Abstract

Nothing makes your tight security budget go farther than open source software, and smart security managers are increasingly relying on open source tools for enterprise platforms.

FreeBSD and OpenBSD are sometimes considered the "other" free UNIXes, after Linux. They are well known for their stability and security, and are used in ISPs like Pair Networks and major web sites like Yahoo! There are compelling security features found only in FreeBSD or OpenBSD.

Cigital's Paco Hope will explore the value of FreeBSD, and introduce topics such as filesystem flags, kernel security levels, ACLs and "jails." The talk will show how these fundamental operating system features can be used to improve the security posture of critical applications like web servers, DNS servers, and mail servers.

Paco Hope is co-author, with Yanek Korff and Bruce Potter, of the recent O'Reilly book Mastering FreeBSD and OpenBSD Security.

Bio:

Paco Hope is a Managing Consultant with Cigital. His areas of expertise include software security, embedded systems, PKI, and host security. Prior to joining Cigital, he served as director of product development for Tovaris, Inc. and head systems administrator in the Department of Computer Science at the University of Virginia. Mr. Hope was a double major in Computer Science and English at The College of William and Mary and received an M.S. in Computer Science from the University of Virginia.

The slides are available as a PDF.

Abstract

A brief "Google hacking" tutorial focused on finding "Unintentional Data Disclosure." We will cover the Google advanced search tools and ways to use them in order to mine interesting gems from Google's vast database of web related information. Google data-mining for defenders and information providers.

Bio:

Dan Goldberg is the founder of MADJiC Consulting, Inc, a Charlottesville based security consultancy, the technical director of Global Information Assurance Certification (GIAC) and an incident handler for the Internet Storm Center (http://isc.sans.org). Dan has built and managed extranets, firewalls, VPNs. and intrusion detection systems around the globe for organizations from 10 employees to fortune 500 members.

The slides are available as a PDF.

Abstract

This talk will cover the basics of the Tk widget toolkit in tcl and python and demonstrate how to write a simple GUI application in tcl/tk and python/tk.

Bio:

Josh Malone has been a FreeBSD and Windows system administrator for three and a half years working in development shops and hosting companies. He attended Virginia Tech's Bradley dept. of Computer Engineering and was vice president of VT's Linux user group. He currently works as a Linux engineer for an embedded systems company.

Abstract

Vendor and security gurus alike tout VPNs as a security panacea. Security for what? What do VPNs secure and how? This talk is offers no nonsense coverage of what Site to site and remote access VPNs are, how they work and what level security do or do not provide.

Bio:

Dan Goldberg is the founder of MADJiC Consulting, Inc, a Charlottesville based security consultancy, the technical director of Global Information Assurance Certification (GIAC) and an incident handler for the Internet Storm Center (http://isc.sans.org). Dan has built and managed extranets, firewalls, VPNs. and intrusion detection systems around the globe for organizations from 10 employees to fortune 500 members.

The slides are available as a PDF.

Abstract

Subversion (SVN) is a new version control system, built to be the successor to the aging and venerable CVS. If you're unfamiliar with version control, this talk will introduce you to its concepts, which allow teams to work on source code (or other documents) concurrently without losing or overwriting one another's work. If you're already a CVS user, you'll find that switching from CVS to Subversion is quite easy to do. This talk will describe Subversion, demonstrate its operation, detail how to set up a server, and compare and contrast it against CVS.

Bio:

Colin Steel previously spoke at CHUUG on the Ruby language. He is also the author of the Helios Wiki which is written in Ruby.

The slides are available as a PDF.

Abstract

What is Public Key Infrastructure (PKI)? Where did it come from? When did it first make it's appearance? Why? Come on down to the next meeting and we'll take a few minutes to try and get to the bottom of the whys and hows of PKI. I mean really, when else are you going to get to wrestle a 500 pound gorilla this month?

Bio:

Anthony Johnston has worked in and around Charlottesville as a system administrator, developer and chef for nigh on ten years now. Despite hist not having any formal training in the subject, he continues to confound onlookers with his fu. Most recently he was employed by a local company doing secure email. The product used a privately run global PKI.

Abstract

Well, OK, I'm talking about more that just XMMS, but that makes a fun title!

Come see some quick and easy ways to customize your unix desktop. Learn to script your terminal, make bash do your bidding and hack XMMS in some really cool ways. Become the master of your desktop! Declare your independence from Gnome and KDE! And do something cool with those extra keys and buttons laying around on your your keyboard.

Bio:

Josh Malone has been a FreeBSD and Windows system administrator for three and a half years working in development shops and hosting companies. He attended Virginia Tech's Bradley dept. of Computer Engineering and was vice president of VT's Linux user group. He currently works as a Linux engineer for an embedded systems company.

The slides are available as a PDF.

Abstract

Lucene is an open-source high performance and scalable search engine, hosted at the Apache Software Foundation. Lucene powers search for Fortune 500 companies, top-secret intelligence analysis, an e-mail search plugin for Outlook, and countless other applications. This presentation will introduce Lucene and show the basics of using it.

Bio:

Erik Hatcher co-authored Lucene in Action (Manning Publications) as well as the award-winning Java Development with Ant. He has presented at numerous conferences, symposiums, and user groups including JavaOne, OSCON, and the No Fluff, Just Stuff symposiums. He currently works at UVa's Applied Research in Patacriticism group where he is putting Lucene to use on library archives.

The slides are available as a PDF or PowerPoint.