysctl interfaces for tuning the scheduler at run time, but in order to use these interfaces effectively the scheduling process must first be understood. This presentation will give an overview of how SCHEDULE works and then will show several examples of tuning the system with the interfaces provided. The goal of modifying the scheduler's parameters is to change the overall performance of programs on the system. One of the first problems presented to the person who wants to tune the scheduler is how to measure the effects of their changes. Simply tweaking the parameters and hoping that that will help is not going to lead to good results. In our recent experiments we have used the top(1) program to measure our results.

                                                                                                                                                                                                schmoocon

                                                                                                                                                                                                scott murphy

                                                                                                                                                                                                scott ullrich

                                                                                                                                                                                                • Chris Buechler and Scott Ullrich - pfSense: 2.0 and beyond
                                                                                                                                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                  Added: 2009-05-25
                                                                                                                                                                                                  Tags: bsdcan, bsdcan2009, presentation, pfsense, chris buechler, scott ullrich
                                                                                                                                                                                                  Files: Slides (36 pages, 3.2 Mb)

                                                                                                                                                                                                  pfSense: 2.0 and beyond From firewall distribution to appliance building platform pfSense is a BSD licensed customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. This session will start with an introduction to the project and its common uses, which have expanded considerably beyond firewalling. We will cover much of the new functionality coming in the 2.0 release, which contains significant enhancements to nearly every portion of the system as well as numerous new features. While the primary function of the project is a firewalling and routing platform, with changes coming in pfSense 2.0, it has also become an appliance building framework enabling the creation of customized special purpose appliances. The m0n0wall code where pfSense originated has proved popular for this purpose, with AskoziaPBX and FreeNAS also based upon it, in addition to a number of commercial solutions. The goal of this appliance building framework is to enable creation of projects such as these without having to fork and maintain another code base. The existing appliances, including a DNS server using TinyDNS, VoIP with FreeSWITCH, and others will be discussed. For those interested in creating appliances, an overview of the process will be provided along with references for additional information.

                                                                                                                                                                                                • Scott Ullrich, Chris Buechler - pfSense Tutorial
                                                                                                                                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                  Added: 2008-05-28
                                                                                                                                                                                                  Tags: bsdcan, bsdcan2008, tutorial, freebsd, pfsense, scott ullrich, chris buechler
                                                                                                                                                                                                  Files: PDF file (91 pages, 4.1 Kb)

                                                                                                                                                                                                  pfSense Tutorial From Zero to Hero with pfSense pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices. This tutorial is being presented by the founders of the pfSense project, Chris Buechler and Scott Ullrich. The session will start with an introduction to the project, hardware sizing and selection, installation, firewalling concepts and basic configuration, and continue to cover all the most popular features of the system. Common usage scenarios, deployment considerations, step by step configuration guidance, and best practices will be covered for each feature. Most configurations will be demonstrated in a live lab environment. Attendees are assumed to have basic knowledge of TCP/IP and firewalling concepts, however no in-depth knowledge in these areas or prior knowledge of pfSense or FreeBSD is necessary.

                                                                                                                                                                                                scrypt

                                                                                                                                                                                                • Colin Percival - scrypt: A new key derivation function
                                                                                                                                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                  Added: 2009-05-25
                                                                                                                                                                                                  Tags: bsdcan, bsdcan2009, presentation, scrypt, colin percival
                                                                                                                                                                                                  Files: Paper (16 pages, 201 Kb), Slides (21 pages, 556 Kb)

                                                                                                                                                                                                  scrypt: A new key derivation function Doing our best to thwart TLAs armed with ASICs Password-based key derivation functions are used for two primary purposes: First, to hash passwords so that an attacker who gains access to a password file does not immediately possess the passwords contained therewithin; and second, to generate cryptographic keys to be used for encrypting or authenticating data. In both cases, if passwords do not have sufficient entropy, an attacker with the relevant data can perform a brute force attack, hashing potential passwords repeatedly until the correct key is found. While commonly used key derivation functions, such as Kamp's iterated MD5, Provos and Mazieres' bcrypt, and RSA Laboratories' PBKDF1 and PBKDF2 make an attempt to increase the difficulty of brute-force attacks, they all require very little memory, making them ideally suited to attack by custom hardware. In this talk, I will introduce the concepts of memory-hard and sequential memory-hard functions, and argue that key derivation functions should be sequential memory-hard. I will present a key derivation function which, subject to common assumptions about cryptographic hash functions, is provably sequential memory-hard, and a variation which appears to be stronger (but not provably so). Finally, I will provide some estimates of the cost of performing brute force attacks on a variety of password strengths and key derivation functions.

                                                                                                                                                                                                sctp

                                                                                                                                                                                                sean bruno

                                                                                                                                                                                                • Sean Bruno - Implementation of TARGET_MODE applications
                                                                                                                                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                  Added: 2009-05-25
                                                                                                                                                                                                  Tags: bsdcan, bsdcan2009, presentation, freebsd, firewire, sean bruno
                                                                                                                                                                                                  Files: Slides (22 pages, 72 Kb)

                                                                                                                                                                                                  Implementation of TARGET_MODE applications How we used TARGET_MODE in the kernel to create and interesting product This presentation will cover a real world implementation of the TARGET_MODE infrastructure in the kernel (stable/6). Topics to include: drivers used (isp, aic7xxx, firewire). scsi_target userland code vs kernel drivers missing drivers (4/8G isp support, iSCSI target) Target Mode describes a feature within certain drivers that allows a FreeBSD system to emulate a Target in the SCSI sense of the word. By recompiling your kernel with this feature enabled, it permits one to turn a FreeBSD system into an external hard disk. This feature of the FreeBSD kernel provides many interesting implementations and is highly desirable to many organizations whom run FreeBSD as their platform. I have been tasked with the maintenance of a proprietary target driver that interfaces with the FreeBSD kernel to do offsite data mirroring at the block level. This talk will discuss the implementation of that kernel mode driver and the process my employer went through to implement a robust and flexible appliance. Since I took over the implementation, we have implemented U160 SCSI(via aic7xxx), 2G Fibre Channel(via isp) and Firewire 400 (via sbp_targ). Each driver has it's own subtleties and requirements. I personally enhanced the existing Firewire target driver and was able to get some interesting results. I hope to demonstrate a functional Firewire 400/800 target and show how useful this application can be for the embedded space. Also, I wish to demonstrate the need for iSCSI. USB and 4/8G Fibre Channel target implementations that use the TARGET_MODE infrastructure that is currently in place to allow others to expand their various interface types. The presentation should consist of a high level overview, followed by detailed implementation instructions with regards to the Firewire implementation and finish up with a hands-on demonstration with a FreeBSD PC flipped into TARGET_MODE and a Mac.

                                                                                                                                                                                                • Sean Bruno - Firewire BoF Plugfest
                                                                                                                                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                  Added: 2009-05-25
                                                                                                                                                                                                  Tags: bsdcan, bsdcan2009, presentation, firewire, plugfest, sean bruno
                                                                                                                                                                                                  Files: Slides (1 page, 37 Kb)

                                                                                                                                                                                                  Firewire BoF Plugfest Debugging and testing of Firewire products with FreeBSD Come one come all to a Firewire plugfest. Let's debug and test together and see if we can't knock out some features and bugs. A hands-on testing and debugging session of the Firewire stack in FreeBSD. Everyone who wishes to attend should bring their Firewire devices, ext Drives and Cameras, and their Laptops. I will be debugging and capturing data points to enhance and improve features in the Firewire stack. We should be able to knock out quite a bunch of bugs if folks can bring their various Firewire devices along with their various PCs. Even if your Firewire device works perfectly, bring it by so it can be documented as supported by the Firewire team!

                                                                                                                                                                                                sean cody

                                                                                                                                                                                                security

                                                                                                                                                                                                • One Time Passwords
                                                                                                                                                                                                  Source: bsdtalk
                                                                                                                                                                                                  Added: 2007-06-14
                                                                                                                                                                                                  Tags: bsdtalk, security, one time passwords
                                                                                                                                                                                                  Files: MP3 version (4 Mb, 6 minutes), Ogg version (6 minutes)

                                                                                                                                                                                                  Important when you don't trust the computer you are using, such as a library computer or internet kiosk. Available by default in Free/Net/Open BSD. FreeBSD uses OPIE, Net/Open use S/Key. One time passwords are based on your pass phrase, a non-repeating sequence number, and a seed. Initial setup should be done directly on the server. "skeyinit" for Net/Open, "opiepasswd -c" for FreeBSD. Enter a pass phrase that is not your regular account password. Find your current sequence number and seed with "opieinfo" or "skeyinfo", for example: "497 pc5246". Generate a list of the next 10 passwords and write them down, using "opiekey -n 10 497 pc5246" or "skey -n 10 497 pc5246". When you log in from a remote machine that might have a keystroke logger, you can now use a one time password instead of your regular password. For OpenBSD, log in as account:skey, for example "bob:skey", which will cause the system to present the s/key challenge. For NetBSD, the system will always present you with the s/key challenge if it is configured for your account, although you can still use your regular password. FreeBSD by default will force you to use a one time password if it is configured for your account. If you want both OPIE and password authentication, FreeBSD allows you to list trusted networks or hosts in /etc/opieaccess. Instead of carrying a list of passwords around, you can use s/key generators on a portable device that you trust, such as a palm pilot. For more info, check the man pages.

                                                                                                                                                                                                • Dimitri Vasileva - Visualizing Security Threats with Social Networking Software
                                                                                                                                                                                                  Source: OpenFest
                                                                                                                                                                                                  Added: 2008-03-27
                                                                                                                                                                                                  Tags: openfest, openfest2007, presentation, freebsd, security, social networking, dimitri vasileva
                                                                                                                                                                                                  Files: AVI (331 Mb)

                                                                                                                                                                                                  Dimitri Vasileva - Visualizing Security Threats with Social Networking Software (Bulgarian)

                                                                                                                                                                                                security assessment

                                                                                                                                                                                                • Fernando Gont - Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies
                                                                                                                                                                                                  Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                  Added: 2009-05-25
                                                                                                                                                                                                  Tags: bsdcan, bsdcan2009, presentation, bsd, security assessment, fernado gont
                                                                                                                                                                                                  Files: Proposal (3 pages, 93 Kb), Security Assessment of the Internet Protocol (63 pages, 660 Kb), Security Assessment of the Transmission Control Protocol (TCP) (130 pages, 1.4 Mb), Slides (64 pages, 473 Kb)

                                                                                                                                                                                                  Results of a Security Assessment of the TCP and IP protocols and Common implementation Strategies Fernando Gont will present the results of security assessment of the TCP and IP protocols carried out on behalf of the United Kingdom's Centre for the Protection of National Infrastructure (Centre for the Protection of National Infrastructure). His presentation will provide an overview of the aforementioned project, and will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems with respect to the aforementioned issues. During the last twenty years, many vulnerabilities have been identified in the TCP/IP stacks of a number of systems. The discovery of these vulnerabilities led in most cases to reports being published by a number of CSIRTs and vendors, which helped to raise awareness about the threats and the best possible mitigations known at the time the reports were published. For some reason, much of the effort of the security community on the Internet protocols did not result in official documents (RFCs) being issued by the organization in charge of the standardization of the communication protocols in use by the Internet: the Internet Engineering Task Force (IETF). This basically led to a situation in which "known" security problems have not always been addressed by all vendors. In addition, in many cases vendors have implemented quick "fixes" to the identified vulnerabilities without a careful analysis of their effectiveness and their impact on interoperability. As a result, producing a secure TCP/IP implementation nowadays is a very difficult task, in large part because of the hard task of identifying relevant documentation and differentiating between that which provides correct advisory, and that which provides misleading advisory based on inaccurate or wrong assumptions. During 2006, the United Kingdom's Centre for the Protection of National Infrastructure embarked itself in an ambitious and arduous project: performing a security assessment of the TCP and IP protocols. The project did not limit itself to an analysis of the relevant IETF specifications, but also included an analysis of common implementation strategies found in the most popular TCP and IP implementations. The result of the project was a set of documents which identifies possible threats for the TCP and IP protocols and, where possible, proposes counter-measures to mitigate the identified threats. This presentation will will describe some of the new insights that were gained as a result of this project. Additionally, it will provide an overview of the state of affairs of the different TCP/IP implementations found in BSD operating systems.

                                                                                                                                                                                                security officer

                                                                                                                                                                                                sendmail

                                                                                                                                                                                                • Alfred Perlstein on Sendmail Hacks
                                                                                                                                                                                                  Source: New York City *BSD User Group
                                                                                                                                                                                                  Added: 2006-08-07
                                                                                                                                                                                                  Tags: nycbug, presentation, sendmail, alfred perlstein
                                                                                                                                                                                                  Files:  (11 Mb)

                                                                                                                                                                                                  Alfred will discuss the hacks used to turn Sendmail into a high performance solution for delivering millions of messages to OKCupid's subscribers. Topics covered will be system tuning and sendmail hacks used in house to achieve massive throughput. Alfred Perlstein is the CTO of OKcupid.com, the largest free online dating site. He has been a FreeBSD hacker for five years, he's worked on NFS, VFS, pthreads, networking and general system maintenance during his tenure on both FreeBSD and OS X kernels.

                                                                                                                                                                                                sensors

                                                                                                                                                                                                  sevan janiyan

                                                                                                                                                                                                  shcheryana shopova

                                                                                                                                                                                                  sidsel jensen

                                                                                                                                                                                                  simon l nielsen

                                                                                                                                                                                                  simon nielsen

                                                                                                                                                                                                  slawomir zak

                                                                                                                                                                                                  slides

                                                                                                                                                                                                  • Robert Watson's Slides from EuroBSDCon 2004
                                                                                                                                                                                                    Source: Robert Watson
                                                                                                                                                                                                    Added: 2007-01-14
                                                                                                                                                                                                    Tags: eurobsdcon, eurobsdcon2004, slides, trustedbsd, freebsd, mac, robert watson
                                                                                                                                                                                                    Files: TrustedBSD MAC Framework on FreeBSD and Darwin (270 Kb)

                                                                                                                                                                                                    Robert Watson will describe the design and application of the TrustedBSD MAC Framework, a flexible kernel security framework developed on FreeBSD, and recently experimentally ported to Apple's Darwin operating system. The MAC Framework permits loadable access control kernel modules to be loaded, modifying the security behavior of the operating system, including SEBSD, a port of the SELinux FLASK/TE security model to FreeBSD.

                                                                                                                                                                                                  • Robert Watson's Slides from UKUUG LISA 2006
                                                                                                                                                                                                    Source: Robert Watson
                                                                                                                                                                                                    Added: 2007-01-14
                                                                                                                                                                                                    Tags: ukuug, slides, openbsm, trustedbsd, freebsd, robert watson
                                                                                                                                                                                                    Files: CAPP-Compliant Security Event Audit System for Mac OS X and FreeBSD (UKUUG LISA 2006). (199 Kb)

                                                                                                                                                                                                    UKUUG LISA 2006 took place in Durham, UK in March, 2006. On this page, you can find my slides from this conference. OpenBSM is a BSD-licensed implementation of Sun's Basic Security Module (BSM) API and file format, and is the foundation of the TrustedBSD audit implementation for FreeBSD. This talk will cover the requirements, design, and implementation of audit support for FreeBSD. Security audit support provides detailed logging of security-relevant events, and meets the requirements of the CAPP Common Criteria protection profile.

                                                                                                                                                                                                  • Robert Watson's Slides from EuroBSDCon 2005
                                                                                                                                                                                                    Source: Robert Watson
                                                                                                                                                                                                    Added: 2007-01-14
                                                                                                                                                                                                    Tags: eurobsdcon, eurobsdcon2005, slides, freebsd, smp, robert watson, poul-henning kamp, ed maste
                                                                                                                                                                                                    Files: Introduction to Multithreading and Multiprocessing in the FreeBSD SMPng Network Stack (370 Kb)

                                                                                                                                                                                                    EuroBSDCon 2005 took place in Basel, Switzerland in November, 2005. Due to an injury, I was unable to attend the conference itself, and my talks were presented in absentia by Poul-Henning Kamp and Ed Maste, who have my greatest appreciation! The FreeBSD SMPng Project has spent the past five years redesigning and reimplementing SMP support for the FreeBSD operating system, moving from a Giant-locked kernel to a fine-grained locking implementation with greater kernel threading and parallelism. This paper introduces the FreeBSD SMPng Project, its architectural goals and implementation approach. It then explores the impact of SMPng on the FreeBSD network stack, including strategies for integrating SMP support into the network stack, locking approaches, optimizations, and challenges.

                                                                                                                                                                                                  • Robert Watson's Slides from BSDCan 2004
                                                                                                                                                                                                    Source: Robert Watson
                                                                                                                                                                                                    Added: 2007-01-14
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2004, slides, trustedbsd, freebsd, robert watson
                                                                                                                                                                                                    Files: TrustedBSD: Trusted Operating System Features for BSD (277 Kb)

                                                                                                                                                                                                    BSDCan 2004 took place at the University of Ottawa in Ottawa, Canada. On this page, you can find my slides from the conference. Robert Watson will describe a variety of pieces of work done as part of the TrustedBSD Project, including the TrustedBSD MAC Framework, Audit facilities for FreeBSD, as well as supporting infrastructure work such as GEOM/GBDE, UFS2, OpenPAM. He will also discuss how certification and evaluation play into feature selection, design, and documentation.

                                                                                                                                                                                                  • Kern Sibbald - Bacula
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-26
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, bacula, kern sibbald
                                                                                                                                                                                                    Files: PDF file (30 pages, 505 Kb)

                                                                                                                                                                                                    Bacula The Open Source Enterprise Backup Solution The Bacula project started in January 2000 with several goals, one of which was the ability to backup any client from a Palm to a mainframe computer. Bacula is available under a GPL license. Bacula uses several distinct components, each communicating via TCP/IP, to achieve a very scalable and robust solution to backups. Kern is one of the original project founders and still one of the most productive Bacula developers.

                                                                                                                                                                                                  • Warner Losh - FreeBSD/mips
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-26
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, freebsd, mips, embedded, warner losh
                                                                                                                                                                                                    Files: PDF file (19 pages, 1.3 Mb)

                                                                                                                                                                                                    FreeBSD/mips Embedding FreeBSD FreeBSD now runs on the MIPS platform. FreeBSD/mips supports MIPS-32 and MIPS-64 targets, including SMP for multicore support. FreeBSD/mips is targeted at the embedded MIPS marketplace. FreeBSD has run on the MIPS platform for many years. Juniper ported FreeBSD to the Mips platform in the late 1990's. However, concern about intellectual property issues kept Juniper from contributing the port back to FreeBSD until recently. The contributed port was a 64-bit mips port. In the mean time, many efforts were made to bring FreeBSD to the mips platform. The first substantial effort to bring FreeBSD to the Mips platform was done by Juli Mallet. This effort made it to single user, but never further than that. This effort was abandoned due to a change in Juli's life. The port languished. Two years ago at BSDcan, as my involvement with FreeBSD/arm was growing, I tried to rally the troops into doing a FreeBSD/mips port. My efforts resulted in what has been commonly called the "mips2" effort. The name comes from the choice of //depot/projects/mips2 to host the work in perforce. A number of people worked on the earliest versions of the port, but it too languished and seemed destined to suffer the same fate as earlier efforts. Then, two individuals stood up and started working on the port. Wojciech A. Koszek and Oleksandr Tymoshenko pulled in code from the prior efforts. Through their efforts of stabilizing this code, the port to the single user stage and ported it to three different platforms. Others ported it to a few more. Snapshots of this work were released from time to time. Cavium Networks picked up one of these snapshots and ported it to their multicore mips64 network processor. Cavium has kindly donated much of their work to the comminuty. In December, I started at Cisco systems. My first job was to merge all the divergent variants of FreeBSD/mips and get it into shape to push into the tree. With luck, this should be in the tree before I give my talk. In parallel to this, other advances in the embedded support for FreeBSD have been happening as well. I'll talk about new device drivers, new subsystems, and new build tools that help to support the embedded developer.

                                                                                                                                                                                                  • Kris Moore - Building self-contained PBIs from Ports (Automagically)
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-26
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, pc-bsd, ports, pbi, kris moore
                                                                                                                                                                                                    Files: PDF file (26 pages, 120 Kb)

                                                                                                                                                                                                    Building self-contained PBIs from Ports (Automagically) Creating a self-contained application from the ports tree PC-BSD provides a user-friendly desktop experience, for experts and casual users alike. PC-BSD is 100% FreeBSD under the hood, while providing desktop essentials, such as a graphical installation system, point-n-click package-management using the PBI system, and easy to use system management tools; All integrated into an easy to use K Desktop Environment (KDE). The PBI (Push Button Installer) format is the cornerstone of the PC-BSD desktop, which allows users to install applications in a self-contained format, free from dependency problems, and compile issues that stop most casual users from desktop adoption. The PBI format also provides power and flexibility in user interaction, and scripting support, which allows applications to be fine-tuned to the best possible user experience. This talk would go over in some detail our new PBI building system, which converts a FreeBSD port, such as FireFox, into a standalone self-contained PBI installer for PC-BSD desktops. The presentation will be divided into two main sections: The Push Button Installer (PBI) Format The basics of the PBI format The PBI format construction Add & Remove scripting support within PBI Building PBIs from Ports "Auto-magically" The PBI build server & standalone software Module creation & configuration Converting messy ports into PBIs

                                                                                                                                                                                                  • John Pertalion - An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-26
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, openbsd, openvpn, john pertalion
                                                                                                                                                                                                    Files: PDF file (26 pages, 127 Kb)

                                                                                                                                                                                                    An Open Source Enterprise VPN Solution with OpenVPN and OpenBSD Solving the problem At Appalachian State University, we utilize an open source VPN to allow faculty, staff and vendors secure access to Appalachian State University's internal network from any location that has an Internet connection. To implement our virtual private network project, we needed a secure VPN that is flexible enough to work with our existing network registration and LDAP authentication systems, has simple client installation, is redundant, allows multiple VPN server instances for special site-to-site tunnels and unique configurations, and can run on multiple platforms. Using OpenVPN running on OpenBSD, we met those requirements and added a distributed administration system that allows select users to allow VPN access to specific computers for external users and vendors without requiring intervention from our network or security personnel. Our presentation will start with a quick overview of OpenVPN and OpenBSD and then detail the specifics of our VPN implementation. Dissatisfied with IPSec for road warrior VPN usage we went looking for a better solution. We had hopped that we could find a solution that would run on multiple platforms, was flexible and worked well. We found OpenVPN and have been pleased. Initially we ran it on RHEL. We migrated to OpenBSD for pf functionality and general security concerns. ...and because we like OpenBSD. Our presentation will focus on the specifics of our VPN implementation. We will quickly cover the basics of OpenVPN and the most used features of OpenBSD. Moving along we will cover multiple authentication methods, redundancy, running multiple instances, integration with our netreg system, how pf has extended functionality, embedding in appliances, and client configuration. The system has proven helpful with providing vendor access where needed and we'll cover this aspect as well. Time permitting we will cover current enhancement efforts and future plans. OpenVPN has been called the "Swiss army knife" of VPN solutions. We hope our presentation leaves participants with that feeling.

                                                                                                                                                                                                  • Ivan Voras - "finstall" - the new FreeBSD installer
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-26
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, freebsd, installer, ivan voras
                                                                                                                                                                                                    Files: PDF file (39 pages, 1.1 Mb)

                                                                                                                                                                                                    "finstall" - the new FreeBSD installer A graphical installer for FreeBSD The "finstall" project, sponsored by Google as a Summer of Code 2007 project, is an attempt to create a user-friendly graphical installer for FreeBSD, with enough strong technical features to appeal to the more professional users. A long term goal for it is to be a replacement for sysinstall, and as such should support almost all of the features present in sysinstall, as well as add support for new FreeBSD features such as GEOM, ZFS, etc. This talk will describe the architecture of "finstall" and focus on its lesser known features such as remote installation. "finstall" is funded by Google SoC as a possible long-term replacement for sysinstall, as a "LiveCD" with the whole FreeBSD base system on the CD, with X11 and XFCE4 GUI. In the talk I intend to describe what I did so far, and what are the future plans for it. This includes the installer GUI, the backend (which has the potential to become a generic FreeBSD configuration backend) and the assorted tools developed for finstall ("LiveCD" creation scripts). More information on finstall can be found here: http://wiki.freebsd.org/finstall.

                                                                                                                                                                                                  • Poul-Henning Kamp - Measured (almost) does Air Traffic Control
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-26
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, air traffic control, scada, poul-henning kamp
                                                                                                                                                                                                    Files: PDF file (46 pages, 7.7 Mb)

                                                                                                                                                                                                    Measured (almost) does Air Traffic Control Monitoring weird hardware reliably The new Danish Air Traffic Control system, CASIMO, prompted the development on a modular and general software platform for data collection, control and monitoring of "weird hardware" of all sorts. The talk will present the "measured" daemon, and detail some of the uses it has been put to, as an, admittedly peripheral, component of the ATC system. Many "SCADA" systems suffer from lack of usable interfaces for external access to the data. Measured takes the opposite point of view and makes real-time situation available, and accepts control instructions as ASCII text stream over TCP connections. Several examples of how this can be used will be demonstrated. Measured will run on any FreeBSD system, but has not been ported to other UNIX variants yet, and it is perfect for that "intelligent house" project of yours. I believe I gave a WIP presentation of this about two years ago.

                                                                                                                                                                                                  • Chris Lattner - BSD licensed C++ compiler
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, bsdl, llvm, chris lattner
                                                                                                                                                                                                    Files: PDF file (33 pages, 5.8 Mb)

                                                                                                                                                                                                    BSD licensed C++ compiler LLVM is a suite of carefully designed open source libraries that implement compiler components (like language front-ends, code generators, aggressive optimizers, Just-In-Time compiler support, debug support, link-time optimization, etc.). The goal of the LLVM project is to build these components in a way that allows them to be combined together to create familiar tools (like a C compiler), interesting new tools (like an OpenGL JIT compiler), and many other things we haven't thought of yet. Because LLVM is under continuous development, clients of these components naturally benefit from improvements in the libraries. This talk gives an overview of LLVM's design and approach to compiler construction, and gives several example applications. It describes applications of LLVM technology to llvm-gcc (a C/C++/Objective C compiler based on the GNU GCC front-end), the OpenGL stack in Mac OS/X Leopard, and Clang. Among other things, the Clang+LLVM Compiler provides a fully BSD-Licensed C and Objective-C compiler (with C++ in development) which compiles code several times faster than GCC, produces code that is faster than GCC in many cases, produces better warnings and error messages, and supports many other applications (e.g. static analysis and refactoring).

                                                                                                                                                                                                  • Robert Watson - BSDCan 2008 - Closing
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, robert watson
                                                                                                                                                                                                    Files: PDF file (55 pages, 428 Kb)

                                                                                                                                                                                                    Closing Beer, prizes, secrets, Works In Progress The traditional closing... with some new and interesting twists. Sleep in if you must, but don't miss this session.

                                                                                                                                                                                                  • Leslie Hawthorn - Google SoC
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, google, summer of code, leslie hawthorn
                                                                                                                                                                                                    Files: PDF file (44 pages, 2.2 Mb)

                                                                                                                                                                                                    Google SoC Summer of Code In this talk, I will briefly discuss some general ways Google's Open Source Team contributes to the wider community. The rest of the talk will explore some highlights of the Google Summer of Code program, our initiative to get university students involved in Open Source development. I will cover the program's inception, lessons learned over time and tips for success in the program for both mentors and students. In particular, the talk will detail some experiences of the *BSD mentoring organizations involved in the program as a case study in successfully managing the program from the Open Source project's perspective. Any Google Summer of Code participants in the audience are welcome and encouraged to chime in with their own insights.

                                                                                                                                                                                                  • Pawel Jakub Dawidek - A closer look at the ZFS file system
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, zfs, freebsd, pawel jakub dawidek
                                                                                                                                                                                                    Files: PDF file (33 pages, 150 Kb)

                                                                                                                                                                                                    A closer look at the ZFS file system simple administration, transactional semantics, end-to-end data integrity SUN's ZFS file system became part of FreeBSD on 6th April 2007. ZFS is a new kind of file system that provides simple administration, transactional semantics, end-to-end data integrity, and immense scalability. ZFS is not an incremental improvement to existing technology; it is a fundamentally new approach to data management. We've blown away 20 years of obsolete assumptions, eliminated complexity at the source, and created a storage system that's actually a pleasure to use. ZFS presents a pooled storage model that completely eliminates the concept of volumes and the associated problems of partitions, provisioning, wasted bandwidth and stranded storage. Thousands of file systems can draw from a common storage pool, each one consuming only as much space as it actually needs. The combined I/O bandwidth of all devices in the pool is available to all filesystems at all times. All operations are copy-on-write transactions, so the on-disk state is always valid. There is no need to fsck(1M) a ZFS file system, ever. Every block is checksummed to prevent silent data corruption, and the data is self-healing in replicated (mirrored or RAID) configurations. If one copy is damaged, ZFS detects it and uses another copy to repair it.

                                                                                                                                                                                                  • Rafal Jaworowski - Interfacing embedded FreeBSD with U-Boot
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, embedded, freebsd, u-boot, rafal jaworowski
                                                                                                                                                                                                    Files: PDF file (26 pages, 300 Kb)

                                                                                                                                                                                                    Interfacing embedded FreeBSD with U-Boot Working with the de facto standard for an initial level boot loader In the embedded world U-Boot is a de facto standard for an initial level boot loader (firmware). It runs on a great number of platforms and architectures, and is open source. This talk covers the development work on integrating FreeBSD with U-Boot-based systems. Starting with an overview of differences between booting an all-purpose desktop computer vs. embedded system, FreeBSD booting concepts are explained along with requirements for the underlying firmware. Historical attempts to interface FreeBSD with this firmware are mentioned and explanation given on why they failed or proved incomplete. Finally, the recently developed approach to integrate FreeBSD and U-Boot is presented, with implementation details and particular attention on how it's been made architecture and platform independent, and how loader(8) has been bound to it.

                                                                                                                                                                                                  • John Baldwin - Introduction to Debugging the FreeBSD Kernel
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, paper, debugging, freebsd, john baldwin
                                                                                                                                                                                                    Files: slides, PDF file (26 pages, 113 Kb), paper, PDF file (15 pages, 121 Kb)

                                                                                                                                                                                                    Introduction to Debugging the FreeBSD Kernel Just like every other piece of software, the FreeBSD kernel has bugs. Debugging a kernel is a bit different from debugging a userland program as there is nothing underneath the kernel to provide debugging facilities such as ptrace() or procfs. This paper will give a brief overview of some of the tools available for investigating bugs in the FreeBSD kernel. It will cover the in-kernel debugger DDB and the external debugger kgdb which is used to perform post-mortem analysis on kernel crash dumps. Introduction to Debugging the FreeBSD Kernel Basic crash messages, what a crash looks like typical panic() invocation page fault example "live" debugging with DDB stack traces ps deadlock examples show lockchain show sleepchain Adding new DDB commands KGDB inspecting processes and threads working with kernel modules using scripts to extend examining crashdumps using utilities ps, netstat, etc. debugging strategies kernel crashes system hangs

                                                                                                                                                                                                  • John Birrell - DTrace for FreeBSD
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, dtrace, freebsd, john birrell
                                                                                                                                                                                                    Files: PDF file (49 pages, 148 Kb)

                                                                                                                                                                                                    DTrace for FreeBSD What on earth is that system doing?! DTrace is a comprehensive dynamic tracing facility originally developed for Solaris that can be used by administrators and developers on live production systems to examine the behavior of both user programs and of the operating system itself. DTrace enables users to explore their system to understand how it works, track down performance problems across many layers of software, or locate the cause of aberrant behavior. DTrace lets users create their own custom programs to dynamically instrument the system and provide immediate, concise answers to arbitrary questions you can formulate using the DTrace D programming language. This talk discusses the port of the DTrace facility to FreeBSD and demonstrates examples on a live FreeBSD system. Introduction to the D language - probes, predicates and actions. dtrace(8) and libdtrace - the userland side of the DTrace story. The DTrace kernel module, it's ioctl interface to userland and the provider infrastructure in the kernel. DTrace kernel hooks and the problem of code licensed under Sun's CDDL. What does a DTrace probe actually do? DTrace safety and how it is implemented. Build system changes to add CTF (Compact C Type Format) data to objects, shared libraries and executables. The DTrace test suite. A brief list of things to do to port the DTrace facility to other BSD-derived operating systems.

                                                                                                                                                                                                  • Matthieu Herrb - X.org
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, x.org, matthieu herrb
                                                                                                                                                                                                    Files: PDF file (30 pages, 1.6 Mb)

                                                                                                                                                                                                    X.org upcoming plans The X.Org project provides an open source implementation of the X Window System. The development work is being done in conjunction with the freedesktop.org community. The X.Org Foundation is the educational non-profit corporation whose Board serves this effort, and whose Members lead this work. The X window system has been changing a lot in the recent years, and still changing. This talk will present this evolution, summarizing what has already been done and showing the current roadmap for future evolutions, with some focus on how *BSD kernels can be affected by the developments done with Linux as the primary target.

                                                                                                                                                                                                  • Adrian Chad - What Not To Do When Writing Network Applications
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, network applications, adrian chad
                                                                                                                                                                                                    Files: PDF file (73 pages, 190 Kb)

                                                                                                                                                                                                    What Not To Do When Writing Network Applications The lessons learnt working with not-so-high-performance network applications This talk will look at issues which face the modern network application developer, from the point of view of poorly-designed examples. This will cover internal code structure and dataflow, interaction with the TCP stack, IO scheduling in high and low latency environments and high-availability considerations. In essence, this presentation should be seen as a checklist of what not to do when writing network applications. Plenty of examples of well designed network applications exist in the open and closed source world today. Unfortunately there are just as many examples of fast network applications as there are "fast but workload specific"; sometimes failing miserably in handling the general case. This may be due to explicit design (eg Varnish) but many are simply due to the designer not fully appreciating the wide variance in "networks" - and their network application degrades ungracefully when under duress. My aim in this presentation is to touch on a wide number of issues which face network application programmers - most of which seem not "application related" to the newcomer - such as including pipelining into network communication, managing a balance between accepting new requests and servicing existing requests, or providing back-pressure to a L4 loadbalancer in case of traffic bursts. Various schemes for working with these issues will be presented, and hopefully participants will walk away with more of an understanding about how the network, application and operating systems interact.

                                                                                                                                                                                                  • Rafal Jaworowski - Porting FreeBSD/ARM to Marvell Orion System-On-Chip
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, freebsd, arm, marvell orion, rafal jaworowski
                                                                                                                                                                                                    Files: PDF file (25 pages, 193 Kb)

                                                                                                                                                                                                    Porting FreeBSD/ARM to Marvell Orion System-On-Chip This talk covers the development work on porting the FreeBSD/ARM to Marvell Orion family of highly integrated chips. ARM architecture is widely adopted in the embedded devices, and since the architecture can be licensed, many implementation variations exist: Orion is a derivative compliant with the ARMv5TE definition, it provides a rich set of on-chip peripherals. Present state of the FreeBSD support for ARM is explained, areas for improvement highlighted and its overall shape and condition presented. The main discussion covers scope of the Orion port (what integrated peripherals required new development, what was adapted from existing code base); design decisions are explained for the most critical items, and implementation details revealed. Summary notes are given on general porting methodology, debugging techniques and difficulties encountered during such undertaking.

                                                                                                                                                                                                  • Dan Langille - BSDCan 2008 - Opening session
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, slides, dan langille
                                                                                                                                                                                                    Files: PDF file (17 pages, 500 Kb)

                                                                                                                                                                                                    Opening session Welcome to BSDCan 2008 Traditional greetings

                                                                                                                                                                                                  smp

                                                                                                                                                                                                  snmp

                                                                                                                                                                                                  social networking

                                                                                                                                                                                                  software development

                                                                                                                                                                                                  • Brooks Davis - Using FreeBSD to Promote Open Source Development Methods
                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                    Added: 2008-05-21
                                                                                                                                                                                                    Tags: bsdcan, bsdcan2008, abstract, software development, brooks davis
                                                                                                                                                                                                    Files: PDF file (2 pages, 72 Kb), PDF file (33 pages, 1 Mb)

                                                                                                                                                                                                    Using FreeBSD to Promote Open Source Development Methods In this talk we present Aerosource, an initiative to bring Open Source Software development methods to internal software developers at The Aerospace Corporation. Within Aerosource, FreeBSD is used in several key roles. First, we run most of our tools on top of FreeBSD. Second, the ports collection (both official ports and custom internal ones) eases our administrative burden. Third, the FreeBSD project serves as an example and role model for the results that can be achieved by an Open Source Software projects. We discuss the development infrastructure we have built for Aerosource based largely on BSD licensed software including FreeBSD, PostgreSQL, Apache, and Trac. We will also discuss our custom management tools including our system for managing our custom internal ports. Finally, we will cover our development successes and how we use projects like FreeBSD as exemplars of OSS development.

                                                                                                                                                                                                  solaris

                                                                                                                                                                                                  soren straarup

                                                                                                                                                                                                    source21

                                                                                                                                                                                                    • Fosdem 2006: BSD
                                                                                                                                                                                                      Source: Source21.nl
                                                                                                                                                                                                      Added: 2006-06-05
                                                                                                                                                                                                      Tags: source21, interview, daniel seuffert
                                                                                                                                                                                                      Files:

                                                                                                                                                                                                      We talk with Daniel Seuffert about BSD. Several flavours of BSD were represented in a joint BSD booth: OpenBSD, FreeBSD, NetBSD and MirOS. Daniel is representative of the FreeBSD project and among other things talks about the different operating systems that are build on top of FreeBSD. For instance, there are two distributions called PC-BSD and DesktopBSD that are targeted towards desktop users. There also is a version that specializes on security entitled TrustedBSD.

                                                                                                                                                                                                    spamd

                                                                                                                                                                                                      sparc

                                                                                                                                                                                                      sparc64

                                                                                                                                                                                                        stack virtualization

                                                                                                                                                                                                        stanislav sedov

                                                                                                                                                                                                        • Server deployment in mass-hosting environment using FreeBSD Ports system by Stanislav Sedov (in russian)
                                                                                                                                                                                                          Source: Hostobzor, the Russian conference of hosting provider
                                                                                                                                                                                                          Added: 2008-November-24
                                                                                                                                                                                                          Tags: hostobzor, hostobzor12, freebsd, ports, stanislav sedov, russian
                                                                                                                                                                                                          Files: PDF version (61 Kb, 5 pages), PDF version (470 Kb, 30 pages)

                                                                                                                                                                                                          Recently I have been attending Hostobzor 12th, the Russian conference of hosting providers, beeing held at Raivola hotel near St. Petersburg. The event was great as always thanks to organizers. There was a number of intersting talks given, a lot of interesting discussions held, and, what I appreciate better, a lot of new people with great ideas met. I gave a talk on using the FreeBSD Ports system to mange a large-scale virtual hosting installations based on Hosting Telesystems experience. I tried to describe in detail how we use the ports collection to deploy a large number of servers diverced by architecture and OS versions, how we build packages and distribute them among servers, talked about how we use Mercurial VCS to incrementally merge upstream changes into our modified ports collection and FreeBSD src trees. Hopefully, I've not screwed it much... At least, some people was interested a lot and asked interesting questions.

                                                                                                                                                                                                        stephan uphoff

                                                                                                                                                                                                          stephen borrill

                                                                                                                                                                                                          steven kreuzer

                                                                                                                                                                                                          stream control transmission protocol

                                                                                                                                                                                                          subversion

                                                                                                                                                                                                          • At MeetBSD with some of the FreeBSD Core Team
                                                                                                                                                                                                            Source: bsdtalk
                                                                                                                                                                                                            Added: 2008-November-18
                                                                                                                                                                                                            Tags: bsdtalk, interview, freebsd core team, meetbsd2008, meetbsd, robert watson, brooks davis, kris kennaway, peter wemm, philip paeps, freebsd, subversion
                                                                                                                                                                                                            Files: MP3 version (18 Mb, 38 minutes), Ogg version (38 minutes)

                                                                                                                                                                                                            A conversation with some of the FreeBSD Core Team at MeetBSD California 2008. I speak with Brooks Davis, Kris Kennaway, Robert Watson, Peter Wemm, and Philip Paeps about the recent core team election, FreeBSD 7.1 and 8, Developer Summits, and the move to Subversion.

                                                                                                                                                                                                          • Ivan Ivanov on The Version Control System Subversion
                                                                                                                                                                                                            Source: New York City *BSD User Group
                                                                                                                                                                                                            Added: 2007-02-09
                                                                                                                                                                                                            Tags: nycbug, presentation, subversion, ivan ivanov
                                                                                                                                                                                                            Files: MP3 version

                                                                                                                                                                                                            The presentation will discuss Subversion from both client and server points of view. It will show how to create repositories and how to make them accessible over the network using different access schemes like http://, file:// or svn://. Pointers are given on securing the repositories and on authenticating and authorizing the clients. Next, the presentation shows how an user interacts with the repository and describes some of the important Subversion client commands. Finally, it deals with administrating the repository using "hook scripts". Ivan Ivanov is generally interested in Version Control Systems since his student years in Sofia University, Bulgaria, where he set up and maintained a CVS server for an academic project. When Subversion became a fact and proved to be "a better CVS" he researched it and last year deployed it for his NYC-based employer Ariel Partners (http://www.arielpartners.com/). He integrated the Subversion repositories with Apache Web Server over https to enable a reliable and secure way to access them from any point.

                                                                                                                                                                                                          sucon

                                                                                                                                                                                                          sudo

                                                                                                                                                                                                          • Public Key sudo
                                                                                                                                                                                                            Source: New York City *BSD User Group
                                                                                                                                                                                                            Added: 2008-08-19
                                                                                                                                                                                                            Tags: nycbug, presentation, sudo, public key, matthew burnside
                                                                                                                                                                                                            Files: MP3 version (2 Mb)

                                                                                                                                                                                                            Two tools which have become the norm in Linux- and Unix-based environments are SSH for secure communications, and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this talk, I describe a flaw in their interaction, and then present our solution called public-key sudo. Public-key sudo is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. I describe our implementation of a generic SSH authentication module and the sudo modifications required to use this module. Bio: Matthew Burnside is a Ph.D. student in the Computer Science department at Columbia University, in New York. He works for Professor Angelos Keromytis in the Network Security Lab. He received his B.A and M.Eng from MIT in 2000, and 2002, respectively. His research interests are in network anonymity, trust management, and enterprise-scale policy enforcement.

                                                                                                                                                                                                          summer of code

                                                                                                                                                                                                          • Leslie Hawthorn - Google SoC
                                                                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                            Added: 2008-05-21
                                                                                                                                                                                                            Tags: bsdcan, bsdcan2008, slides, google, summer of code, leslie hawthorn
                                                                                                                                                                                                            Files: PDF file (44 pages, 2.2 Mb)

                                                                                                                                                                                                            Google SoC Summer of Code In this talk, I will briefly discuss some general ways Google's Open Source Team contributes to the wider community. The rest of the talk will explore some highlights of the Google Summer of Code program, our initiative to get university students involved in Open Source development. I will cover the program's inception, lessons learned over time and tips for success in the program for both mentors and students. In particular, the talk will detail some experiences of the *BSD mentoring organizations involved in the program as a case study in successfully managing the program from the Open Source project's perspective. Any Google Summer of Code participants in the audience are welcome and encouraged to chime in with their own insights.

                                                                                                                                                                                                          • FreeBSD Google Summer of Code posters
                                                                                                                                                                                                            Source: FreeBSD Google Summer of Code
                                                                                                                                                                                                            Added: 2009-03-22
                                                                                                                                                                                                            Tags: freebsd, google, summer of code
                                                                                                                                                                                                            Files: PNG version (1.1 Mb, 2480 x 3507 pixels), PDF version (815 Kb, 1 page)

                                                                                                                                                                                                            Two posters usable for the announcement of the participation of the FreeBSD Project in the Google Summer of Code.

                                                                                                                                                                                                          suug

                                                                                                                                                                                                          sysinstall

                                                                                                                                                                                                          sysjail

                                                                                                                                                                                                          syslog

                                                                                                                                                                                                          • Central Syslog
                                                                                                                                                                                                            Source: bsdtalk
                                                                                                                                                                                                            Added: 2008-01-25
                                                                                                                                                                                                            Tags: bsdtalk, syslog
                                                                                                                                                                                                            Files: MP3 version (3 Mb, 7 minutes), Ogg version (7 minutes)

                                                                                                                                                                                                            Setting up a central syslog server. If you are concerned about the security of your logs, use a dedicated machine and lock it down. Keep clocks in sync. You may need to change log rotation schedule in /etc/newsyslog.conf. You can rotate based in size and/or time. This can be as much a policy decision as a hardware decision. On central log host, change syslogd flags to listen to network. Each BSD does this differently, so check the man pages. Also, check out the -n flag for busy environments. Make sure host firewall allows syslog traffic through. Be careful to limit syslog traffic to just the trusted network or hosts. FreeBSD man page refers to syslogd as a "remote disk filling service". For heavy logging environments, it is important to have a dedicated network. A down syslogd server can create a lot of "ARP who-has" broadcasts. Most network devices such as printers and commercial firewalls support sending to a central syslog server. Take a look at "Snare" for Windows hosts. To send messages from a Unix host, specify the host name prepended with @ instead of a file for logging in /etc/syslog.conf. For example, change /var/log/xferlog to @loghost.mydomain.biz. You can also copy and edit the line to have it log to both a local file and a remote host.

                                                                                                                                                                                                          syslogd

                                                                                                                                                                                                          • EuroBSDCon 2008 - Martin Schuette - Improved NetBSD Syslogd
                                                                                                                                                                                                            Source: EuroBSDCon
                                                                                                                                                                                                            Added: 2008-October-22
                                                                                                                                                                                                            Tags: eurobsdcon, eurobsdcon2008, netbsd, syslogd, martin schuette
                                                                                                                                                                                                            Files: OGG (1 byte, 42 minutes), MP3 (1 byte, 42 minutes), PDF (1 byte, n pages)

                                                                                                                                                                                                            Martin Schuette has three main goals, defined by three internet drafts to implement: TLS transport is the most obvious improvement: it provides a reliable network transport with data encryption and peer authentication. To make full use of this a buffering mechanism to bridge temporary network errors is implemented as well. Syslog-protocol extends the message format to use a complete timestamp, include a fully qualified domain name, and allow UTF-8 messages. It also offers a structured data field to unambiguously encode application dependent information. Syslog-sign will allow any syslog sender to digitally sign its messages, so their integrity can be verified later. This enable the detection of loss, deletion or other manipulation syslog data after network transfer or archiving on storage media. Martin Schuette is a student of computer science in Potsdam, Germany, and has been working as a part-time system administrator for BSD servers since 2004. In 2007 Martin Schuette already gave a talk on Syslog at the Chemnitze Linux-Tage (http://chemnitzer.linux-tage.de/2007/vortraege/detail.html?idx=547 in german; for a newer english version see these slides for a seminar talk: http://fara.cs.uni-potsdam.de/~mschuett/uni/syslog-protocols-080522.pdf).

                                                                                                                                                                                                          system management

                                                                                                                                                                                                          • Managing OpenBSD Environments
                                                                                                                                                                                                            Source: New York City *BSD User Group
                                                                                                                                                                                                            Added: 2008-05-12
                                                                                                                                                                                                            Tags: nycbug, presentation, openbsd, system management
                                                                                                                                                                                                            Files: MP3 version (103 minutes, 11 Mb)

                                                                                                                                                                                                            This talk is the result of an after-meeting discussion with a few folks, when it became apparent that there is some confusion as to how to deal with OpenBSD in small and large environments. The topic of installation and upgrading came up again. This talk is aimed to hopefully dispel many of the rumors, provide a thorough description and walk through of the various stages of running OpenBSD in any size environment, and some of the features and tools at the administrator's disposal. Okan Demirmen has been working with UNIX-like systems for as long as he can remember and has found OpenBSD to match some of the same philosophies in which he believes, namely simplicity and correctness, and reap the benefits of such.

                                                                                                                                                                                                          takahiro kurosawa

                                                                                                                                                                                                            talk

                                                                                                                                                                                                            talks

                                                                                                                                                                                                            tar

                                                                                                                                                                                                              tatuya jimei

                                                                                                                                                                                                              tcp

                                                                                                                                                                                                              • Lawrence Stewart - Improving the FreeBSD TCP Implementation
                                                                                                                                                                                                                Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                Added: 2009-05-25
                                                                                                                                                                                                                Tags: bsdcan, bsdcan2009, presentation, freebsd, tcp, lawrence stewart
                                                                                                                                                                                                                Files: Slides (38 pages, 2.1 Mb)

                                                                                                                                                                                                                Improving the FreeBSD TCP Implementation. An update on all things TCP in FreeBSD and how they affect you. My involvement in improving the FreeBSD TCP stack has continued this past year, with much of the work targeted at FreeBSD 8. This talk will cover what these changes entail, why they are of interest to the FreeBSD community and how they help to improve our TCP implementation. It has been a busy year since attending my inaugural BSDCan in 2008, where I talked about some of my work with TCP in FreeBSD. I have continued the work on TCP analysis/debugging tools and integrating modular congestion control into FreeBSD as part of the NewTCP research project. I will provide a progress update on this work. Additionally, a grant win from the FreeBSD Foundation to undertake a project titled "Improving the FreeBSD TCP Implementation" at Swinburne University's Centre for Advanced Internet Architectures has been progressing well. The project focuses on bringing TCP Appropriate Byte Counting (RFC 3465), reassembly queue auto-tuning and integration of low-level analysis/debugging tools to the base system, all of which I will also discuss.

                                                                                                                                                                                                              tcp regression

                                                                                                                                                                                                                tcp-to-sctp

                                                                                                                                                                                                                  tcpdiff

                                                                                                                                                                                                                  • Mike Silbersack - Detecting TCP regressions with tcpdiff
                                                                                                                                                                                                                    Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                    Added: 2009-05-25
                                                                                                                                                                                                                    Tags: bsdcan, bsdcan2009, presentation, tcpdiff, freebsd, mike silbersack
                                                                                                                                                                                                                    Files: Slides (33 pages, 89 Kb)

                                                                                                                                                                                                                    Detecting TCP regressions with tcpdiff Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. Determining if a TCP stack is working correctly is hard. The tcpdiff project aims for a simpler goal: To automatically detect differences in TCP behavior between different versions of an operating system and display those differences in an easy to understand format. The value judgement of whether a certain change between version X and Y of a TCP stack is good or bad will be left to human eyes. The initial version of tcpdiff presented at NYCBSDCon 2008 demonstrated that it could be used to detect at least two major TCP bugs that were introduced into FreeBSD in the past few years. The work from that presentation can be viewed at http://www.silby.com/nycbsdcon08/. For BSDCan 2009, I hope to fix a number of bugs in tcpdiff, make it easier to use, set up nightly tests of FreeBSD, and improve it so that additional known bugs can be detected. Additionally, I plan to run it on OSes other than FreeBSD.

                                                                                                                                                                                                                  tcpip

                                                                                                                                                                                                                    the best of freebsd basics

                                                                                                                                                                                                                    • Dru Lavigne
                                                                                                                                                                                                                      Source: bsdtalk
                                                                                                                                                                                                                      Added: 2008-01-31
                                                                                                                                                                                                                      Tags: bsdtalk, interview, dru lavigne, the best of freebsd basics
                                                                                                                                                                                                                      Files: MP3 version (7 Mb, 14 minutes), Ogg version (14 minutes)

                                                                                                                                                                                                                      Interview with Dru Lavigne. We talk about her new book "The Best of FreeBSD Basics" and also get an update on some other projects including BSD Certification. See the following links for more information: https://register.bsdcertification.org/register/get-a-bsdcg-id http://reedmedia.net/books/freebsd-basics http://www.osbr.ca

                                                                                                                                                                                                                    thin client

                                                                                                                                                                                                                    thin clients

                                                                                                                                                                                                                      thomas glaser

                                                                                                                                                                                                                      thomas mclaughlin

                                                                                                                                                                                                                      tim kientzler

                                                                                                                                                                                                                      tim rightnour

                                                                                                                                                                                                                      time management

                                                                                                                                                                                                                      tom limoncelli

                                                                                                                                                                                                                      tom snow

                                                                                                                                                                                                                        tor

                                                                                                                                                                                                                        trustedbsd

                                                                                                                                                                                                                        tsoyoshi momose

                                                                                                                                                                                                                          tutorial

                                                                                                                                                                                                                          • Peter Hansteen - Building the Network You Need with PF, the OpenBSD packet filter
                                                                                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                            Added: 2009-05-25
                                                                                                                                                                                                                            Tags: bsdcan, bsdcan2009, tutorial, pf, openbsd, peter hansteen
                                                                                                                                                                                                                            Files: Slides (68 pages, 2.5 Mb)

                                                                                                                                                                                                                            Building the Network You Need with PF, the OpenBSD packet filter. Building the network you need is the central theme for any network admin. This tutorial is for aspiring or seasoned network professionals with at least a basic knowledge of networking in general and TCP/IP particular. The session aims at teaching tools and techniques to make sure you build your network to work the way it's supposed to, keeping you in charge. Central to the toolbox is the OpenBSD PF packet filter, supplemented with tools that interact with it. Whether you are a greybeard looking for ways to optimize your setups or a greenhorn just starting out, this session will give you valuable insight into the inner life of your network and provide pointers to how to use that knowledge to build the network you need. The session will also offer some fresh information on changes introduced in OpenBSD 4.5, the most recent version of PF and OpenBSD. The tutorial is loosely based on Hansteen's recent book, /The Book of PF/ (No Starch Press), with updates and adaptations based on developments since the book's publication date.

                                                                                                                                                                                                                          • George Neville-Neil - Networking from the Bottom Up: Device Drivers
                                                                                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                            Added: 2009-05-25
                                                                                                                                                                                                                            Tags: bsdcan, bsdcan2009, tutorial, device drivers, george neville-neil
                                                                                                                                                                                                                            Files: PDF file (68 pages, 480 Kb)

                                                                                                                                                                                                                            Networking from the Bottom Up: Device Drivers. In this tutorial I will describe how to write and maintain network drivers in FreeBSD and use the example of the Intel Gigabit Ethernet driver (igb) throughout the course. Students will learn the basic data structures and APIs necessary to implement a network driver in FreeBSD. The tutorial is general enough that it can be applied to other BSDs, and likely to other embedded and UNIX like systems while being specific enough that given a device and a manual the student should be able to develop a working driver on their own. This is the first of a series of lectures on network that I am developing over the next year or so.

                                                                                                                                                                                                                          • Scott Ullrich, Chris Buechler - pfSense Tutorial
                                                                                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                            Added: 2008-05-28
                                                                                                                                                                                                                            Tags: bsdcan, bsdcan2008, tutorial, freebsd, pfsense, scott ullrich, chris buechler
                                                                                                                                                                                                                            Files: PDF file (91 pages, 4.1 Kb)

                                                                                                                                                                                                                            pfSense Tutorial From Zero to Hero with pfSense pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices. This tutorial is being presented by the founders of the pfSense project, Chris Buechler and Scott Ullrich. The session will start with an introduction to the project, hardware sizing and selection, installation, firewalling concepts and basic configuration, and continue to cover all the most popular features of the system. Common usage scenarios, deployment considerations, step by step configuration guidance, and best practices will be covered for each feature. Most configurations will be demonstrated in a live lab environment. Attendees are assumed to have basic knowledge of TCP/IP and firewalling concepts, however no in-depth knowledge in these areas or prior knowledge of pfSense or FreeBSD is necessary.

                                                                                                                                                                                                                          ty semaka

                                                                                                                                                                                                                          typesetting

                                                                                                                                                                                                                          • EuroBSDCon 2008 - Edd Barret - Modern Typesetting on BSD
                                                                                                                                                                                                                            Source: EuroBSDCon
                                                                                                                                                                                                                            Added: 2008-October-22
                                                                                                                                                                                                                            Tags: eurobsdcon, eurobsdcon2008, typesetting, bsd, edd barrett
                                                                                                                                                                                                                            Files: OGG (1 byte, 33 minutes), MP3 (1 byte, 33 minutes), PDF (1 byte, n pages)

                                                                                                                                                                                                                            Edd Barrett will speak about using the BSD Platform as a means of typesetting from a practical standpoint at EuroBSDcon 2008. Edd Barrett does not wish to go into the technicalities of each typesetter, but rather state which are good for certain types of document, and which tools (ports and packages), integrate well with the available typesetters. Edd Barrett os a student from the UK, currently on "placement year" as a systems administrator for Bournemouth University. Open Source *NIX has been his platform of choice for many years and he has been using OpenBSD for about 3 years now, simply because it is small, clean, correct and secure. Just recently he has started developing things I want or need for OpenBSD.

                                                                                                                                                                                                                          u-boot

                                                                                                                                                                                                                          • Rafal Jaworowski - Interfacing embedded FreeBSD with U-Boot
                                                                                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                            Added: 2008-05-21
                                                                                                                                                                                                                            Tags: bsdcan, bsdcan2008, slides, embedded, freebsd, u-boot, rafal jaworowski
                                                                                                                                                                                                                            Files: PDF file (26 pages, 300 Kb)

                                                                                                                                                                                                                            Interfacing embedded FreeBSD with U-Boot Working with the de facto standard for an initial level boot loader In the embedded world U-Boot is a de facto standard for an initial level boot loader (firmware). It runs on a great number of platforms and architectures, and is open source. This talk covers the development work on integrating FreeBSD with U-Boot-based systems. Starting with an overview of differences between booting an all-purpose desktop computer vs. embedded system, FreeBSD booting concepts are explained along with requirements for the underlying firmware. Historical attempts to interface FreeBSD with this firmware are mentioned and explanation given on why they failed or proved incomplete. Finally, the recently developed approach to integrate FreeBSD and U-Boot is presented, with implementation details and particular attention on how it's been made architecture and platform independent, and how loader(8) has been bound to it.

                                                                                                                                                                                                                          ufs2

                                                                                                                                                                                                                          • EuroBSDCon 2008 - Nick Barkas - Dynamic memory allocation for dirhash in UFS2
                                                                                                                                                                                                                            Source: EuroBSDCon
                                                                                                                                                                                                                            Added: 2008-October-22
                                                                                                                                                                                                                            Tags: eurobsdcon, eurobsdcon2008, ufs2, nick barkas
                                                                                                                                                                                                                            Files: OGG (1 byte, 32 minutes), MP3 (1 byte, 32 minutes), PDF (1 byte, n pages)

                                                                                                                                                                                                                            Hello My name is Nick Barkas. I'm a master's student studying scientific computing at Kungliga Tekniska hgskolan (KTH) in Stockholm, Sweden. I have just begun work on a Google Summer of Code project with FreeBSD: Dynamic memory allocation for dirhash in UFS2 . I would like to present my results from this project at EuroBSDCon this year. This project is very much a work in progress now so it is a bit difficult to summarize what I would ultimately present. I will try to describe an outline, though. First I will give background information on dirhash: an explanation of the directory data structure in UFS2, how directory lookups in this structure necessitate a linear search, and how dirhash speeds these lookups up without having to change anything about the directory data structure. Next I will explain the current limitation that dirhash's maximum memory use must be manually specified by administrators, or left at a small conservative default of 2MB. I will explain some different methods I will have explored to try and make this maximum memory limit dynamically increase and decrease as the system has more or less free memory, and which method I will have ultimately settled on and implemented. Then I'll present some test results of performance of operations on very large directories with and without dynamic memory allocation enabled for dirhash. Next I will talk about how speed gains from dirhash are limited by the fact that the hash tables exist only in memory and must be recreated after each system boot, as big directories are scanned for the first time, or even have to be recreated for a directory that has not been scanned in some time if its dirhash has been discarded to free memory. These problems can be eliminated by using an on-disk index for directory entries. I will talk about some of the challenges of implementing on-disk indexing, such as remaining backwards compatible with older versions of UFS2 and interoperating properly with softupdates. Then, if my SoC project has permitted me time to work on this aspect of it, I will explain some possible methods for adding directory indexing to UFS2 that meets these challenges, and which of those ideas I will have implemented. Finally I will present results of some benchmarks on this filesystem with indices, and compare to performance with dirhash, and with no indices or dirhashes. Keywords: dirhash, ufs2, filesystems, performance tuning

                                                                                                                                                                                                                          ukuug

                                                                                                                                                                                                                          ultrasparc t1

                                                                                                                                                                                                                          unix

                                                                                                                                                                                                                          unix tradition

                                                                                                                                                                                                                          • Isaac 'Ike' Levy on the Real Unix Tradition
                                                                                                                                                                                                                            Source: New York City *BSD User Group
                                                                                                                                                                                                                            Added: 2007-07-08
                                                                                                                                                                                                                            Tags: nycbug, presentation, unix tradition, isaac levy
                                                                                                                                                                                                                            Files: MP3 version (10Mb)

                                                                                                                                                                                                                            "The Real Unix Tradition" UNIX hackers, all standing on the shoulders of giants. "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972 "Well, it was all Open Source, before anybody really called it that". - Brian Redman, 2003 UNIX is the oldest active and growing computing culture alive today. From it's humble roots in the back room at Bell Laboratories, to today's global internet infrastructure- UNIX has consistently been at the core of major advances in computing. Today, the BSD legacy is the most direct continuation of the most successful principles in UNIX, and continues to lead major advances in computing. Why? What's so great about UNIX? This lecture aims to prove that UNIX history is surprisingly useful (and fun)- for developers, sysadmins, and anyone working with BSD systems. About the speaker Isaac Levy, (ike) is a freelance BSD hadker based in NYC. He runs Diversaform Inc. as an engine to make his hacking feed itself, (and ike). Diversaform specializes in *BSD based solutions, providing 'IT special weapons and tatics' for various sized business clients, as well as running a small high-availability datacenter operation from lower Manhattan. With regard to FreeBSD jail(8), ike was a partner in the first jail (8)-based web hosting ISP in America, iMeme, and has been developing internet applications in and out of jails since 1999. Isaac is a proud member of NYC*BUG (the New York City *BSD Users Group), and a long time member of LESMUUG, (the Lower East Side Mac Unix Users Group).

                                                                                                                                                                                                                          unix-tutorial

                                                                                                                                                                                                                          user interfaces

                                                                                                                                                                                                                          • User Interfaces and How People Think
                                                                                                                                                                                                                            Source: New York City *BSD User Group
                                                                                                                                                                                                                            Added: 2008-03-10
                                                                                                                                                                                                                            Tags: nycbug, presentation, user interfaces
                                                                                                                                                                                                                            Files: MP3 version (78 minutes, 9 Mb)

                                                                                                                                                                                                                            "User Interfaces and How People Think" will introduce concepts of designing software for different users by observing how they think about and do what they do. While much of design today focuses on the front-end of computer systems, there is opportunity to innovate in every area where a human interacts with software. Bio: Jeffery Mau is a user experience designer with the leading business and technology consulting firm Sapient. He has helped clients create great customer experiences in the financial services, education, entertainment and telecommunications industries. With a passion for connecting people with technology, Jeff specializes in Information Architecture and Business Strategy. Jeff holds a Masters in Design from the IIT Institute of Design in Chicago, Illinois.

                                                                                                                                                                                                                          varnish

                                                                                                                                                                                                                          vasil dimov

                                                                                                                                                                                                                          videos

                                                                                                                                                                                                                          vimage

                                                                                                                                                                                                                          • May 2008 developer Vimage report
                                                                                                                                                                                                                            Source: YouTube bsdconferences channel
                                                                                                                                                                                                                            Added: 2008-December-31
                                                                                                                                                                                                                            Tags: youtube, freebsd, vimage, marko zec, julian elischer
                                                                                                                                                                                                                            Files: Flash (2:44:36)

                                                                                                                                                                                                                            A sneak peak into the FreeBSD development process. Warning 2 hours! filmed over 2 days. (The schedule worked out was optimistic to say the least but it's still looking ok...) Marko Zec and Julian Elischer report back to the developers at BSDCan on the progress on virtualizing the network stack in FreeBSD. This has been a long term project but at the time of this recording was just reaching the point of feasibility. In this video you can see some of the dynamics of the group as developers become familiar with the project and discussions take place regarding such things as maintainability, ABI compatibility, and even what to call the feature. In this video you can see the decision being made by a "quorum" of developers to take this project mainstream. The sound is less that perfect, but it's what we have. This is a montage of 3 video sources, one of which is a lower resolution, but at times it was the only camera capturing the action. (the other ran out of tape for a while) Thanks to Ed Maste for the added footage. I will be doing more editing later and will be substituting in better footage in some places. clive URL: http://au.youtube.com/watch?v=Px-pSXm32dE

                                                                                                                                                                                                                          • BSDCan-2007 - Videos
                                                                                                                                                                                                                            Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                            Added: 2007-08-13
                                                                                                                                                                                                                            Tags: bsdcan, bsdcan2007, talks, marko zec, vimage
                                                                                                                                                                                                                            Files: MOV file (20 minutes, 44 Mb)

                                                                                                                                                                                                                            The 2007 BSDCan conference Marko Zec explains the vimage architecture

                                                                                                                                                                                                                          virtual machines

                                                                                                                                                                                                                          virtualization

                                                                                                                                                                                                                            vpn

                                                                                                                                                                                                                            • EuroBSDCon 2008 - Russel Sutherland - UTORvpn: A BSD based VPN service for the masses
                                                                                                                                                                                                                              Source: EuroBSDCon
                                                                                                                                                                                                                              Added: 2008-October-22
                                                                                                                                                                                                                              Tags: eurobsdcon, eurobsdcon2008, freebsd, vpn, russel sutherland
                                                                                                                                                                                                                              Files: OGG (1 byte, 52 minutes), MP3 (1 byte, 52 minutes), PDF (1 byte, n pages)

                                                                                                                                                                                                                              The University of Toronto is a large educational institutional with over 70,000 students and 10,000 staff and faculty. For the past three years, we have developed and implemented a ubiquitous VPN service, based up on OpenVPN and FreeBSD. The service has over 3000 active customers, with up to 35 simultaneous users. The system supports, Linux, Mac OS X and Windows XP/Vista/2000 clients. Tools have been developed to create a central CA which enables users to log in to a secure server and get their customized client, certificates and configuration. The NSIS installer is used to generate the customized windows installers. Similar packages are generated for the various Unix based clients. Additional WWW/PHP based tools, have been developed to monitor and log usage of the service, using standard graphs, alarms for excessive use and a certificate revocation mechanism. The system has been integrated into the local identity management system (Kerberos/LDAP) in order to authorize and authenticate users upon initiation and per session usage. All code is Open Source and freely available.

                                                                                                                                                                                                                            waner losh

                                                                                                                                                                                                                            • Warner Losh - Tracking FreeBSD in a commercial Environment
                                                                                                                                                                                                                              Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                              Added: 2009-05-25
                                                                                                                                                                                                                              Tags: bsdcan, bsdcan2009, presentation, freebsd, commercial environment, waner losh
                                                                                                                                                                                                                              Files: Slides (10 pages, 104 Kb), Paper (45 pages, 624 Kb)

                                                                                                                                                                                                                              Tracking FreeBSD in a commercial Environment How to stay current while staying sane The FreeBSD project publishes two lines of source code: current and stable. All changes must first be committed to current and then are merged into stable. Commercial organizations wishing to use FreeBSD in their products must be aware of this policy. Four different strategies have developed for tracking FreeBSD over time. A company can choose to run only unmodified release versions of FreeBSD. A company may choose to import FreeBSD's sources once and then never merge newer versions. A company can choose to import each new stable branch as it is created, adding its own changes to that branch, as well as integrating new versions from FreeBSD from time to time. A company can track FreeBSD's current branch, adding to it their changes as well as newer FreeBSD changes. Which method a company chooses depends on the needs of the company. These methods are explored in detail, and their advantages and disadvantages are discussed. Tracking FreeBSD's ports and packages is not discussed. Companies building products based upon FreeBSD have many choices in how to use the projects sources and binaries. The choices range from using unmodified binaries from FreeBSD's releases, to tracking modify FreeBSD heavily and tracking FreeBSD's evolution in a merged tree. Some companies may only need to maintain a stable version of FreeBSD with more bug fixes or customizations than the FreeBSD project wishes to place in that branch. Some companies also wish to contribute some subset of their changes back to the FreeBSD project. FreeBSD provides an excellent base technology with which to base products. It is a proven leader in performance, reliability and scalability. The technology also offers a very business friendly license that allows companies to pick and choose which changes they wish to contribute to the community rather than forcing all changes to be contributed back, or attaching other undesirable license conditions to the code. However, the FreeBSD project does not focus on integration of its technology into customized commercial products. Instead, the project focuses on producing a good, reliable, fast and scalable operating system and associated packages. The project maintains two lines of development. A current branch, where the main development of the project takes place, and a stable branch which is managed for stability and reliability. While the project maintains documentation on the system, including its development model, relatively little guidance has been given to companies in how to integrate FreeBSD into their products with a minimum of trouble. Developing a sensible strategy to deal with both these portions of FreeBSD requires careful planning and analysis. FreeBSD's lack of guidelines to companies leaves it up to them to develop a strategy. FreeBSD's development model differs from some of the other Free and Open Source projects. People familiar with those systems often discover that methods that were well suited to them may not work as well with FreeBSD's development model. These two issues cause many companies to make poor decisions without understanding the problems that lie in their future. Very little formal guidance exists for companies wishing to integrate FreeBSD into their products. Some email threads can be located via a Google search that could help companies, but many of them are full of contradictory information, and it is very disorganized. While the information about the FreeBSD development process is in the FreeBSD handbook, the implications of that process for companies integrating FreeBSD into their products are not discussed.

                                                                                                                                                                                                                            wapbl

                                                                                                                                                                                                                            • Joerg Sonnenberger - Journaling FFS with WAPBL
                                                                                                                                                                                                                              Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                              Added: 2009-05-25
                                                                                                                                                                                                                              Tags: bsdcan, bsdcan2009, presentation, netbsd, wapbl, ffs, joerg sonnenberger
                                                                                                                                                                                                                              Files: Slides (24 pages, 10 Kb)

                                                                                                                                                                                                                              Journaling FFS with WAPBL NetBSD 5 is the first NetBSD release with a journaling filesystem. This lecture introduces the structure of the Fast File System, the modifications for WAPBL and specific constraints of the implementation. The Fast File System (FFS) has been used in the BSD land for more than two decades. The original implementation offered two operational modes: safe and slow (sync) unsafe and fast (async) One decade ago, Kirk McKusick introduced the soft dependency mechanism to offset the performance impact without risk of mortal peril on the first crash. With the advent of Terabyte hard disks, the need for a file system check (fsck) after a crash becomes finally unacceptable. Even a background fsck like supported on FreeBSD consumes lots of CPU time and IO bandwidth. Based on a donation from Wasabi Systems, Write Ahead Physical Block Logging (WAPBL) provides journaling for FFS with similar or better performance than soft dependencies during normal operation. Recovery time after crashes depends on the amount of outstanding IO operations and normally takes a few seconds. This lecture gives a short overview of FFS and the consistency constraints for meta data updates. It introduces the WAPBL changes, both in terms of the on-disk format and the implementation in NetBSD. Finally the implementation is compared to the design of comparable file systems and specific issues of and plans for the current implementation are discussed.

                                                                                                                                                                                                                            warner losh

                                                                                                                                                                                                                            • A Few FreeBSD Core Team Members
                                                                                                                                                                                                                              Source: bsdtalk
                                                                                                                                                                                                                              Added: 2008-06-05
                                                                                                                                                                                                                              Tags: bsdtalk, interview, bsdcan2008, freebsd core, warner losh, george neville-neil murray stokely, hiroki sato, robert watson, brooks davis, philip paeps
                                                                                                                                                                                                                              Files: MP3 version (12 Mb, 26 minutes), Ogg version (26 minutes)

                                                                                                                                                                                                                              An interview with a few of the FreeBSD Core Team members: Warner Losh, George V. Neville-Neil, Murray Stokeley, Hiroki Sato, Robert Watson, Brooks Davis, and Philip Paeps. The interview was recorded at BSDCan2008 in Ottawa, Cananda.

                                                                                                                                                                                                                            • A Few FreeBSD Core Team Members
                                                                                                                                                                                                                              Source: bsdtalk
                                                                                                                                                                                                                              Added: 2007-05-26
                                                                                                                                                                                                                              Tags: bsdtalk, interview, freebsd core, brooks davis, warner losh, george neville-neil, hiroki sato, robert watson
                                                                                                                                                                                                                              Files: MP3 version (16 Mb, 35 minutes), Ogg version (35 minutes)

                                                                                                                                                                                                                              An interview with a few of the FreeBSD Core Team members: Brooks Davis, Warner Losh, George V. Neville-Neil, Hiroki Sato, and Robert Watson. The interview was recorded at BSDCan in Ottawa, Cananda.

                                                                                                                                                                                                                            • P1B: Tracking FreeBSD in a Commercial Setting
                                                                                                                                                                                                                              Source: YouTube bsdconferences channel
                                                                                                                                                                                                                              Added: 2009-03-27
                                                                                                                                                                                                                              Tags: youtube, presentation, asiabsdcon2008, asiabsdcon, freebsd, warner losh
                                                                                                                                                                                                                              Files: Flash (33:40)

                                                                                                                                                                                                                              P1B: Tracking FreeBSD in a Commercial Setting AsiaBSDCon 2008, M. Warner Losh clive URL: http://www.youtube.com/watch?v=VaZ9Ef04bJg

                                                                                                                                                                                                                            • Embedding FreeBSD, MeetBSD 2008
                                                                                                                                                                                                                              Source: YouTube bsdconferences channel
                                                                                                                                                                                                                              Added: 2008-December-06
                                                                                                                                                                                                                              Tags: youtube, meetbsd, meetbsd2008, embedded, freebsd, philip paeps, warner losh
                                                                                                                                                                                                                              Files: Flash (38:56)

                                                                                                                                                                                                                              Embedding FreeBSD by Warner Losh and Philip Paeps, MeetBSD November 15, 2008 clive URL: http://www.youtube.com/watch?v=Fc3xYrxvIU0

                                                                                                                                                                                                                            • Warner Losh - FreeBSD/mips
                                                                                                                                                                                                                              Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                              Added: 2008-05-26
                                                                                                                                                                                                                              Tags: bsdcan, bsdcan2008, slides, freebsd, mips, embedded, warner losh
                                                                                                                                                                                                                              Files: PDF file (19 pages, 1.3 Mb)

                                                                                                                                                                                                                              FreeBSD/mips Embedding FreeBSD FreeBSD now runs on the MIPS platform. FreeBSD/mips supports MIPS-32 and MIPS-64 targets, including SMP for multicore support. FreeBSD/mips is targeted at the embedded MIPS marketplace. FreeBSD has run on the MIPS platform for many years. Juniper ported FreeBSD to the Mips platform in the late 1990's. However, concern about intellectual property issues kept Juniper from contributing the port back to FreeBSD until recently. The contributed port was a 64-bit mips port. In the mean time, many efforts were made to bring FreeBSD to the mips platform. The first substantial effort to bring FreeBSD to the Mips platform was done by Juli Mallet. This effort made it to single user, but never further than that. This effort was abandoned due to a change in Juli's life. The port languished. Two years ago at BSDcan, as my involvement with FreeBSD/arm was growing, I tried to rally the troops into doing a FreeBSD/mips port. My efforts resulted in what has been commonly called the "mips2" effort. The name comes from the choice of //depot/projects/mips2 to host the work in perforce. A number of people worked on the earliest versions of the port, but it too languished and seemed destined to suffer the same fate as earlier efforts. Then, two individuals stood up and started working on the port. Wojciech A. Koszek and Oleksandr Tymoshenko pulled in code from the prior efforts. Through their efforts of stabilizing this code, the port to the single user stage and ported it to three different platforms. Others ported it to a few more. Snapshots of this work were released from time to time. Cavium Networks picked up one of these snapshots and ported it to their multicore mips64 network processor. Cavium has kindly donated much of their work to the comminuty. In December, I started at Cisco systems. My first job was to merge all the divergent variants of FreeBSD/mips and get it into shape to push into the tree. With luck, this should be in the tree before I give my talk. In parallel to this, other advances in the embedded support for FreeBSD have been happening as well. I'll talk about new device drivers, new subsystems, and new build tools that help to support the embedded developer.

                                                                                                                                                                                                                            whurley

                                                                                                                                                                                                                            wietse venema

                                                                                                                                                                                                                              will backman

                                                                                                                                                                                                                              • Why I like the CLI
                                                                                                                                                                                                                                Source: bsdtalk
                                                                                                                                                                                                                                Added: 2007-09-01
                                                                                                                                                                                                                                Tags: bsdtalk, cli, will backman
                                                                                                                                                                                                                                Files: MP3 version (6 Mb, 12 minutes), Ogg version (12 minutes)

                                                                                                                                                                                                                                Why I like the CLI: Uses minimal resources. Less space, less memory, fewer dependencies. Transparency. GUI hides internals, limits options. Similar between Unix-like systems. GUI tools seem to change every week. Remote management. SSH rocks. Everything is text. Configs, devices, output. CLI is natural complement. Pipes and scripts. One time is hard, a thousand times is easy. Only need a few tools. Grep, sed, awk, vi, cron. Text config files. Easy to version, share, and comment. Requires reading skills instead of clicking skills. Much faster when you know what you are doing.

                                                                                                                                                                                                                              • The Linux Link Tech Show Episode 179
                                                                                                                                                                                                                                Source: The Linux Tink Tech Show
                                                                                                                                                                                                                                Added: 2007-02-17
                                                                                                                                                                                                                                Tags: linux link tech show, talk, will backman
                                                                                                                                                                                                                                Files: MP3 version (31 Mb, 120 minutes)

                                                                                                                                                                                                                                Special Guests Will Backman and Scott Ruecker. Will's talks about his podcast bsdtalk and about Linux and BSD in general. We are joined by Troels also. Dann on Devede and hopes for MythTV. Scott Ruecker talks about Scale and general linux and lxer stuff.

                                                                                                                                                                                                                              william hurley

                                                                                                                                                                                                                              willow vanchkov

                                                                                                                                                                                                                              windows

                                                                                                                                                                                                                              writeup

                                                                                                                                                                                                                              wscons

                                                                                                                                                                                                                              • EuroBSDCon 2008 - Matthieu Herrb - Input handling in wscons and X.Org
                                                                                                                                                                                                                                Source: EuroBSDCon
                                                                                                                                                                                                                                Added: 2008-October-22
                                                                                                                                                                                                                                Tags: eurobsdcon, eurobsdcon2008, wscons, x.org, matthieu herrb
                                                                                                                                                                                                                                Files: OGG (1 byte, 57 minutes), MP3 (1 byte, 57 minutes), PDF (1 byte, n pages)

                                                                                                                                                                                                                                This talk will present the different layers that handle input, from the key that gets pressed or the mouse motion to the applications, all the way through the kernel drivers, X drivers and libraries, in the case of the OpenBSD/NetBSD wscons driver and the current and future X.Org server. It will cover stuff like keyboard mappings, touch-screen calibration, multi-pointer X or input coordinates transformations. It will show some problems of current implementations and try to show how current evolutions can solve them. Matthieu Herrb is maintaing X on OpenBSD. I've been using X on various systems (SunOS, NetBSD, OpenBSD, Mac OS X,...) since 1989. He has been a member of the XFree86 Core Team for a short period in 2003 and is now a member of the X.Org Foundation BoD. Matthieu Herrb works at LAAS a research laborarory of the French National Research Agency (CNRS) both on robotics and network security.

                                                                                                                                                                                                                              x.org

                                                                                                                                                                                                                              • EuroBSDCon 2008 - Matthieu Herrb - Input handling in wscons and X.Org
                                                                                                                                                                                                                                Source: EuroBSDCon
                                                                                                                                                                                                                                Added: 2008-October-22
                                                                                                                                                                                                                                Tags: eurobsdcon, eurobsdcon2008, wscons, x.org, matthieu herrb
                                                                                                                                                                                                                                Files: OGG (1 byte, 57 minutes), MP3 (1 byte, 57 minutes), PDF (1 byte, n pages)

                                                                                                                                                                                                                                This talk will present the different layers that handle input, from the key that gets pressed or the mouse motion to the applications, all the way through the kernel drivers, X drivers and libraries, in the case of the OpenBSD/NetBSD wscons driver and the current and future X.Org server. It will cover stuff like keyboard mappings, touch-screen calibration, multi-pointer X or input coordinates transformations. It will show some problems of current implementations and try to show how current evolutions can solve them. Matthieu Herrb is maintaing X on OpenBSD. I've been using X on various systems (SunOS, NetBSD, OpenBSD, Mac OS X,...) since 1989. He has been a member of the XFree86 Core Team for a short period in 2003 and is now a member of the X.Org Foundation BoD. Matthieu Herrb works at LAAS a research laborarory of the French National Research Agency (CNRS) both on robotics and network security.

                                                                                                                                                                                                                              • Matthieu Herrb - X.org
                                                                                                                                                                                                                                Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                                Added: 2008-05-21
                                                                                                                                                                                                                                Tags: bsdcan, bsdcan2008, slides, x.org, matthieu herrb
                                                                                                                                                                                                                                Files: PDF file (30 pages, 1.6 Mb)

                                                                                                                                                                                                                                X.org upcoming plans The X.Org project provides an open source implementation of the X Window System. The development work is being done in conjunction with the freedesktop.org community. The X.Org Foundation is the educational non-profit corporation whose Board serves this effort, and whose Members lead this work. The X window system has been changing a lot in the recent years, and still changing. This talk will present this evolution, summarizing what has already been done and showing the current roadmap for future evolutions, with some focus on how *BSD kernels can be affected by the developments done with Linux as the primary target.

                                                                                                                                                                                                                              xcast6

                                                                                                                                                                                                                              xen

                                                                                                                                                                                                                              xenocara

                                                                                                                                                                                                                              yaws

                                                                                                                                                                                                                              youtube

                                                                                                                                                                                                                              yuji imai

                                                                                                                                                                                                                              yvan vanhullebus

                                                                                                                                                                                                                              • EuroBSDCon 2008 - Yvan Vanhullebus - IPSec tools: past, present and future
                                                                                                                                                                                                                                Source: EuroBSDCon
                                                                                                                                                                                                                                Added: 2008-October-22
                                                                                                                                                                                                                                Tags: eurobsdcon, eurobsdcon2008, ipsec, yvan vanhullebus
                                                                                                                                                                                                                                Files: OGG (1 byte, 46 minutes), MP3 (1 byte, 46 minutes), PDF (1 byte, n pages)

                                                                                                                                                                                                                                The first part will explain what have been major changes since Manu's presentation at Bale's EuroBSDCon, including more detailed informations on changes which have a significant impact on administrator's bad habits (why the common way of doing it is bad, why it was sometimes needed in the past, how to do it the good way now, why this is far better), on both the UserLand (ipsec-tools project) and maybe in [Free|Net]BSD kernels/ IPSec stacks. The second part will talk about the future of the project. News of the next major version (which may be out or about to be out when we'll be ate EuroBSDCon), news works which are planned or which are done but not yet public, but also news about the team: it's new members, new tools, what we would like to do in tue future, a Yvan VANHULLEBUS works as an R&D security engineer for NETASQ since 2000, where he works on FreeBSD OS. He started to work on KAME's IPSec stack in 2001, provided many patches for various parts of the stack, then became one of the maintainers of ipsec-tools project, a fork of KAME's userland daemon. He became a NetBSD developper when ipsec-tools was migrated to NetBSD's CVS.

                                                                                                                                                                                                                              zach loafman

                                                                                                                                                                                                                              zettabyte

                                                                                                                                                                                                                              zfs

                                                                                                                                                                                                                              • ZFS in FreeBSD, by Pawel Jakub Dawidek
                                                                                                                                                                                                                                Source: YouTube bsdconferences channel
                                                                                                                                                                                                                                Added: 2008-December-31
                                                                                                                                                                                                                                Tags: youtube, freebsd, zfs, pawel jakub
                                                                                                                                                                                                                                Files: Flash (54:34)

                                                                                                                                                                                                                                Pawel goes over ZFS, and tells us the state of the FreeBSD port. Source: Julian clive URL: http://au.youtube.com/watch?v=5-CR3o-Q2CU

                                                                                                                                                                                                                              • Pawel Jakub Dawidek - A closer look at the ZFS file system
                                                                                                                                                                                                                                Source: BSDCan - The Technical BSD Conference
                                                                                                                                                                                                                                Added: 2008-05-21
                                                                                                                                                                                                                                Tags: bsdcan, bsdcan2008, slides, zfs, freebsd, pawel jakub dawidek
                                                                                                                                                                                                                                Files: PDF file (33 pages, 150 Kb)

                                                                                                                                                                                                                                A closer look at the ZFS file system simple administration, transactional semantics, end-to-end data integrity SUN's ZFS file system became part of FreeBSD on 6th April 2007. ZFS is a new kind of file system that provides simple administration, transactional semantics, end-to-end data integrity, and immense scalability. ZFS is not an incremental improvement to existing technology; it is a fundamentally new approach to data management. We've blown away 20 years of obsolete assumptions, eliminated complexity at the source, and created a storage system that's actually a pleasure to use. ZFS presents a pooled storage model that completely eliminates the concept of volumes and the associated problems of partitions, provisioning, wasted bandwidth and stranded storage. Thousands of file systems can draw from a common storage pool, each one consuming only as much space as it actually needs. The combined I/O bandwidth of all devices in the pool is available to all filesystems at all times. All operations are copy-on-write transactions, so the on-disk state is always valid. There is no need to fsck(1M) a ZFS file system, ever. Every block is checksummed to prevent silent data corruption, and the data is self-healing in replicated (mirrored or RAID) configurations. If one copy is damaged, ZFS detects it and uses another copy to repair it.