Capital Area BSD Users Group

This month’s meeting was once again at Raba in Columbia. We had nine attendees, but with two presenters, that’s not all that great! In a BSD Users Group, it’s the Users that make the group great! I hope we have more participation next month.

To start us off, Johan Huldtgren gave a short talk about FreeBSD’s GEOM ([PDF Slides]). He discussed the basics behind the software RAID framework and explained how he uses it.

To close the meeting, Bret Lambert (tbert) gave a talk about contributing code to the OpenBSD project ([HTML Slides]). He talked about learning C, finding a place to start, kernel hacking and being patient waiting for interest in your diffs.

Audio versions of the meeting are also available as part of MetaBUG: OGG and MP3. (Thanks to Newt0n for hosting the files)

Many thanks to Johan and Bret for their great talks!

We adjourned the meeting across the street at the Green Turtle.

Filed under: Meetings | No Comments »

This month’s meeting was once again at Raba in Columbia. We had ten attendees, so attendance was pretty good.

After a few technical hurdles (no DVI converter for Patrick’s laptop and a seemingly broken VGA out on mine), the meeting got underway with Patrick Thomasson’s presentation on OpenVPN (HTML or OpenVPN Presentation PDF). He gave an overview of how to setup OpenVPN and included several pitfalls one could face along with ways to avoid them.

After Patrick, I gave a short talk on Yaifo. Since most everyone was familiar with Yaifo, it was a very brief talk.

We closed the meeting next door at Nottingham’s where the discussion never swayed from serious BSD-related issues. Or something.

Filed under: Meetings | No Comments »

This month’s meeting was at SPARTA’s office in Columbia and had 13 attendees.

Matt Fisher presented his talk entitled “Mistakes to Lure Hackers: Vulnerability 2.0″. Matt introduced the audience to modern web application vulnerabilities including cross-site scripting, SQL injection and even “blind” SQL injection.

Cross-Site-Scripting and SQL Injection are now the most commonly reported vulnerabilities in the CVE. We will examine the entire genre of web application security and the unique security paradigm required, while zooming in on XSS and SQL Injection. Think Web 2.0 sites are neat? So do the bad guys and we’ll examine some of the factors going into the “new web” that makes them so vulnerable to script attacks.

Jason’s comment: “I personally saw this talk in NYC and am very grateful Matt was able to present it again for our group. This was the first MetaBUG video recording/streaming, and the quality suffers a bit. We have learned quite a bit from just our first session and expect that future presentations will be much improved in both video and audio quality.”

As part of MetaBUG, Matt’s talk is available an an MP4 download (95 MB) or via Google Video.

Thank you to Matt for donating his time to share his presentation with our BUG. Thank you to Jason for providing the live video and archive video for the meeting. We’ll be planning next month’s meeting soon, so stay tuned.

Filed under: Meetings | No Comments »

This month’s meeting was at SPARTA’s office in Columbia. There were 16 attendees this time so Columbia may be a more popular meeting place for us. For this meeting, we had Jason Dixon giving the main presentation on Secure Mail Servers with BSD. Afterwards, Patrick Thomasson gave a short talk about Pure-FTPd.

Jason opened the meeting by announcing the creation of MetaBUG: a Global BSD User Groups organization founded to promote local BSD user groups by helping to share ideas and experiences with other BUG organizations, in addition to possible collaboration and “virtual attendance” from anywhere in the world.

His presentation, Secure Mail Servers with BSD, covered mail delivery using Postfix, a drop-in sendmail replacement, configured for virtual mailboxes and domains, greylisting using OpenBSD’s spamd, and content filtering with amavisd-new (ClamAV, SpamAssassin and Vipul’s Razor). Mail retrieval duties focused on the Courier-IMAP service and RoundCube webmail. Presentation slides: HTML, PDF and zipped Keynote.
Read more »

Filed under: Meetings | No Comments »

We all met at Epok’s office in Bethesda, MD for our first official meeting last night. A total of eleven members were in attendance to hear Mike Erdely’s presentation on the binpatch binary patching system for OpenBSD. It looks like nice way of maintaining patches for multiple systems, although I argued that the same could be done with a few shell commands. However, if some of the proposed features that Mike discussed (patch_add, patch_info, etc) become realized, some very interesting advancements could develop (commercial patch distribution, anyone?). Presentation slides: HTML or PDF.

There was time left, so I did a quick overview of FreeNAS running in a Parallels virtual system on my MacBook Pro. FreeNAS is a very simple way of getting a commodity NAS installed for any home or business. It supports software RAID, and the footprint clocks in at a miniscule 38MB.

In a general discussion, Mike talked briefly about using FuzzyOcr with SpamAssassin to more successfully catch image spam.

Around 8:30pm EST, we decided to grab some dinner over at the Daily Grill. It was a cold 4-block stroll over to the Hyatt Regency, but the Guinness was worth it. The bill was almost as painful as a weekend with SELinux, but the food and service made it worthwhile.

Thanks to everyone who came out for the first official get-together. I’m looking forward to meeting all of the other members who couldn’t attend. The next meeting will be held at Todd C. Miller’s office in Columbia, MD. More details to follow.

Filed under: Meetings | No Comments »