To meet your needs, the Tutorial Program at BSDCon '03 provides in-depth, immediately useful instruction in the latest techniques, effective tools, and best strategies. The tutorials survey the topic, then dive right into the specifics of what to do and how to do it. Instructors are well-known experts in their fields, selected for their ability to teach complex subjects. Attend tutorials at BSDCon '03 and take valuable skills back to your company or organization. Register now to guarantee your first choiceseating is limited.
Full-Day Tutorials, 9:00 a.m.-5:00 p.m.
Monday, September 8, 2003
FreeBSD 5.X: An Intensive Code Walkthrough NEW
Advanced BSD Security NEW
Tuesday, September 9, 2003
The FreeBSD GEOM Disk I/O Subsystem NEW
Debugging Kernel Problems
If you're not happy, we're not happy. If you feel a tutorial does not meet the high standards you have come to expect from USENIX, let us know by the first break and we will change you to any other available tutorial immediately
Continuing Education Units (CEUs)
USENIX provides Continuing Education Units for a small additional administrative fee. The CEU is a nationally recognized standard unit of measure for continuing education and training and is used by thousands of organizations. Each full-day tutorial, or two half-day tutorials, qualifies for 0.6 CEUs. You can request CEU credit by completing the CEU section on the registration form. USENIX provides a certificate for each attendee taking a tutorial for CEU credit and maintains transcripts for all CEU students. CEUs are not the same as college credits. Consult your employer or school to determine their applicability.
FreeBSD 5.XAn Intensive Code Walkthrough NEW
Dr. Marshall Kirk McKusick, Author and Consultant
Who should attend: This course provides an in-depth study of the source code of
the FreeBSD 5.X kernel. This course is aimed at users with a
good understanding of the algorithms used in the BSD kernel and who
want to learn the details of their implementation. Students
are expected either to have taken the "FreeBSD Kernel Internals"
class taught by the instructor or to have experience working
with a BSD-based kernel (FreeBSD, NetBSD, OpenBSD, or BSD/OS).
Students are also expected to have a thorough background in
reading and programming in C.
In place of the usual lecture slides,
the instructor will display and discuss the FreeBSD kernel source
code. Thus, bringing a laptop to the class will make it easier to follow along. Students will
receive a CD-ROM with the FreeBSD source code. If you don't have a laptop with a CD-ROM drive, you should load the
FreeBSD kernel source onto your laptop before coming to class.
- Overview of FreeBSD 5.X organization
- Support facilities for symmetric multi-processing
- Process and thread organization
- New system daemons
- The UFS2 filesystem
Dr. Marshall Kirk McKusick writes books and articles, consults,
and teaches classes on UNIX- and BSD-related subjects. While at
the University of California at Berkeley, he implemented the 4.2BSD
fast file system and was the Research Computer Scientist at the
Berkeley Computer Systems Research Group (CSRG), overseeing the
development and release of 4.3BSD and 4.4BSD. His particular areas
of interest are the virtual-memory system and the filesystem. He
earned his undergraduate degree in Electrical Engineering from
Cornell University and did his graduate work at the University of
California at Berkeley, where he received a Master's degrees in Computer
Science and Business Administration and a doctoral degree in
Computer Science. He is the president
of the USENIX Association Board of Directors and is a member of AAAS, ACM, and IEEE.
M2: Advanced BSD Security NEW
Mike DeGraw-Bertsch, Consultant
Who should attend: System administrators and managers responsible for securing IT assets
whose requirements have outgrown their existing infrastructure. Participants
should be familiar with basic system security, but expertise is not required.
UNIX administration experience is expected, but work with a particular BSD is
not assumed. Participants will gain a general understanding of risk evaluation and threat
mitigation techniques and will learn how the BSD's security features work,
what they add and what they cost, and how to apply them.
With complex new threats, shrinking budgets, and smaller staffs, just keeping
up on today's security threats sometimes seems impossible. Fortunately, the
BSDs provide you with all the tools you need to fight back, from filesystem
firewalls, to Access Control Lists, to advanced packet filters. This tutorial addresses the risks companies face, discusses how to
evaluate and lessen those risks, and shows how to use newand sometimes
not-so-newBSD tools to create cost-effective, secure computing environments.
It also delves into IPsec, showing how it works, how to secure networks with
it, and how to get the varying implementations to interoperate! Topics
- Assessing risks
- How TrustedBSD addresses the common criteria for IT Security Evaluation
- IPsec internals
- Firewalls: ipfw, ipf, and pf
- Jails and virtual machines
- IPsec interoperability: making racoon and isakmpd talk to each other
- Mandatory Access Controls and discretionary access controls
- Pluggable Authentication Modules (PAM) and One-Time Passwords
In Everything (OPIE)
- Configuration walkthroughs for a secure:
- OpenBSD firewall
- NetBSD log host
- FreeBSD combination mail server and file server
- IPsec VPN end-point (FreeBSD & OpenBSD)
||Mike DeGraw-Bertsch has been working with FreeBSD for ten years and
has been active in security for the last five years. He has written
articles for the O'Reilly Network and SysAdmin Magazine and is writing
UNIX Systems and Network Security for Springer-Verlag. Mike
is a security and networking consultant and spends
his free time as an ice hockey goalie.
The FreeBSD GEOM Disk I/O Subsystem NEW
Poul-Henning Kamp, Consultant
Who should attend: FreeBSD system administrators and power users will learn how to interact with GEOM in order to
control and diagnose problems. FreeBSD programmers will get a comprehensive introduction to the GEOM
subsystem and should be able to go home and write
trivial GEOM transformations with little trouble. Programmers and architects from other OS projects will be able to judge whether they should consider adopting
GEOM for their operating system.
In today's heterogeneous environments, the traditional UNIX
philosophy on disks fails to deliver a competitive service.
Apple's iPod uses Apple's own disk partitioning format, but
UNIX kernels recognize only their own formats.
GEOM is the new disk I/O subsystem in FreeBSD 5.x. It
provides an extensible and modular framework for "doing
things" to disk I/O requests. It allows you to recognize
Apple partitions on your PC and Solaris partitions on your Alpha,
mirror your striped disks, stripe your mirrored disks, and
even stripe your encrypted, mirrored Apple partitions on
your Sparc64 computer.
- What are the problems GEOM tries to solve?
- Why GEOM is more than just another volume manager
- GEOM's design goals
- GEOM in the local landscape: Where does it sit
in the running system, and what does it do?
- GEOM terminology and the OO model used
- Auto-configuration mechanism: How does GEOM
recognize that a disk should be partitioned?
- Removable media: disks that come and go
- Manual configuration, status enquiries, and
||Poul-Henning Kamp has been haunting the European UNIX industry
for 20 years. He has been one of the key developers in
FreeBSD since the very beginning of the project and currently
has more than 3,000 kernel commits to his name. Apart from
GEOM, Poul-Henning is the author of GBDE (disk encryption),
DEVFS, phkmalloc, the MD5-based password scrambler, the
Jail(8) facility, Timecounters, CTM, and a number of device
drivers, and he has drastically modernized the vfs cache,
vnode operations, sysctl, dev_t, and many other parts of the
FreeBSD kernel. Poul-Henning is self-employed, consulting
in FreeBSD, UNIX, security, and operations organization.|
T2: Debugging Kernel Problems
Greg Lehey, LEMIS (SA) Pty Ltd
Who should attend: Kernel developers and experienced system adminstrators. The tutorial
assumes a good working knowledge of BSD system administration and the
C programming language. A knowledge of kernel internals will be
helpful, but is not essential. Depending on prior experience,
participants will lean to locate and either fix or report kernel bugs.
This tutorial will show debugging techniques on live systems. The
operating system for most of the tutorial will be FreeBSD, but it will
explain the (relatively small) differences in NetBSD and OpenBSD.
If time permits, some of these topics will also be demonstrated on
- How and why kernels fail
- Understanding log files: dmesg, /var/log/messages
- Using common tools for debugging a running system: ps, netstat, top
- Building a kernel with debugging support: the options
- Preparing for dumps: dumpon, savecore
- Demonstration: panicing and dumping a system
- Preliminary dump analysis (non-technical, without sources)
- The assembler-level view of a C program
- Introduction to the kernel source tree
- Analysing panic dumps with gdb (technical)
- On-line kernel debuggers: ddb, remote serial gdb
- Debugging a running system with gdb
||Greg Lehey has been in the computer industry for nearly 30 years, during
which time he has performed most jobs, ranging from kernel development
to product management, from systems programming to systems
administration, from processing satellite data to programming gasoline
pumps, from the production of CD-ROMs of ported free software to DSP
instruction set design. He is the author of Porting UNIX Software
(O'Reilly and Associates, 1995) and The Complete FreeBSD. He
works for IBM's Linux Technology Center on storage systems and
low-level PPC kernels.