NYC*BUG Meetings and EventsFeeds: [RSS]
BSD High Availability, Sam Banks
(Audio generously recorded and processed by Nikolai Fetissov)
The BSD High Availability (HA) suite has some very handy and powerful features. However, as with all systems, there are certain considerations to be made when rolling out a HA implementation. This talk will focus on the security considerations when rolling out a BSD HA implementation.
The talk will cover the following:
An explanation of the BSD HA environment (CARP, pfsync, sasyncd)
How these components, specifically CARP, function at a lower level
Current and potential attacks against the HA environment, including some demos
Security considerations when rolling out a HA implementation and applicable work-arounds
Ideas on how to improve the security and flexibility of the BSD HA tool suite
Sam hails from a small country in the middle of nowhere called New Zealand, where people live in mud huts and rub sticks together to produce fire. When not foraging for berries and miscellaneous woodland creatures, Sam works for Lateral Security as a security consultant (a more CEO-friendly word for hacker) where he breaks into systems for a living. Previous to that, he spent several years in programming and system administration roles. He caught the BSD bug many years ago when his friend enlightened him to the fact that he too could have a solid block cursor at the terminal.
Quick Note: Sam contacted us as he`ll be in NYC for a visit, and following the February meeting discussion, we saw it was a great opportunity to have this meeting