NYC*BUG

zfs(8), More Proof UNIX is Dead

"This (ZFS) is definately one of the most exciting things for me to see happening."
- 2007, Kirk McKusick, original author of the UFS/FFS Filesystem

Six years of use is enough time for this presenter to trust a new filesystem.

The aim of this talk is to provide enough information to dive right into using ZFS, professionally and personally. This presentation assumes basic UNIX knowledge, and a mind ready to be blown.

The Zettabyte File System (ZFS) is a combined filesystem and logical volume manager. Originally designed by Sun Microsystems, pjd@ ported ZFS to FreeBSD over 6 years ago. The features of ZFS include protection against data corruption, support for high storage capacities, integration of the concepts of filesystem and volume management, snapshots and copy-on-writeclones, continuous integrity checking and automatic repair, RAID-Z and native NFSv4 ACLs.

And that's not even the fun stuff...

Have you ever wanted to just add a disk to grow a RAID volume?
Have you ever wanted to choose to boot from a particular snapshot of a volume?
Have you ever wanted to change filesystem settings on a live mounted volume, like atime or readonly?
Have you ever waited while your life slips away while formatting multi-TB disks?
Have you ever needed to dynamically change the hard limits of a logical disk partition?
Have you ever dreamed of block-level disk compression, to actually put all those fast CPU cores to *some* use?
Have you ever wanted filesystems to perform atomic acrobatics like great database systems can?

This presentation aims to provide a solid overview of:

ZFS core features
ZFS practical usage, from laptops to mammoth file storage
Some modern SATA "gotchas" will be covered
ZFS advanced/special uses, and paths to follow outside this talk
The general state of ZFS on FreeBSD, (and other projects)

Using Xapian to Index your Ports Tree

Much of the existing search software out there is overly complex, bloated with features that you may or may not need, difficult to configure and hard to customize. The xapian library (xapian.org) provides a light-weight alternative with minimal dependencies and a simple programmable interface that is made available in nearly all higher-level languages through swig (swig.org).

Install xapian and the python bindings before the meeting, and over the course of an hour we'll have you indexing and searching your local ports tree, and updating your local index as ports are added, modified or removed on your BSD of choice.

Ansible

Swiss army knife orchestration

MIPS on OpenBSD

Everyone knows the BSDs provide a stable, feature-rich Operating System for the big name and "in the news" CPUs. What you may not know is that you can expect an equally excellent experience on the lesser-known CPUs.

This talk will provide an in-depth look at the Loongson CPU, a mips64el CPU, on OpenBSD. We'll explore its history on OpenBSD and its support for third-party software through OpenBSD's excellent ports system. We'll examine the unique challenges that come with ports and packages on lesser-used CPUs. Finally, we'll discuss the future of MIPS support, including embedded MIPS.

BeagleBone with FreeBSD

How SMPng Works and Why It Doesn't Work The Way You Think

Modern x86 CPUs have hit a wall in frequency scaling and are now expanding sideways by adding more cores. Adding more cores does not magically multiply performance, however. John talks about some of the reasons that it doesn't.

In 2000, FreeBSD launched a project to multithread its kernel to more fully take advantage of modern SMP machines. This talk will give an overview of that project's history and continuing work on improving scalability.

What's New with FreeBSD

This will be an open-ended Q&A-style talk covering some new of recent enhancements to FreeBSD as well some of the experimental upcoming changes. By the end of the talk you should have heard about one FreeBSD technology you hadn't heard of before.

Another Holiday Party

NYC*BUG has joined with LispNYC, NY Haskell, the New York Linux User
Group (NYLUG), PuppetNYC and LOPSA-NY to hold a holiday party on
Tuesday, December 11, 2012 from 7:00 PM until it's over.

It will be at the House of Brews (http://www.houseofbrewsny.com/) at 302
W 51st street in the upstairs room.

*NOTE* Our unHoliday Meeting is still taking place on December 5th.
This is an additional event with the wider technical community in NYC.

There are some sponsors, and we're querying some additional ones, so
some beer and hors d'oeuvres will be provided.

Various registrations via Meetup are posted:

http://www.meetup.com/LispNYC/events/67586702/
http://www.meetup.com/nylug-meetings/events/91284032/
http://www.meetup.com/puppetnyc-meetings/events/91818352/
http://www.meetup.com/NY-Haskell/events/92090222/

NYC*BUG doesn't have an RSVP system up for the event, so pick one of the
above sites.  RSVPs will be given priority if capacity is met, which is
possible.

If you are interested in sponsoring, or have a lead for one, please ping
us offline at admin@

Details are in flux, but we are sure this will be a great social and
networking event.

unHoliday Meeting: Be a Grinch about Your Tech Gripe

For the past several years, our holiday party has been filled with the notion of giving back to the community: your tips, your hacks, your thoughts.

So many people have proved selfless and assisted others that we feel it's time for a change. Let's be honest, we need a time to vent, and there's no reason the holiday season should be immune.

What are your gripes in technology? What do you hate dealing with at your job? Is it some high- (or low-) level scripting language? Some clunky and un-Unix-like application? Dealing with an underdocumented and buggy non-BSD operating system?

Well, here's your chance to let others know how you feel. Prepare a ten minute or so presentation, with maybe a slide or two, and make your case. Be coherent and to-the-point, and maybe others will jump aboard with your argument.

Ping admin@ with your idea, and we look forward to having a meeting which let's us vent out very unholiday season gripes.

Informal Discussion

Due to unforeseen scheduling conflicts in the meeting room, we bumped things up and most people remained for just a plain gathering of like-minded people.

Trying to shoehorn FreeBSD onto embedded devices - why it's not as easy as it could be.

Adrian has been putting FreeBSD onto some small embedded Atheros MIPS devices for quite some time - with varying levels of success. In this talk he will cover what FreeBSD-embedded looks like today, how small can you get your kernel and userland, where the bloat is, and what challenges lie ahead.

NAS: From Scratch

This talk will be on how to build and configure a Network Attached Storage device. The first half will cover hardware purchasing tips, steps to build the computer yourself, and common problems that you might encounter along the way. The second half will cover how to setup your disks (using RAID, ZFS), and configure the required network services to get you up and running quickly.

FreeBSD Bugathon

NYC*BSD is sponsoring a FreeBSD Bugathon along with the Bay Area FreeBSD User Group in California. It's a great opportunity to mingle and coordinate with FreeBSD developers locally and beyond.

http://wiki.freebsd.org/Bugathons/2012July

A basic outline includes: 

o Docs updating and validation
  a. What do the other BSD's say?
  b. Is it it accurate?
  c. Improvements
  d. New docs / examples

o Porting help for creating new ports

o Ports bug busting
  a. Confirming PR's
  b. Fixes to open PR's
  c. Testing various config options (i.e. can I set var=yes in make.conf
     and get useful results?)

We'll also be on efnet #nycbug for coordinating beyond NYC.

Bring a Box, Rock Your tmux(1)

A good terminal multiplexer is a vital part of the UNIX Developer and Systems Engineer toolkit. For the better part of a decade, I installed GNU screen(1) on each and everyone of my machines, dealing with the lack of useful features, over-abundance of useless features, complex configuration mini-language, and it's preference to setuid to root. Then along came the OpenBSD project's tmux(1), and everything changed.

Core to the idea of tmux(1) is a command interface, used for both configuration and run-time, making it a simple, easy-to-learn and easy-to-use (and configure) tool. In addition to this, tmux(1) gives you vertical and horizontal panes, pane templates, simple pane resizing, and so much more. If you're a screen(1) user, consider this a Screen User's Anonymous session; if you have refused to engage a terminal multiplexer to this point, and your monitor is cluttered daily with 20 - 30 terminal windows ... consider this your salvation; either way, bring your box and we'll get you rocking with tmux(1) in a couple of hours.

Networking by Example with the Packet Construction Set

PCS is a set of Python classes and libraries that is currently used for network security and conformance testing. The purpose of PCS is to allow the programmer to express themselves more naturally in network code. All of the bit shifting and low level manipulation usually associated with network programming is handled by the library, allowing the programmer to treat packets as objects, with fields that directly mirror the ones described in IETF and IEEE documents.

To date PCS has been used to test several protocols, including IGMPv3, IPv4, IPv6, The Precision Time Protocol, Yahoo Messenger and several others.

In this talk I will cover the basics of PCS, how to get started with it, and how to use it in your own work.

The Useless Use of *

A brief look at common shell commands and pipelines found in most engineers' scripts, this talk aims to illustrate how the appropriate use of the various flexible unix tools might allow for more efficient execution and argues against the premature dismissal of the shell as a scalable programming environment.

Originally given in 2007 at the Southern California Linux Expo, this updated version of the talk will also diverge into the direction of premature optimization and overuse of "the big gun" for simple problems.

The journey from user to contributor

This will be an open-ended Q&A-style talk covering contributing to FreeBSD. By the end of the talk you should know what makes a good problem report, how to best interact with FreeBSD developers, and how the project handles PRs and anything else that may be relevant.

TCL

TCL is a language that is well handy to know and a very good choice for a system admin to know. It has the following things going for it:

Simple to learn and very stable over time
embedded in Cisco IOS
expect, all of your command line is belonging to me
start kits, or how to deploy fat multi-platform binaries
helpful community
Code is data so you can do very powerful things
Unicode since 8.0, long time ago
TK
you can create your own control structures
very consistent language things work pretty much the same everywhere
Did I mention the event loop?

BSD Networking Topics

Several times a year, we open the floor for more NYC*BUG attendees to speak in brief about a networking related topic of general interest to an array of people.

Topics this time will include:

keeping FreeBSD ports updated
ucspi-tcp
CARP
lagg(4)

There`s always room for more, so come prepared. Remember, these are brief overviews of topics related to BSD networking on a day-to-day basic, not full-blown presentations. There is no need to prepare anything broad and comprehensive.

Cassandra LAN Party

Media6 Degrees

37 East 18th Street , New York, NY

map

This is a special event held by the NYC Cassandra User Group which we're participating in.

This is a BYOL (Bring Your Own Laptop) event! Rather doing a presentation we will setup a multi-datacenter, multi-node environment in a confined lab environment. Cassandra NYC will provide the switches, the virtual machine image, the soda, and chips. We will then use our laptops to set up a 3 datacenter (simulating New York, Japan, France) cassandra cluster with as many laptops as people bring. This event is ideal for those who have never setup Cassandra and want to learn how to setup real world deployments. However, it is also going to be fun for those that have worked with cassandra before, because lets be real, setting up and playing with a multi-node Cassandra cluster is always fun! To help organized this event it is semi-important for us to have a rough count of how many laptops we will have available. If you register chose `bringing 1 guest` if you plan to bring your laptop to the LAN party. (We will provide a VM image on a pen drive)

AWK

Your developers came to you wanting to use a new programming framework they just saw on MTV.

It only builds on Ubuntu, and requires some bleeding-edge ports only available as .deb packages, as well as some large rpm`s which for some reason only install via yum. Not to mention you run a largely *BSD environment, with a few Linux, Solaris, UNIX etc… boxes in the mix.

This is the moment when you whip out awk(1), on any of your UNIX systems, and proceed to blow their minds.

Holiday Meeting

This year will feature a few technical and fun topics.

Ike Levy on A Footnote on Inappropriate Cloud Use "Don't believe the hype..." - Public Enemy
ADAM David Alan Martin on "Riding the Balmer Peak: A tongue-in-cheek look at software engineering, drinking, and bad code."
Boris Kochergin on Bastard Users from Hell: Tales of Sysadmin Perseverance

Come celebrate the holiday season and the beginning of the ninth year of NYC*BUG.

We are open to additional light, fun yet technical talks.

Free Database Systems: What They Should Be, And Why You Should Care

Open source databases depressingly mimic proprietary ones. They compete on "features". They don`t share code or ideas. They don;t formulate a standard a la the IETF and then strive for interoperability. And they are not working toward creating a true RDBMS.

RDMBSs are important and technically challenging. It`s time to bring database management systems -- MySQL, Firebird, Postgres, Ingres, Rel, MonetDB, SQLite, sapdb, et al. -- into the Internet age. Let`s use the tools that made the Internet possible to get out of the database doldrums.

Goals for free DMBSs:

Community
Standard wire protocol
Standard API
New query language
Shared language parser and query optimization library
Adopt lessons from Unix about namespaces and interfaces
Be the thinking man`s choice

Clang on FreeBSD

Clang:

What is it?
Where to get it?
How to build FreeBSD with it
Why use it/advantages?
Fun bits in clang
Remaining GNU toolchain bits, and what`s being done about them
Demo of Clang on FreeBSD, and some of its neat features

RP Counterattack and Net Sensor

Boris will be speaking on two networking topics.

RP Counterattack (will include a demo!):

Monitors traffic on any number of Ethernet interfaces and examines ARP replies and gratuitous ARP requests. If it notices an ARP reply or gratuitous ARP request that is in conflict with its notion of "correct" Ethernet/IP address pairs, it logs the attack if logging is enabled, and, if the Ethernet interface that the attack was seen on is configured as being in aggressive mode, it sends out a gratuitous ARP request and a gratuitous ARP reply with the "correct" Ethernet/IP address pair in an attempt to reset the ARP tables of hosts on the local network segment. The corrective gratuitous ARP request and corrective gratuitous ARP reply can be sent from an Ethernet interface other than the one that the attack was seen on.

http://acm.poly.edu/wiki/ARP_Counterattack

Net Sensor (will include a demo!):

Aims to be a general-purpose, modular network-analysis suite for use in research, diagnostics, forensics, and statistics-gathering. It monitors traffic on an Ethernet interface, performs some pre-processing on it--such as figuring out where a packet`s payload begins--and passes it along to any number of modules. A module is an ELF shared object which may maintain state, write data out to disk using the Berkeley DB-backed Writer library, or send e-mail using the SMTP library. In addition to processing packets from the network, a module can also accept input from any number of other modules. Current modules include an HTTP session-keeping module, an HTTP session-logging module, and a BitTorrent-detection module.

http://acm.poly.edu/wiki/Net_Sensor

BSD Networking Topics

Our August meeting will feature another series of short presentations related to BSD Networking.

Topics will include:

Bruno on "packet tagging with pf"
Bill on "fun with tcpdump"

Aggregating Metrics & Events

Aggregating metrics & events, a necessity to grok systems & apps

Take any off-the-shelf web application, scale it a bit, put in on the cloud. It`s faster, cheaper and easier to assemble & deploy than before. But easier to operate it is not. Whereas 2-4 boxes with 40 metrics each would suffice for the entire app 10 years ago, we`re looking at 10s or 100s of nodes acting semi-autonomously and an avalanche of system metrics, system events, alerts to weed through.

The only way out is through aggregation, filtering and visualization, which is the topic of this talk. Starting the talk from where we should be, we will then look at some libraries/applications that you can use to do this and discuss where these currently fall short.

'High Availability' with FreeBSD Jails and ZFS

After 14 years of jail(8), it`s mature enough for "high availability"

It`s been a long while since we heard a talk on FreeBSD jails from Ike.

In the 14 years since it was committed to FreeBSD, little has fundamentally changed with FreeBSD jail(8), yet the surrounding toolset has pushed jailed virtual servers to a level of noteworthy sophistication and polish- (as though any UNIX tool could really claim to possess either).

New and sexy jail(8) tools:

Jails as platform for HA/Failover Applications

ZFS for jails, in jails, between jails

Wild possibilities using HAST, and GEOM Gate

New run-time configurables

jid specification, smp cpuset, child jails, per-jail sysvipc and raw sockets, plus more...

Multiple IP`s, (ipv6 anyone?!)

devfs(8) and rc(8), teaching new warts old tricks

Base material that will be covered (quickly):

How Jails Work, internals overview.

How to setup jails, a practical how-to, cooking show style...

When NOT to use jails

jail(8) security vulnerabilities, design considerations

Jails vs. Linux UML, XEN, VMware- technical and philosophical differences

Basic jailing tools and management practices

Who wants jails?

System Engineers who need cost-effective high-availability systems.

System Administrators who need to securely separate feuding userland applications.

Software Developers who always need more dev machines.

Educators who need clean unix servers.

Anyone who wants to deploy virtual machines at the internet.

Why do these people want jail(8)?

The design of Jail(8) and jail(2) are very secureable, and because jails use native system utilities,

they are simple to work with using common UNIX tools.

The Unix Method of Development Management

The Unix approach has been summarized in many ways, but most simply it`s about a certain method in simplicity, portability and interoperability. Jamming a square peg into a round hole it`s not.

The chapter entitled Basics of the Unix Philosophy in The Art of Unix Programming provides more comprehensive explanations.

Take that approach and look at development projects with dozens of programmers in whatever language.

How is the Unix method relevant? How do Unix principles aid in structuring and coordinating software development, even for, say, Java developers?

William Baxter argues that the Unix methods and principles are the most useful set of tools for directing developers, even more so when bad habits need to be relearned for the goal of creating good code.

BSD High Availability

The BSD High Availability (HA) suite has some very handy and powerful features. However, as with all systems, there are certain considerations to be made when rolling out a HA implementation. This talk will focus on the security considerations when rolling out a BSD HA implementation.

The talk will cover the following:

An explanation of the BSD HA environment (CARP, pfsync, sasyncd)
How these components, specifically CARP, function at a lower level
Current and potential attacks against the HA environment, including some demos
Security considerations when rolling out a HA implementation and applicable work-arounds
Ideas on how to improve the security and flexibility of the BSD HA tool suite

BigBlueButton

This talk will provide an overview and demonstration of BigBlueButton, an open source project that originated at Ottawa`s Carleton University. It was designed to enable universities to deliver a high quality learning experience to remote users, but can be used by any organization looking for an integrated web conferencing system. Features include video conferencing, shared presentations, shared whiteboard, instant chat, auto chat translation, and localization.

BSD Networking

A number of short topics will be covered, reflecting some of the recent discussion on our Talk list.

Topics will include:

lagg/trunk
sysctl tweaking
bandwidth monitoring with pf tagging

An Introduction to WebDAV

WebDAV is an HTTP-based protocol designed to turn the Web into a writable media. The major web server vendors provide compliant implementations and most OSes come with built-in clients. The presentation will describe how it works and why it is a viable alternative for web publishing.

Holiday Meeting: Your Tips as Community Gifts

Last December, we had a useful and fun meeting with a variety of speakers presenting their day-to-day hacks: small methods and tools that save time and hassles. This year, we'll do the same.

So get ready and think of one or two small hacks that save you time. Maybe it`s saved a few minutes a day, maybe it's saved your job.

And with the holiday season, it`s a great time to give back to the technical community.

The life you may be saving might be someone you actually like!

Post Meeting:

Dan's Bash List Decomposition http://bash.pastebin.com/ejnuFMQg

Mark's Using Rsync and Perl and Daemontools for Content Replication

George's GMail-Checking for the Privacy-Aware

NYCBSDCon 2010

There will be no monthly NYCBUG meeting in November due to NYCBSDCon 2010.

Cooper Students Present

This month's meetings will feature several Cooper Union engineering students presenting their projects.

"A Study of Bayesian Authorship Classification" with Kevin Tien and Nicole Lesperance. From a Natural Language Processing class project.
"Real Time Hand Gesture Recognition" with George Todorov and Eugene Belilovsky.
"Characterization of Light Output Instabilities In Quantum Cascade Lasers Under Pulsed Operation" with Jonathan Ligo.

These presentations will be great opportunities to hear from the next generation of young and bright engineers.

Bruno Scap on Building Email Infrastructure

rganizations and individuals rely on e-mail, and while Google Mail and similar hosted solutions might be a good alternative, sometimes e-mail needs to be hosted in-house. The focus of this talk is building a reliable, scalable, and distributed e-mail infrastructure using open source off-the-shelf tools.

Ivan Ivanov on Examples in Cryptography with OpenSSL

OpenSSL is an ubiquitious SSL/TLS implementation and cryptography toolkit. It is widely used to manipulate keys and certificates for servers and clients and there are a lot of tutorials on how to use it from the command line.

This presentation attempts to go deeper into OpenSSL`s library and give an overview of its API. It will show how to programmatically calculate one-way hashes, perform symmetric and asymmetric encryption and create and verify message authentication codes and digital signatures. The concrete examples will include DES and AES ciphers, RSA and DSA encryption and decryption, Diffie-Hellman key exchange and a simple SSL-enabled application. Some particular algorithms can also be described in more details along with their mathematical properties if time permits but the presentation will be mostly example-driven.

The Go Programming Language

Go is ...
... simple
package main

import "fmt"

func main() {
fmt.Printf("Hello, 世界n")
}
... fast
Go compilers produce fast code fast. Typical builds take a fraction of a second yet the resulting programs run nearly as quickly as comparable C or C++ code.
... safe
Go is type safe and memory safe. Go has pointers but no pointer arithmetic. For random access, use slices, which know their limits.
... concurrent
Go promotes writing systems and servers as sets of lightweight communicating processes, called goroutines, with strong support from the language. Run thousands of goroutines if you want—and say good-bye to stack overflows.
... fun
Go has fast builds, clean syntax, garbage collection, methods for any type, and run-time reflection. It feels like a dynamic language but has the speed and safety of a static language. It`s a joy to use.
... open source

Introduction to GDB for System Administrators and Programmers.

System administrators often have to diagnose and report software anomalies back to developers while programmers often find themselves asking system administrators for specific information about production issues. GDB, while being a debugger and thus mainly a programmer`s tool, allows for gathering enough information from either running or crashed process, so support and development groups can communicate more effectively. We will touch upon relevant usage of GDB and associated tools.

Scapy

Scapy is one of the most powerful packet manipulation programs currently available. One of its powerful features lies within its capability in creating and decoding packets using numerous different types of protocols. In addition, it also has the ability send and receive packets, plus performing a number of useful penetration testing tasks, such as, handling tasks like scanning, tracerouting, network discovery and certain attacks. It serves duties like sending invalid frames, and creating double encapsulated packets in order to perform VLAN hopping. Perform Nmap-like scan much faster, inject 802.11 wireless frames, and combine different types of custom manipulation techniques within a single packet.

Nepenthes

Detecting and defending your network from script kiddies using Nepenthes

We will discuss what is nepenthes, why was it created, how does it work and how to install it. As well as where to install Nepenthes on your network to get the best results. We will have sample analysis of Malicious Binary and show how to figure out what the code is really doing.

PFSense II, Rocking The Datacenter

In 2006, ike gave an overview on PFSense and it`s mother project
m0n0wall, which were new and exciting router platforms back then.

Quote from that first talk, (4 years ago):
  "throw your Linksys/SoHo/WiFi router in the garbage where it belongs"
  http://www.nycbug.org/index.php?NAV=Home;SUBM=10027

Quote for this talk:
  "You might wanna` put your Sonicwall/Juniper/Cisco routers up on Ebay."

pfSense is a free, open source customized distribution of FreeBSD
tailored for use as a firewall and router.  http://pfsense.org/

pfSense has matured into a full-fledged routing platform which fits 
right in at the datacenter.  As all the big router vendors now tout
fully browser-based administration- (over IOS, I2J, etc...) so the
stigma of using pfSense in the enterprise is gone.

Our speaker has been using pfSense in datacenter deployments for over 4 
years, and will be describing how pfSense was used to save and secure
several "organically dysfunctional" corporate networks, and maintain
business continuity.

Throughout the talk, these points will be emphasized:
- Deploys: "Performing an Oil Change at 80mph" (quoting Michael Lucas)
- Corporate Office/Colo Life with pfSense
- Quickly/Safely Training Junior/Senior Network Sysadmins on pfSense
- Taking the Magic/Macho out of HA networking
- Networking can be Reliable/Understood/Fun

Half of this talk is a quick pfSense bootstrap:
- What *is* pfSense? (A Terrific Routing Platform!)
- Hardware (Embedded and Regular x86 Systems)
  - The reality of recycling servers, (Go Green! and other buzzwords)
- Install, basic setup- focused on typical multi-zone networks

The other half of the talk will go through the incredibly advanced tools 
and features that make pfSense an excellent platform for
High-Availability and Security at the datacenter:

- CARP, Physical Redundancy, (and living with HSRP/VRRP/GLBP 
  from your ISP)
- Fully Redundant Load Balancing, 2 common roles:
  - (inbound) Load Balancing to scale Web Servers
  - (outbound) Load Balancing for multi-wan redundant networking
- "Deep Packet Inspection" and other infosec buzzwords, done the 
  PF/BSD way

- Missing your IOS shell?  pfSense gives you a UNIX Shell- infinite 
  possibilities!
  - pfSense/embedded shell specifics, (read-only filesysem on CF?)
    - NanoBSD/implementation notes...
  - Using pf from the shell
    - interacting with system firewall/traffic-shaping/etc..
    - dancing a tango with the GUI
- Syslog, SNMP, and all fixin`s
- Config Management for Network Scaling/Sanity

BSD Certifcation SME Session

NYC*BUG will be hosting a Subject Matter Expert (SME) session to review current and prospective questions for the BSD Certification Exam.

For more information about the SME policy, see the BSD Certification SME Policy.

BSD Certification Exam

NYC*BUG will be hosting the BSD Certification Exam.

For more information, and to register, please look at BSD Certification website.

Systems Programming On A System On A Chip

Embedded software is characterized by a tight coupling to its associated hardware. This means that there is an ability to reduce the hardware and software footprint to the barest version that can possibly support the intended applications of the embedded system. In turn, this means that many libraries written for full-featured operating systems are not well suited to run in the embedded environment, as they often assume a range of system features available in common desktop platforms, but unavailable to many embedded systems.

This talk will emphasize techniques developers can use to make their software more suitable for embedded systems. I will also discuss debugging embedded applications, as well as the process of co-developing custom hardware, and its associated software drivers.

Hadoop a Worldwind Tour

This presentation gives a brief high level overview of Hadoop. Next, we hit the ground running with a quick practical example of how Hadoop solves a "big data" problem. We also discuss how the demonstrated Hadoop processing model scales out to terabytes of data and hundreds or even thousands of computers.

Holiday Meeting: Your Tips as Presents

December's meeting will be an opportunity for an array of people to illustrate their Unix hacks.

In August, Dru Lavigne started a thread on NYCBUG`s talk about "fave BSD tips/tricks?" that brought out some good discussion. We see this meeting as a follow-up, and an opportunity to give your hacks "back to the community" as a holiday gift.

Please submit your one page PDF to admin@, with one, two, or even three simple tips. It might be simple and seemingly stupid, but it could save a few minutes a day for another developer or sysadmin in the meeting.

It could be a creatively piped set of commands, or a simple script that you run through periodic to prevent headaches. The field is wide open.

We will schedule a handful of ten minute or so speakers, and let the crowd take it from there.

FreeBSD 8.0 New Release and Virtualized Networking for All

The release of FreeBSD 8.0 brings with it many new features but none has been more anticipated than the full integration of network stack virtualization into the system. Virtualized network stacks have the potential to revolutionize the use of FreeBSD in the same way that Jails did, by providing a lightweight mechanism through which multiple clients or customers can use a system`s networking resources without interfering with each other. My talk will cover not only network virtualization but also all of the other features and improvements that are present in FreeBSD 8.0.

XMPP Takes AIM: A Lot of Jabber about Real Time Applications

XMPP Without IM

This will be an open-ended Q&A-style talk covering XMPP fundamentals. XML streams, stanza semantics, federation, and extensibility will all be touched on. The purpose will be to cover what makes XMPP different from existing IM solutions and viable as a generic push technology. Come with questions!

How to Get Started with Kernel Programming

This talk is intended to introduce kernel programming for the absolute novice. We will cover:

basic setup
building and booting test kernels
how to write your first system call
a quick overview of the major subsystems including
kernel locking and synchronization primitives
device drivers
VFS layer
memory allocation
networking

BSDA Angoff Session

Call for BSD Certification Group Subject Matter Experts (SME)

Are you a working sysadmin?

Do you manage other sysadmins?

Want to help the BSD Certification Group?

If so, bring your laptop and come join us from 10 am to 2 pm on August 9 to help improve the BSDA exam. RSVP chair AT bsdcertification DOT org for exact downtown Manhattan event location.

BSD Certification: A Case Study in Open Source Community

Since their heyday in the 1990s, IT certifications have gained a bad rap. They are often perceived as money making machines for large companies, havens for braindumps, and certificates which aren`t worth the paper they are written on. We are all familiar with how open source is revolutionizing the proprietary software industry. Open source also has the potential to revolutionize the proprietary certification industry, and the BSD community is leading the way.

This talk will introduce the BSD Certification Group and their effort to create and maintain certifications that effectively assess the skills of BSD system administrators. It will provide an update on BSD certification, some of the lessons learned along the way, and principles other open source communities can use to provide their own certifications.

Dru Lavigne is founder and current chair of the BSD Certification Group. She is a sysadmin, technical trainer, author of BSD Hacks and The Best of FreeBSD Basics, maintainer of @bsdevents, board member of the FreeBSD Foundation, and editor of the Open Source Business Resource. She has been actively involved in the BSD community since 1997.

Please note that NYCBUG will be hosting a BSDA exam on August 2 which we encourage you to sign up for ASAP.

BSDA Exam

NYCBUG will be hosting a BSDA exam for the BSD Certification Group on August 2.

Please register as soon as possible to ensure your spot at the exam.

The exam will be held at 55 Broad Street between Exchange Place and Beaver Street in Manhattan.

Next steps for GNUstep

Gregory Casamento will speak about the advantages GNUstep has over some other environments as well as a brief discussion of it's history and where it's going in the future.

Building Better Tools

Every System Administrator has his or her own set of tools, programs and scripts; within every organization, every team of engineers has theirs. This means that a lot of the software used to maintain the infrastructure around the internet is written by people who are not (primarily) software developers. This talk tries to explain how these people can build better tools: tools that scale well, programs that can easily be extended, systems that behave well.

While not specific to BSD systems in general and completely programming language agnostic, this talk focuses on a number of principles, guidelines and concepts that should apply to virtually any system administrator`s or engineer`s daily routine.

Open Forum

Git: A Case Study In Distributed Version Control

This talk will go over what distributed version control systems (dVCS) mean, and how git applies itself to its problems. The slides are here.

What's your biggest Time Management problem?

Postfix Performance Tuning

Money can buy you bandwidth, but latency is forever! - John Mashey, MIPS

Victor will cover an array of issues connected to Postfix performance tuning, including:

Latency, concurrency and throughput
Postfix input processing
Queue file format rationale
Input processing bottlenecks
Pre-queue filters, milters, content filters
Tuning for fast (enough) input
Postfix on-disk queues, requirements and architecture
What is a "transport"?
Postfix "nqmgr" scheduler algorithm
Per-destination in memory queues
Per-destination scheduler controls
SMTP delivery
Understanding delay logging
Transport process limits, concurrency limits
Scaling to thousands of output processes
Connection caching, TLS session caching, feedback controls

Introduction to Puppet

What it is and how can it make system administration less painful?

Holiday Party

This year's NYC*BUG Holiday Party will be a cash bar event in the backroom of Suspenders Restaurant.

Join us in this social event and celebrate another year of NYC*BUG success!

Hardware Performance Monitoring Counters

Many modern CPUs provide on chip counters for performance events such as retiring instructions and cache misses. The hwpmc driver and libraries in FreeBSD give systems administrators and programmers access to APIs which make it possible to measure performance without modifying source code and with minimal intrusion into application execution. This talk will be a brief introduction to HWPMC, and how to use it.

NYCBSDCon 2008

We are proud to announce NYCBSDCon 2008. Stay tuned as details are released.

Information is available at the NYCBSDCon 2008 web site.

Organizing NYCBSDCon 2008

Public Key sudo

Two tools which have become the norm in Linux- and Unix-based environments are SSH for secure communications, and sudo for performing administrative tasks. These are independent programs with substantially different purposes, but they are often used in conjunction. In this talk, I describe a flaw in their interaction, and then present our solution called public-key sudo.

Public-key sudo is an extension to the sudo authentication mechanism which allows for public key authentication using the SSH public key framework. I describe our implementation of a generic SSH authentication module and the sudo modifications required to use this module.

Configuration Management with Cfengine

Cfengine is a policy-based configuration management system. Its primary function is to provide automated configuration and maintenance of computers, from a policy specification.

The cfengine project was started in 1993 as a reaction to the complexity and non-portability of shell scripting for Unix configuration management, and continues today. The aim was to absorb frequently used coding paradigms into a declarative, domain-specific language that would offer self-documenting configuration.

NYCBSDCon 2008 Organizing Meeting

This meeting will be focused on NYCBSDCon 2008.

The meeting will consist of an overview of the conference as it`s planned for October 11-12 at Columbia University, in addition to plugging in individual members of NYCBUG into roles such as publicity and in the mechanics of the conference.

If you want to be involved with NYCBSDCon 2008, you should attend this meeting.

Managing OpenBSD Environments

This talk is the result of an after-meeting discussion with a few folks, when it became apparent that there is some confusion as to how to deal with OpenBSD in small and large environments. The topic of installation and upgrading came up again. This talk is aimed to hopefully dispel many of the rumors, provide a thorough description and walk through of the various stages of running OpenBSD in any size environment, and some of the features and tools at the administrator`s disposal.

ZFS on FreeBSD

Ike & Yarema will tag-team this meeting.

ZFS - the breakthrough file system in FreeBSD 7 (ported from Sun`s Solaris 10 Operating System) delivers virtually unlimited capacity, provable data integrity, and near-zero administration. However FreeBSD`s sysinstall(8) does not yet support installing the system onto anything more exotic than a commonly used UFS partition scheme. Furthermore, FreeBSD`s boot loader(8) cannot yet load the kernel and modules from ZFS.

This meeting will cover installing FreeBSD 7.0 on ZFS as the root filesystem with a boot partition on a GEOM gmirror. Attendees are encouraged to read, download and try the zfsboot scripts at http://yds.CoolRat.org/zfsboot.shtml The rational behind the zfsboot script will be demystified and an install will be demonstrated. Anyone who brings a (minimum 1 Gig) USB thumb drive can go home with a bootable "root on ZFS" installer. Anyone who brings a hard drive can go home with FreeBSD installed on a ZFS root.

Building a High-Performance Computing Cluster Using FreeBSD

Since late 2000 we have developed and maintained a general purpose technical and scientific computing cluster running the FreeBSD operating system. In that time we have grown from a cluster of 8 dual Intel Pentium III systems to our current mix of 64 dual, quad-core Intel Xeon and 289 dual AMD Opteron systems.

In this talk we reflect on the system architecture as documented in our BSDCon 2003 paper "Building a High-performance Computing Cluster Using FreeBSD" and our changes since that time. After a brief overview of the current cluster we revisit the architectural decisions in that paper and reflect on their long term success. We then discuss lessons learned in the process. Finally, we conclude with thoughts on future cluster expansion and designs.

User Interfaces and How People Think

"User Interfaces and How People Think" will introduce concepts of designing software for different users by observing how they think about and do what they do. While much of design today focuses on the front-end of computer systems, there is opportunity to innovate in every area where a human interacts with software.

Open Meeting on OpenSSH

Febrary's NYCBUG meeting is a broad look at OpenSSH, the de facto method for remote administration and more. OpenSSH celebrated its 8th anniversary this past September, and we thought this would be a great opportunity to discuss OpenSSH, and for others to contribute their hacks and interesting applications.

If you are interested in doing a short spiel on an interesting use, please contact admin@ to let us know.

SSARES

SSARES: Secure Searchable Automated Remote Email Storage is a novel system that offers a practical approach to both securing remotely stored email and allowing privacy-preserving search of that email collection. The paper on this topic is here.

2007 NYTC Holiday Party

Back in 2004, NYCBUG and NYPHP organized the best technical networking event in the New York technical community`s memory. This year we will be replicating that event, with a free open bar, free hors d`oeuvres, sponsor exhibits and many other of New York technologies best and brightest. Unlike normal NYCBUG events, you will be required to register for this event. You should register as soon as possible and get ready to mingle and imbibe with your other technical cohorts. The event will be held at Suspenders Restaurant, and we will have the whole place.

IPv6 Workshop

While the October meeting focused on IPv6, November`s meeting will look at the application of IPv6 by a number of NYCBUG members. Several people are setting up their home or colo`d networks for IPv6 ability. Meanwhile, the NYCBUG cabinet will be ready to provide IPv6 gateway services. Bring along your laptop, and we`ll work to get more people on an IPv6 network for further exploration.

IPv6 Implementation

This talk will be on some of the basics of IPv6 including addressing, subnetting, and tools to test connectivity. There will be a lab (network permitting), and setups for an as of yet undisclosed flavor of BSD as well as some of the well known daemons (Apache 2, SSHD) will be demonstrated. Setting up a BSD OS as an IPv6 router and tunneling system will also be covered. If you`re reading this and see something I missed (and plan on attending the meeting), please drop a mail to the talk@ list and let me know what else should be added. Presentation slides are also available here.

Cryptography in Web Apps

Using Cryptography to Improve Web Application Performance and Security: Cryptography has a reputation of slowing down applications. However if done correctly, it can actually be used to improve performance by storing high-value/high-cost results "in public." In addition the same techniques can solve common security problems such as authorization, parameter scanning, and parameter rewriting. All are welcome -- no previous experience with cryptography is required, and the techniques will be presented in a programming-language neutral format.

NYCBUG-NYPHP Social

We have planned a social get-together for NYCBUG and NYPHP and beyond at the Delancey Lounge in the Lower East Side. The event will be held on Thursday, August 23rd, starting at 6:30 pm. The Delancey Lounge has an all wood terrace on the roof filled with plants. It`s a very nice location. No need to RSVP, just show up. No fee for coming, but it`s a cash bar, of course.

Nagios

Nagios is a platform for monitoring services and the hosts they reside on. It provides a reasonable tool for monitoring your network and you can not beat the price.

We plan on covering the following topics:

what it is
how it works
where to get it
how to install it
how to configure it
how to customize it for your environment
where the data is stored
how to write a basic plug-in

The Real Unix Tradition

"The Real Unix Tradition" !!Please wear your your best shirt, a group photo-op will follow this month`s lecture!! UNIX hackers, all standing on the shoulders of giants.
"...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972
"Well, it was all Open Source, before anybody really called it that". - Brian Redman, 2003
UNIX is the oldest active and growing computing culture alive today. From it`s humble roots in the back room at Bell Laboratories, to today`s global internet infrastructure- UNIX has consistently been at the core of major advances in computing. Today, the BSD legacy is the most direct continuation of the most successful principles in UNIX, and continues to lead major advances in computing. Why? What`s so great about UNIX? This lecture aims to prove that UNIX history is surprisingly useful (and fun)- for developers, sysadmins, and anyone working with BSD systems.

DOS Mitigation

Protecting your servers, workstations and networks can only go so far. Attacks which consume your available Internet-facing bandwidth, or overpower your CPU, can still take you offline. His presentation will discuss techniques for mitigating the effects of such attacks on servers designed to provide network intensive services such as HTTP or routing.

pkgsrcCon

The fourth annual pkgsrcCon is April 27-29 in Barcelona. As might be expected when brains congregate, pkgsrcCon traditionally results in a flurry of activity toward new directions and initiatives. Mere hours after returning to New York, Amitai will give us a recap of the proceedings, including his presentation, "Packaging djbware."

OpenCVS

This presentation was inspired by the recent Subversion presentation. It will talk about the origins of OpenRCS and OpenCVS, its real-world usage in the OpenBSD project, and why OpenBSD will continue to use CVS.

Enterprise Security Mgmt

Security policies are a key component in protecting enterprise networks. But, while there are many diverse defensive options available, current models and mechanisms for mechanically-enforced security policies are limited to traditional admission-based access control. Defensive capabilities include among others logging, firewalls, honeypots, rollback/recovery, and intrusion detection systems, while policy enforcement is essentially limited to one-off access control. Furthermore, access-control mechanisms operate independently on each service, which can (and often does) lead to inconsistent or incorrect application of the intended system-wide policy. We propose a new scheme for global security policies. Every policy decision is made with near-global knowledge, and re-evaluated as global knowledge changes. Using a variety of actuators, we make the full array of defensive capabilities available to the global policy. Our goal is a coherent, enterprise-wide response to any network threat.

Subversion

The presentation will discuss Subversion from both client and server points of view. It will show how to create repositories and how to make them accessible over the network using different access schemes like http://, file:// or svn://. Pointers are given on securing the repositories and on authenticating and authorizing the clients. Next, the presentation shows how an user interacts with the repository and describes some of the important Subversion client commands. Finally, it deals with administrating the repository using "hook scripts".

pf(4)

We have had lots of meetings that have peripherally discussed OpenBSD`s wildly popular PF firewall . . . but finally we will have a meeting focused on it.

Holiday Party

This year`s holiday party with be held with our buddies at NYPHP. We`ll have a couple of brief presentations, sure to put you in the right mood. First, Alfred Perlstein will speak on "Captchas can be LOL." Then, NYPHP`s Hans Zaunere will speak on "Unfashionable FreeBSD: Why Their Threads Are So Last Year." Cash bar and food. So come one, come all, and have a blast. Please RSVP to rsvp AT nycbug DOT org if you plan to attend.

NYCBSDCon 2006

Saturday, October 28-29, 2006

The regularly scheduled meeting for November will be held at NYCBSDCon.

NYCBSDCon planning

This meeting will be focused on building and organizing the upcoming NYCBSDCon 2006 conference to be held on October 28 and 29th. If you want to play a role, have questions, etc., we strongly encourage you to attend and take part in the discussion We`ll review the conference details, and start plugging volunteers into various roles that are needed at the conference.

m0n0wall and PFSense

UNIX professionals are busy these days. Setting up routers and firewalls are fundamental to any network, but in environments where the focus is on various applications, (servers, workstations, and the software that runs on them), it`s difficult for a business not to choose off-the-shelf SOHO routers and networking gear. The web management gui`s are understandable by everyone, (even techs without UNIX knowledge), and the gear is cheap - this saves time and money. In the meantime, the features of your average Linksys or Netgear router often leave MUCH to be desired, (https auth management, for one simple example). Enter m0n0wall and PFSense, 2 BSD based packaged router/firewall solutions that are as solid and full featured as you`d expect from any BSD system- PLUS THEY HAVE HTML WEB INTERFACES FOR MANAGEMENT! m0n0wall and PFSense become an easy sell in any small professional enviornment, any competent tech can manage the network within minutes... At home, in every hackers home network, they free the hacker to have trusted tools available, but are as time-saving as using any Linksys router. m0n0wall and PFSense are both light and clean, designed to run on embedded systems- (Soekris, WRAP), but are monsters when unleashed on even legacy PC`s around the office. If you manage UNIX networks and systems all day, do you really want to manage the router for your DSL when you get home? But then doesn`t it bug you to use a chincey Linksys box?

Open Forum

Our "Open Forum" meetings allow for short presentations on a variety of topics, in addition to providing a better environment for attendees to raise issues and problems they face day-to-day as *BSD sysadmins and developers. We look to these meetings as a "live" version of our dynamic `Talk` mailing list. We have prearranged a number of short spiels for each meeting, including. . . Steven Kreuzer & Nathan Boeger have some methods for scaling a large member base. The technical challenges of scaling websites with large and growing member bases, like social networking sites, are numerous. One of these challenges is how to evenly distribute the growing member base across all available resources. This talk will explore various methods that address this issue. The techniques used can be generalized and applied to various other problems that need to distribute data evenly amongst a finite amount of resources. Jesse Callaway will provide an overview of a *BSD solution to a Windows environment, rsync from remote Win32 systems to *BSD servers, and some fixes for commonly faced problems.

Sendmail Hacks

Alfred will discuss the hacks used to turn Sendmail into a high performance solution for delivering millions of messages to OKCupid`s subscribers. Topics covered will be system tuning and sendmail hacks used in house to achieve massive throughput.

Open Forum

Once again, we are looking to alternate our technical presentation meetings with a more open format that we hope can reflect the vitality of our `talk` list. This time, we have some speakers who will be giving short, ten minute presentations: Ray Lai, who just returned from the OpenBSD Hackathon, will be providing a summary of the event, including giving some insight into the code that was created at this annual happening. Brad Schonhorst will `pass-the-hat` and let everyone know about the current BSD Certification User Group Competition for raising funds. A good number of NYCBUG members are active with the BSD Cerification process, and we are looking forward to a strong, community-based certification that could add to the popularity of the BSDs. Mikel King, who recently added much needed juice into Daemon News-land, will speak about how we can make DN and BSDNews the CNN of the BSDs, and what you can do to help. Plus, we`ll begin a discussion on NYCBSDCon, which this year`s will happen the second weekend in October. We are looking to have active involvement from people in NYCBUG and beyond.

VPN & PAE

Part 1: VPNs with OpenBSD in large corporate networks: Large corporate networks are traditionally a mess. Historically grown, designed and maintained by a number of different people and never really intended to be secure. Above all big companies are operating globally and often use the internet to connect their locations, employees and 3rd party supporters. We need very flexible ways to deal with the vast number of requirements to secure these networks. This talk will show different practical approaches in building flexible secure VPNs with OpenBSD at different network levels.

Part 2: Implementing PAE for OpenBSD/i386: Not yet committed to OpenBSD, Mickey has been working on PAE for OpenBSD i386. Essentially, it`s about supporting up to 64 gig of physical memory.

Open Forum

Please send an email to rsvp at lists dot nycbug dot org with `RSVP` and your full name in the subject line. Past meetings have had a single speaker on a single topic. This time, we have a couple of speakers on a couple of useful topics for about 10 minutes each. Then the floor will be open for *you* to open up a discussion on a topic you are dealing with now. We are looking for the meetings to be useful tools for what *you* as an admin or developer is facing now. This is the time to bring your funky solution or problem to the table, like we do with our talk list, and open up a live discussion.

Systrace for Slackers

Please send an email to rsvp at lists dot nycbug dot org with `RSVP` and your full name in the subject line. Systrace is a facility to confine programs to doing what they are supposed to do. When do they do "bad" things? When they get exploited, of course! Most people either never heard of Systrace or don`t know how to use it. I hope to change both these problems. This meeting is co-sponsored with the Baruch College CIS Society

Xen and the Art of SysAdmin

This presentation will be about using Xen in the real world to simplify the maintenance of BSD systems. There will be a short introduction to Xen and how it works, an in-depth look at the details of one particular Xen setup along with some performance results, and how using Xen simplifies life as an admin.

Java on FreeBSD

Trish will explain how Java can be a useful and stable environment on FreeBSD, as well as the particulars that go into deploying Java in such a highly stressed, highly attacked environment. Trish will also show where the pitfalls and idiosyncrasies with FreeBSD`s java lie, and how to get the most of the FreeBSD/Java production environment.

Jail(8)

Early unix mainframe computing brought elegant process and resource sharing systems which helped get more application use out of expensive hardware. These concerns have been largely been pushed aside in computing with the rise of desktop PCs, and large farms of ever-shrinking pizza boxes in the data center. Today, as more punch gets packed into 1u than ever, server resources can be further consolidated and abstracted to securely separate complex and sophisticated services in the same hardware server, by running secure virtual UNIX machines. FreeBSD Jails are a time-tested, secure, reliable UNIX virtual machine with endless uses.

Who wants jails?

System Administrators who need to securely separate small yet
important services.
Software Developers who always need more dev machines.
System Architects who need affordable high-availability systems.
Educators who could use virtual machines to provide clean unix server
systems for student use.
Anyone who wants *secure* virtual machines.

Why do these people want jail(8)?

The design of Jail(8) and jail(2) are secure, and because jails use native system utilities,
they are simple to work with.

What I would like to focus on:

How Jails Work, the technical low-down
How to setup jails, the practical how-to, cooking show style...
When NOT to use jails
jail(8) security vulnerabilities/considerations
Jails vs. Linux UML, XEN, VMware- technical and philosophical differences
Tools and management practices

Time Mgmt for SysAdmins

Who has the time for time management!? Users interrupt you constantly with requests, your managers want you to get long-term projects done but flood you with requests for quick-fixed, and the machines you manage just never behave, causing problems at the most inopportune moments.

Tom will discuss techniques he has developed over the last 15 years including:

How to find time to get projects done
The best way to manage interruptions from users
Open Source tools for tracking requests
How to turn chaos into free time

The Summer of Code

The Summer of Code is a Google program designed to introduce students to the world of open source software development. NetBSD, one of the oldest open source projects and generally regarded as the most postable operating system in the world, is pleased to participate in this project as a mentoring organizations. The list of possible projects for students to choose from shows that any completed project will benefit the entire Open Source community. Here is the list of accepted projects. In this meeting, Jan Schaumann (who coordinates and overlooks the NetBSD Projects mentorship efforts within the SoC) will present an in-depth summary of these exciting new developments within NetBSD, how the projects started out, what progress they made, what difficulties were overcome and what final achievements were made. New insights on Open Source mentorship and user-developer relationships as well as lessons learned that apply to all open source projects will also be presented. A full list of all accepted projects will be made available soon; a full list of all completed projects will be made available before the meeting.

NYCBSDCon 2005

We are pleased to announce the New York City BSD Conference
WHEN: Saturday, September 17, 2005 (9:00am-5:30pm)
WHERE: Davis Auditorium, Columbia University [map]

See the details at NYCBSDCon Website

Why would you want to come?

Participate, and support the BSD community
Network with some of the best and brightest
Attend presentations by prominent BSD figures
Sit in on lectures on the latest topics
Round out your technical knowledge base
Get together with like minded folks
Meet in person; put a face with an email address

Challenges of large Unix environ

The firm I work at has a large Unix environment (over 5,000 servers) that are kept as identical as possible through the use of networked file systems to hold programs, combined with centralized large-scale administration tools. The presentation will provide a minimal introduction of the environment, then focus on the challenges that this environment poses when integrating software, new hardware, or new operating systems. It will highlight both the pros and cons of open source software and OSes.
I expect a lively discussion of why *BSD and the ports system are not suitable, in their current form, to replace the Linux systems in use at our firm.

OpenBSD IPsec stack

A presentation will be made on the OpenBSD IPsec stack and the related subsystems that make it work (or not). These include the mbuf tags, the Cryptographic Framework, and the isakmpd key-management daemon. We will begin with a brief introduction of IPsec from a 30,000 ft. view, and proceed to the various IPsec components in the OpenBSD kernel.For those interested to do some background reading, see: ipsec.pdf, ipsecspeed.pdf, ocf.pdf, tmipsec-tissec.pdf, mbuf_tags.pdf. Also, here are the slides.

Open Source Software

A presentation will be made on The Evolving Role of Open Source Software in Large Enterprises. Here is the Audio.

Heimdal Kerberos on NetBSD

A presentation will be made on how to use Heimdal Kerberos on NetBSD.

FreeBSD port maintenance

Tutorial on port maintenance: Courier on FreeBSD: The entry point for many people into BSD is using the ports system to install and run just about any application one could ever want on a server. Yarema, yds at coolrat dot org, will give an in-depth tutorial on how he maintains the Courier port to FreeBSD. Yarema has worked out kinks with getting Postfix, Mulberry, and some Ruby libraries to build consistently and easily. He will go line-by-line through the makefiles and show the audience where to find the knobs and the documentation for features such as the interactive configuration menus. Emphasis will be placed on the "Big Daddy" bsd.port.mk, which is 1/5 comments, 4/5 shell code. This will take you into the depths of the Makefile which is not covered in the Porter`s Handbook. After the talk Yarema will be taking questions and firing back answers... a rare opportunity for those interested. After meetings, we customarily go to Denizen to discuss. Here is a map.

OpenBSD on PA-RISC

Michael "Mickey" Shalayeff will talk about the hppa port of OpenBSD which he maintains. He maintains many of the applications which run on this peculiar platform and will provide some insight to the inquisitive as to what this combo can do. Presentation Slides are here.

pkgsrc

The NetBSD Packages Collection (pkgsrc) is a framework for building third-party software on NetBSD and other UNIX-like systems, currently containing nearly 5000 packages. It is used to enable freely available software to be configured and built easily on supported platforms.

Anatomy of a Hack

Holiday Party

When: Wednesday, December 15th, 2004 from 6:30pm to 10:30pm
Where: Exclusive lounge space in Manhattan
Cost: Free, including complimentary beverages and hors d`oeuvres
URL: http://www.nytchp.org/

New York PHP and the New York City *BSD User Group are proud to announce the first annual New York Technical Community Holiday Party.

Keep the evening of Wednesday, December 15th, 2004 open for the first holiday party to embrace and network the entire New York technical community.

This is not a PHP or BSD only event, and will include participants from many technology sectors, including Java, Linux, Perl, and .NET. We`re working hard to make this event embrace all technologies - not only open source - and our goal is to combine free and commercial software in one professional networking event.

Flagship sponsors New York PHP and NYC*BUG are bringing together hundreds of technical professionals from the New York metropolitan area for the New York Technical Community Holiday Party. By uniting diverse skills and interests, open source professionals, IT managers, and top authors and speakers, this event begins a new era in technical, business, and social networking.

Business casual attire is required.

All attendees must RSVP. A reminder with complete details will be sent prior to the event.

Sponsorship

Do not miss this opportunity to reach hundreds of IT professionals.
Download the Sponsorship PDF

Lok Technology, Inc.

Event Pics: 1 2

Meet McKusick & Allman

Columbia University, Mathematics building, Rm. 312

Here is the flier for downloads. Events pics: 1 2

Jail(8)

Isaac Levy will be talking about Jailing systems on FreeBSD. Jail(8) is a facility available in FreeBSD which one can use to create extremely secure virtual machines, running on a single piece of hardware. Isaac will discuss some of the use models for jailing, as well as sharing practical information about how to run Jails. After the meeting, we meet at a nearby bar, Denizen Lounge 73 Thompson Street in SoHo, map available here.

NYCBUG InstallFest

An installfest at Marco's place in Brooklyn. Only one block from the Franklin Ave stop on the C train in downtown Brooklyn. email bsdfest at metm dot org for directions.

Let's make all those jerks with real vacation plans jealous! Interesting problems and strange hardware welcome. Some of us will be bringing our Soekris boxes plus some copies of DragonFlyBSD, FreeBSD, NetBSD and OpenBSD.

Some beers will be available, but more are absolutely welcome. Food (pizza) will be ordered.

OpenBSD on Soekris

Pete Wright will be sharing his experience installing OpenBSD on Soekris devices, small, inexpensive, low-power computers. As a number of NYCBUG members are now official Soekris hackers. One of them, Pete Wright has stepped forward to give a 40 minute presentation on how he got his Soekris hardware up and running with OpenBSD. Additionally we`ll have a short discussion about the new website, and hopefully look towards launching it in the near future!

Secure Architectures

The OpenBSD operating system is a secure, stable, and powerful operating system that is attracting many new and old UNIX users to it. The OpenBSD legacy is peppered with some ingenious security features throughout the OS, and Brandon Palmer is extremely close to all of it. Brandon Palmer will be giving a special overview of OpenBSD to the NYCBUG attendees. Brandon`s book received a rare 9/10 rating when reviewed on slashdot, and this is sure to be a special nycbug meeting!

Hacking Your iBook

Bob Ippolito & Isaac Levy on Hacking Your iBook While it was our smallest meeting yet, with just under 20 people in the room, the topic was a bit more narrow than usual, but the discussion was again great.
Bob and Ike gave a great presentation, and we managed to collect $126 to send to Dan Langille of BSDCan, Freshports and FreeBSDDiary, who had his laptop stolen recently.

BSD Consulting

While the meeting was somewhat smaller than usual, with about 35 people showing their faces for at least some of the meeting, the topic was narrow in its focus. Not everyone is a consultant or interested in the practical questions consultants face. Nevertheless, most people agreed after the meeting that the discussion and presentations were brilliant.
This wasn't some cheerleading session, it was filled with the good and bad realities that consultants face, particularly those performing *BSD related work. Unfortunately, due to time restrictions, Marc`s section on using the ports system was cut short due, but we can plan to have a meeting exclusively based on the ports system at some point in the near future. And once again, a big thank you to Tekserve, who provided us space and were very gracious hosts.

OS X, Darwin and BSD

Some 44 people crammed into the meeting space for Edward Eigerman`s great presentation on OS X, Darwin and BSD. The Apple engineer spoke for some two hours, but no eyes were glazing over as he covered everything from RAID devices and supercomputers, to security and open source issues. We look forward to getting the video of the meeting online, in addition to Edward's slides.

NetBSD crypto disk

March 3rd Meeting on NetBSD`s cgd - About 43 people attended Roland Dowdeswell`s presentation on NetBSD cryptographic disk driver. Ike is in the process of getting the video online and Roland will be posting his notes. The basis of his talk is a FreeNIX paper that is located here. The slides are also there in postscript.

OpenBSD Security

February 4th Meeting on OpenBSD Security - Up to 40 people jammed the room on West 23rd Street to hear Wes Sonnenreich and Jason Albanese speak about OpenBSD security. The meeting discussion was thriving, and those discussions continued on as most people went on to the bar afterwards. For some, the discussions didn't end until 3:30 am. Thanks Wes and Jason.

NYC*BUG BOF @ LinuxWorld Expo

NYCBUG successfully reached out to hundreds of people at the BSDMall and New York PHP tables.

We handed out fliers for the meetings, answered questions conference attendees had about the BSD family, gave a presentation on the backup port Bacula and held a birds-of-a-feather meeting.

Our bof meeting had some fifty participants. Speakers included Michael of NYCBUG, Jeremy Sohn from Wasabi Systems, Don Witt from BSDMall/Daemon News, author Wes Sonnenreich and Dan Langille, organizer of BSDCan.

The audience well represented the various members of the BSD family. Discussion ranged from meeting topics to NYCBUG`s relation to vendors.

There`s no question that we`ve started with a BOOM. Our mailing list already has over 75 members.