From announce at lists.nycbug.org Wed Mar 3 12:28:37 2010 From: announce at lists.nycbug.org (NYC*BUG Announcements) Date: Wed, 03 Mar 2010 12:28:37 -0500 Subject: [announce] NYC*BUG Tonight, BSDCan Message-ID: <4B8E9C45.20902@ceetonetechnology.com> March 03, 2010, Wednesday PFSense II, Rocking The Datacenter 6:45 PM, Suspenders Restaurant http://www.suspendersbar.com/location.php In 2006, ike gave an overview on PFSense and it`s mother project m0n0wall, which were new and exciting router platforms back then. Quote from that first talk, (4 years ago): "throw your Linksys/SoHo/WiFi router in the garbage where it belongs" http://www.nycbug.org/index.php?NAV=Home;SUBM=10027 Quote for this talk: "You might wanna` put your Sonicwall/Juniper/Cisco routers up on Ebay." pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. http://pfsense.org/ pfSense has matured into a full-fledged routing platform which fits right in at the datacenter. As all the big router vendors now tout fully browser-based administration- (over IOS, I2J, etc...) so the stigma of using pfSense in the enterprise is gone. Our speaker has been using pfSense in datacenter deployments for over 4 years, and will be describing how pfSense was used to save and secure several "organically dysfunctional" corporate networks, and maintain business continuity. Throughout the talk, these points will be emphasized: - Deploys: "Performing an Oil Change at 80mph" (quoting Michael Lucas) - Corporate Office/Colo Life with pfSense - Quickly/Safely Training Junior/Senior Network Sysadmins on pfSense - Taking the Magic/Macho out of HA networking - Networking can be Reliable/Understood/Fun Half of this talk is a quick pfSense bootstrap: - What *is* pfSense? (A Terrific Routing Platform!) - Hardware (Embedded and Regular x86 Systems) - The reality of recycling servers, (Go Green! and other buzzwords) - Install, basic setup- focused on typical multi-zone networks The other half of the talk will go through the incredibly advanced tools and features that make pfSense an excellent platform for High-Availability and Security at the datacenter: - CARP, Physical Redundancy, (and living with HSRP/VRRP/GLBP from your ISP) - Fully Redundant Load Balancing, 2 common roles: - (inbound) Load Balancing to scale Web Servers - (outbound) Load Balancing for multi-wan redundant networking - "Deep Packet Inspection" and other infosec buzzwords, done the PF/BSD way - Missing your IOS shell? pfSense gives you a UNIX Shell- infinite possibilities! - pfSense/embedded shell specifics, (read-only filesysem on CF?) - NanoBSD/implementation notes... - Using pf from the shell - interacting with system firewall/traffic-shaping/etc.. - dancing a tango with the GUI - Syslog, SNMP, and all fixin`s - Config Management for Network Scaling/Sanity As Sr. Infrastructure Engineer at the emerging startup Proclivity Systems, Isaac ".ike" Levy is ob sessed with high-availability systems and transparent failover, mostly because he likes to sleep a t night. Standing on the shoulders of giants, his background includes partnering to run a Virtual Server ISP before there was ever a cloud in the sky, as well as having a long history hacking int ernet-facing applications on UNIX systems. .ike has been a part of NYC*BUG since it was first launched in January 2004. He was a long-time me mber of the Lower East Side Mac Unix User Group, and is still in denial that this group no longer exists. He has spoken frequently on a number of topics at various venues, particularly on the issue of FreeBSD`s jail (8). * * * * Registration for BSDCan is now open. http://www.bsdcan.org/2010/registration.php From announce at lists.nycbug.org Sun Mar 21 23:01:07 2010 From: announce at lists.nycbug.org (NYC*BUG Announcements) Date: Sun, 21 Mar 2010 23:01:07 -0400 Subject: [announce] Some NYC*BUG announcements Message-ID: <4BA6DD73.1000900@ceetonetechnology.com> * Jobs list for internships * BSDCan registration is open * Upcoming meetings * The NYC*BUG data center cabinet * NYCBSDCon 2010 update * * * * * * We are opening up (and soliciting) the use of our jobs list (http://lists.nycbug.org) to internships. Please let admin@ know if you have any questions, but we strongly believe that broadening the list's function will be an asset to NYCBUG and our various relations. We have a number of very bright Cooper Union electrical engineering students interested in opportunities. * * * * * * Registration for BSDCan is now open at http://www.bsdcan.org/2010/registration.php. BSDCan 2010 will be held on 13-14 May 2010 at the University of Ottawa, in Canada, and will be preceded by two days of tutorials on 11-12 May 2010. We strongly encourage everyone to attend. Feel free to query the talk@ list to sort out car-pooling, etc. * * * * * * The next two meetings will be security-focused, approaching honey pots with Nepenthes on April 7th and packet-manipulation with Scapy on May 5th. If you have a possible topic for a meeting, please contact admin at . * * * * * * We are updating the NYCBUG.org web site to include more information about our data center cabinet at New York Internet. We continue to host an array of services there, beyond the immediate NYCBUG functions, including a number of developer boxes, the BSD Certification Group, the main pfSense server and much more. We will be including a section on various needs to further assist us in building out the cabinet's usefulness to the entire BSD community. At this time, we need the following hardware, and would be excited to get replies on admin@: 1. Large SCSI and SATA hard drives 2. A NAS device with large disk capacity, preferably rack-mountable 3. Gigabit switches 4. Console (remote KVM) hardware Part of our plan is to implement mirrors for each of the BSD projects, including as many archived releases as possible. * * * * * * Finally, plans are moving forward for NYCBSDCon 2010. It will likely be held in early November. We are proud to announce that we will be working closely with BSDFund.org, a 501(c)(3) non-profit, on this year's conference. Start considering possible proposals for the CFP set for early summer, new sponsoring vendors, broader publicity, etc. We will have an open organizing meeting for the conference in the early summer. Stay tuned.