Presentations & Papers

Presentations: EuroBSDCon 2005, Basel, Switzerland

Embedded OpenBSD, Niall O'Higgins & Uwe Stuehler

New Evolutions in the X Window System, Matthieu Herrb & Matthias Hopf

The Design and Implementation of OpenOSPFD, Claudio Jeker

rthreads: A New Thread Implementation for OpenBSD, Ted Unangst

Presentations: OpenCON 2005, Venice, Italy

OpenBSD ports and packages, Marc Espie

Porting OpenBSD, Niall O'Higgins & Uwe Stuehler

OpenBSD Networking Update, Henning Brauer

Exploit Mitigation Techniques (updated to include random malloc and mmap), Theo de Raadt

OpenBSD hackathon report, Venezia 2005, Peter Valchev

Paper & Presentation: AUUG 2005

Secure Portability, Damien Miller
Paper (PS and PDF) and presentation slides (online, PS, or tarball) from Australian Unix Users Group AUUG 2005 conference, introducing portable OpenSSH's approach to porting secure software.

Presentation: Tokyo PC Users Group

Open Source in a Windows World: A Business Case for OpenBSD, Mark T. Uemura
Presented to the Tokyo PC Users Group, the largest English-speaking personal computer club in Japan, June, 2005. Focusses on OpenBSD and related open source projects and how businesses can use them to best advantage. Presentation began with a live demo of redundant OpenBSD firewalls with CARP failover.

Presentation: OpenBSD/hppa

OpenBSD/hppa, Michael Shalayeff
Presentation about OpenBSD/hppa and HP PA-RISC given at NYCBUG March 2005 meeting. An attempt has been made to outline the porting effort and describe architecture features essential for operating systems development. Tarball of the presentation for offline viewing.

Presentation: Solutions Linux 2005

OpenBSD, Saâd Kadhi and Marc Espie
French presentation about OpenBSD in general and security with a focus on the ports collection and PF, given during Solutions Linux 2005 in Paris, France in February 2005. This presentation is an update of the SUR Group 200412 one. Tarball of the presentation for offline viewing.

Presentation: SUR Group 200412

OpenBSD et Sécurité, Saâd Kadhi
French presentation about OpenBSD in general and security, given at the December meeting of the SUR Group (Sécurité Unix et Réseaux). This presentation is intended as a general overview of OpenBSD with a particular focus on the security of the system. Tarball of the presentation for offline viewing.

Presentation: OpenCON 04

Signal Handlers, Henning Brauer
Presentation on signal handlers, given at OpenCON 04 in Venice, Italy in December 2004. This presentation outlines some issues to take care of when dealing with signal handlers and possible solutions. Tarball of the presentation for offline viewing.

Presentation: AUUG 04

Exploit Mitigation Techniques, Theo de Raadt
Presentation on exploit mitigation techniques that was presented at AUUG 04 in Melbourne, Australia in September 2004. This presentation outlines implementation details on features such as: stackgap, ProPolice/SSP, W^X, !X, StackGhost & PrivSep. This presentation is an update from the BSDCAN 04 version. Tarball of the presentation for offline viewing.

Presentations: SUCON 04

OpenNTPD, Henning Brauer
Presentation on OpenNTPD that was presented at SUCON 04 in Zurich, Switzerland in September 2004. This presentation outlines implementation details and rationale behind OpenNTPD. Tarball of the presentation for offline viewing.

A Secure BGP Implementation, Henning Brauer
Presentation on BGPD that was presented at SUCON 04 in Zurich, Switzerland in September 2004. This presentation outlines implementation details and rationale behind BGPD. Tarball of the presentation for offline viewing.

Presentations: BSDCAN 04

Exploit Mitigation Techniques, Theo de Raadt
Presentation on exploit mitigation techniques that was presented at BSDCAN 04 in Ottawa, Canada in May 2004. This presentation outlines implementation details on features such as: ProPolice/SSP, W^X, !X, StackGhost & PrivSep. This presentation is an update from the PACSEC 03 version. Tarball of the presentation for offline viewing.

Introduction to PF, Ryan McBride
Presentation on PF for BSDCAN 04 in Ottawa, Canada in May 2004. This presentation outlines the packet filtering basics in OpenBSD and discusses some of the more advanced features in PF such as denial of service mitigation techniques, firewall redundancy, and load balancing. Tarball of the presentation for offline viewing.

Presentation: LSM 03

Enhancing XFree86 security, Matthieu Herrb
This presentation focuses on XFree86 security. It describes the existing access control mechanisms, and two ways to enhance it: the privilege separation code that is now part of OpenBSD's XF4 and one systrace policy for the X server.

Presentation: PACSEC 03

Exploit Mitigation Techniques, Theo de Raadt
This is the initial version of the exploit mitigation techniques presentation. It was presented at PACSEC 03 in Tokyo, Japan in November 2003. This presentation outlines implementation details on features such as: ProPolice/SSP, W^X, !X, StackGhost & PrivSep. Same presentation in Japanese. Tarballs of presentation for offline viewing: English, Japanese.

Presentation: CanSecWest 03

Advances in OpenBSD, Theo de Raadt
This presentation covers a variety of topics including DARPA, the 2002 Hackathon, ProPolice, W^X etc. It was presented at CanSecWest 03 in Vancouver, Canada in April 2003 Magicpoint presentation for offline viewing.

Presentation: CEBIT 03

OpenSSH und OpenBSD, Markus Friedl, Henning Brauer
German presentation on OpenSSH and OpenBSD that was presented at CEBIT 03 in Hannover, Germany in March 2003. It outlines what OpenSSH is and it's history. Tarball of the presentation for offline viewing.

Presentation: AUUG 2002

SSH protocol and tips tutorial, Damien Miller
Slides and tutorial notes from a half-day session on the SSH protocol and the cool things that can be done with it. All examples use OpenSSH (of course). Presented at the Australian Unix Users Group 2002 winter conference. The slides are a brief introduction to the protocol, whereas the notes cover usage examples and tricks. Tarball or postscript of the presentation for offline viewing. Postscript or PDF of the tutorial notes.

Presentation: O'Reilly OSC 2000

Secure Internet Servers/Firewalls with OpenBSD, Ian Darwin
These notes are the outline for the half-day tutorial on Secure Internet Servers/Firewalls with OpenBSD. Presented at the O'Reilly Open Source Conference in Monterey, California in July of 2000. Tarball of the presentation for offline viewing.

Paper & Presentation: USENIX 2000

Transparent Network Security Policy Enforcement, Jason L. Wright, Angelos D. Keromytis
This paper describes the architecture and implementation of a Layer-2 (link layer) bridge with extensions for offering Layer-3 security services. Same paper in PDF format bridgepaper.pdf

Slides that accompany the transparent network security policy enforcement paper. Presented at USENIX 2000 in San Diego, California in June of 2000. Same slides in PDF format bridgeslides.pdf

Paper & Presentation: LISA '99

Dealing with Public Ethernet Jacks, Switches, Gateways, and Authentication, Bob Beck
This paper describes the tools and techniques developed and deployed to address the problem of blocking unauthorized users on unprotected Ethernet jacks. Same paper in PDF format authgw-paper.pdf

Slides that accompany the dealing with public Ethernet jacks paper. Presented at LISA '99 in November of 1999 in Seattle, Washington. Same slides in PDF format authgw-slides.pdf

Papers & Presentations: USENIX 1999

Opening The Source Repository With Anonymous CVS, Charles D. Cranor & Theo de Raadt
Anonymous CVS is an advanced source file distribution mechanism we created to allow open source software projects to distribute source code and information about code to Internet users. Built on top of the Concurrent Versions System (CVS) revision control system, Anonymous CVS safely allows anonymous read-only access to a CVS source repository. Same paper in PDF format anoncvs-paper.pdf

Slides that accompany the anonymous CVS paper. Presented at USENIX 1999 in June of 1999 in Monterey, California. Same slides in PDF format anoncvs-slides.pdf

Future-Adaptable Password Scheme, Niels Provos, David Mazieres
Many authentication schemes depend on secret passwords. Unfortunately the length and randomness of user chosen passwords remain fixed over time. This paper discusses ways of building systems in which password security keeps up with hardware speeds. Same paper in PDF format bcrypt-paper.pdf

Slides that accompany the future-adaptable password scheme paper. Presented at USENIX 1999 in June of 1999 in Monterey, California. Same slides in PDF format bcrypt-slides.pdf

Cryptography in OpenBSD: An overview, Theo de Raadt, Niklas Hallqvist, Artur Grabowski, Angelos D. Keromytis, Niels Provos
This paper gives an overview of the cryptography employed in OpenBSD. It discusses various components like IPsec, SSL libraries, stronger password, encryption, Kerberos IV, random number generators etc, and their role in system security including their interactions with the rest of the system. Same paper in PDF format crypt-paper.pdf

Slides that accompany the cryptography in OpenBSD: an overview paper. Presented at USENIX 1999 in June of 1999 in Monterey, California. Same slides in PDF format crypt-slides.pdf