Jason Dixon gives an overview of OpenBSD's Packet Filter (pf) features. Following the talk, attendees use OpenBSD Live CDs to test their skills at a basic firewall ruleset in a VLAN network.
[PDF] Introduction to Firewalling with OpenBSD - 306KB
Devon O'Dell gives an introduction to many of Plan 9's unique features.
(stuff about using rio, mouse chording, editing the terminal buffer, etc). It’d get into plumbing (e.g. RFC:1234 + middle click = you get to read RFC 1234), private namespaces (goodbye $PATH), and importing / exporting the network stack, which will be demonstrated to work both ways using different network stacks.
[AVI] Plan Nizzle is tha Shizzle - 438MB
[MP3] Plan Nizzle is tha Shizzle - 58MB
Mike Erdely presented slides from Bernd Ahlers' porting talk as well as his own presentation that covers additional topics relevant to OpenBSD porters.
[MP4] OpenBSD Ports Tutorial - 51MB
[MP3] OpenBSD Ports Tutorial - 10MB
Matt Fisher presented his talk entitled Mistakes to Lure Hackers: Vulnerability 2.0 at the CapBUG meeting in Columbia, MD. Matt introduced the audience to modern web application vulnerabilities including cross-site scripting, SQL injection and even "blind" SQL injection.
Cross-Site-Scripting and SQL Injection are now the most commonly reported vulnerabilities in the CVE. We will examine the entire genre of web application security and the unique security paradigm required, while zooming in on XSS and SQL Injection. Think Web 2.0 sites are neat? So do the bad guys and we'll examine some of the factors going into the "new web" that makes them so vulnerable to script attacks.
Editor's Note: I personally saw this talk in NYC and am very grateful Matt was able to present it again for our group. This was the first MetaBUG video recording/streaming, and the quality suffers a bit. We have learned quite a bit from just our first session and expect that future presentations will be much improved in both video and audio quality.
[MP4] Mistakes to Lure Hackers: Vulnerability 2.0 - 95MB
The video is also available at Google Video.
© 2009. Some rights reserved. You are free to copy, distribute, display and link to the work under the following conditions: you must attribute the work to the author, Matt Fisher, SPI Dynamics.