OpenBGPD turns 10 years - Design, Implementation, Lessons learned, Henning Brauer
Overview of OpenBSD ports Vadim Zhukov
How to patch KDE4 under OpenBSD Vadim Zhukov
Security Mitigation Techniques: An update after 10 years, Theo de Raadt
OpenBSD: Where crypto is heading? (Russian, English), Mike Belopuhov
OpenBSD's pf: Design, Implementation, Future, Henning Brauer
Inspecting packets with OpenBSD and PF, Henning Brauer and Reyk Flöter
Y2038: Going long long on time_t to cope with 2,147,483,647+1, Theo de Raadt
KDE4 on OpenBSD: Success story, Vadim Zhukov
Zero-Copy Socket Splicing, Alexander Bluhm
SCSI Multipathing in OpenBSD, David Gwynne
"Refactoring" the ports toolchain in OpenBSD, Marc Espie
The surprising complexity of TCP/IP checksums in the network stack, Henning Brauer
Porting Firefox to BSD: How to Keep Up with Fast Moving Projects and Upstream Patches Landry Breuil
Mozilla on OpenBSD: When the lizard meets puffy, Landry Breuil and video
The OpenBSD Buffer Cache - Bigger Is Better, Bob Beck
Using BGP for Realtime import and export of OpenBSD SPAMD entries, Peter Hessler
The surprising complexity of TCP/IP checksums in the network stack, Henning Brauer (paper)
OpenIKED, Reyk Flöter (paper)
Recent work in OpenBSD relayd, Reyk Flöter (paper)
Using routing domains / routing tables in a production network, Peter Hessler and video
Improvements in the IPsec stack and OpenBSD cryptographic framework, Mike Belopuhov
Advances in packages and ports in OpenBSD, Marc Espie and video
OpenBSD and RThreads, Philip Guenther and video
OpenBSD's new queueing subsystem, Henning Brauer and video
OpenBSD's new queueing subsystem, Henning Brauer
10 years of pf, Henning Brauer, Ryan McBride
OpenBSD update, Henning Brauer
Memory allocators in modern Operating Systems, Ariane van der Steldt
What's new in OpenSSH (slides), Damien Miller
OpenBSD's New Suspend and Resume Framework (slides), Paul Irofti
OpenBSD SCSI Evolution, David Gwynne and Ken Westerback
10 years of pf, Henning Brauer, Ryan McBride
OpenBSD update, Henning Brauer
OpenBSD/sun4v: Porting OpenBSD to Sun's UltraSPARC T1 and T2 processors, Mark Kettenis
OpenBSD Update, Jonathan Gray
vmmap, Ariane van der Steldt
64 bit and jit, Ariane van der Steldt
On the Compatibility Layer in OpenBSD 5.0, Paul Irofti
10 years of pf, Henning Brauer and Ryan McBride
Mandoc in OpenBSD, Ingo Schwarze
Training a foal to replace a venerable workhorse.
OpenBSD Update, Henning Brauer, Ryan McBride, Claudio Jeker
A quick (5 Minutes talk) status update on recent developments in OpenBSD.
OpenSSH - what's new?, Damien Miller
(Presented via VC)
Firewalling with OpenBSD's pf and pfsync, David Gwynne
The long road to pkg_add -u, Marc Espie
Efficient distributed ports builds, Marc Espie
placeholder - something OpenBSD networking related, Henning Brauer
OpenBSD Update, Theo de Raadt, Owain Ainsworth, Henning Brauer
IKEv2 VPN with OpenBSD iked(8), Reyk Flöter
I introduced iked(8), the latest addition to OpenBSD's IPsec stack.
Puffy At Work - getting code right and secure, the OpenBSD way, Henning Brauer and Sven Dehmlow
OpenBSD Update, Henning Brauer
A quick (5 Minutes talk) status update on recent developments in OpenBSD.
vether(4) - Because Canadian Internet Sucks, Theo de Raadt
Very short little presentation about the new vether(4) virtual ethernet device driver.
softraid OpenBSD's virtual HBA, with benefits, Marco Peereboom
Presentation about softraid that accompanies this paper.
Epitome2, dedup for the masses, Marco Peereboom
Presentation about epitome2 that accompanies this paper.
vscsi(4) and iscsid -- iSCSI initiator the OpenBSD way, Claudio Jeker
Presentation about the upcoming iSCSI initiator for OpenBSD.
SMP Implementation for OpenBSD/sgi, Takuya Asada
Presentation about SMP implementation for sgi port that accompanies this paper.
sndio - OpenBSD audio and MIDI framework for music and desktop applications, Alexandre Ratchov
Presentation about sndio(7) that accompanies this paper.
What's wrong with PF, Ryan McBride
A discussion of architectural and aesthetic flaws (but not bugs) in PF.
Security measures in OpenBSD, Matthieu Herrb
Presentation at the Department of Electrical and Computer Engineering of the University of Coimbra, during h2k9, summarizing several other papers presented over the years.
Experiences with kqueue, Ted Unangst
Paper about the uses and caveats of using kqueue(2).
A new malloc(3) for OpenBSD, Otto Moerbeek
Presentation about the new malloc.
Faster Packets - Performance Tuning in the Network Stack and pf, Henning Brauer
Presentation about recent work on network stack and pf performance.
OpenBSD update, Owain Ainsworth & Henning Brauer
OpenBSD part of the BSD news panel.
OpenBSD Physical Memory Management, Ariane van der Steldt
Presentation about OpenBSD physical memory and introduction to pmemrange.
Network Stack Virtualization, Claudio Jeker
Short introduction into the routing domains and network stack virtualization in OpenBSD.
OpenBSD Kernel Internals: The Hitchhiker's Guide, Vladimir Kirillov
An overview of the OpenBSD kernel architecture. The presentation was given at OpenKyiv 2009 in Kyiv, Ukraine in August 2009.
The OpenBSD release process: A success story, Theo de Raadt
Presentation about the release process of OpenBSD.
OpenBGPD - bringing full views to OpenBSD since 2004, Claudio Jeker
Presentation and paper about OpenBGPD
OpenBSD Hardware Sensors Framework, Constantine A. Murenin
This paper provides an overview of the hardware sensors framework available in OpenBSD. An outline of the API, the device drivers and the I²C bus is presented, as well as some historical insight regarding the evolution of the framework.Slides that accompanied the presentation are also available. The presentation was given at AsiaBSDCon 2009 in Tokyo University of Science, Tokyo, Japan in March 2009, and is an update from the EuroBSDCon 2008 version.
Active-Active Firewall Cluster Support in OpenBSD, David Gwynne
This paper describes the changes made to pfsync(4) to move it toward supporting active-active firewall configurations.
The OpenBSD Foundation, Ken Westerback
Presentation on the OpenBSD Foundation.
Install Scripts, Ken Westerback
Discussion about the install scripts.
BSD versus GPL, Jason Dixon
Commentary on BSD and GPL licenses.
Design and Implementation of the Portable C Compiler, Anders Magnusson
Presentation on design of PCC.
OpenBSD's Position Independent Executable (PIE) Implementation, Kurt Miller
Presentation on the work in progress to implement PIE on OpenBSD.
When Hardware Is Wrong, or "They can Fix It In Software", Jason L Wright
Presentation on how hardware design choices impact device drivers.
OpenBSD Hardware Sensors Framework, Constantine A. Murenin
Presentation on the history and design of OpenBSD's hardware sensors framework. The presentation was given at EuroBSDCon in Strasbourg, France in October 2008, and is an update from the BSDCan 2008 version.
OpenBSD Kernel Architecture, Network Stack, Mike Belopuhov
Presentation in Russian on the OpenBSD kernel architecture and BSD network stack. The presentation was given at OpenKyiv 2008 in Kyiv, Ukraine in August 2008.
OpenBSD Hardware Sensors Framework, Constantine A. Murenin
Past and present history of the OpenBSD's hardware sensors framework.
BSD and X.Org: upcoming plans, Matthieu Herrb
Status report and on-going work in X.Org.
OpenBSD network stack internals, Claudio Jeker
Presentation and paper about the OpenBSD network stack.
BSD and X.Org: changes ahead, Matthieu Herrb
Presentation on changes in X.Org current and future and how it affects *BSD.
OpenBSD Ports Tutorial: Advanced Topics, Michael Erdely
Presentation covering some advanced porting topics given at CapBUG.
Porting OpenBSD to MIPS based Devices, Rainer Giedat
Work in progress - a report.
Why are modern operating systems so complicated?, Jonathan Gray
Operating systems keep getting larger and more complicated, some of the reasons and excuses are discussed.
OpenBSD/sparc64, Mark Kettenis
OpenBSD/sparc64 is the OpenBSD port to Sun's UltraSPARC architecture. This presentation touches on some interesting features that are unique to this port and discusses recent and future developments.
Gnome as OpenBSD desktop solution, Reiner Jung and Jasper Lievisse Adriaanse
This presentation discusses why Gnome on OpenBSD makes a good desktop environment. It also shows recent and upcoming work.
OpenBSD Ports Tutorial, Bernd Ahlers
Tutorial about basic ports creation in OpenBSD.
OSPF v3 - OSPF for IPv6, Claudio Jeker
ospf6d the new kid on the routing block
Using OpenBSD Security Features to Find Software Bugs, Peter Valchev
Presentation about OpenBSD's security features and how they have helped uncover classes of software bugs given at Reflections/Projections 2007.
Support for Radio Clocks in OpenBSD, Marc Balmer
Presentation about the support for radio clocks in OpenBSD given at EuroBSDCon 2007.
OpenBSD as routing platform, Claudio Jeker
Presentation about the routing support in OpenBSD given at EuroBSDCon 2007.
OpenBSD: Load-Balancing using HostStated, Pierre-Yves Ritschard
Presentation about HostStated given at EuroBSDCon 2007.
Faster Packets, David Gwynne and Henning Brauer
Update from the Hackathon: 10GE, faster pf and other fun stuff
Exploring the OpenBSD network stack, Claudio Jeker
A short introduction into the OpenBSD network stack
OpenCVS, Ray Lai
Presentation about OpenCVS given at BSDCan 2007.
OpenBSD - Past, Present and Future (german), Felix Kronlage
Presentation about the development culture in OpenBSD as well as the current state of OpenBSD given at the Linux-Informationstag Oldenburg.
Open Documentation for Hardware, Theo de Raadt
Presentation about hardware documentation given at fisl8.0, in Porto Alegre, RS, Brazil.
OpenCVS, Ray Lai
Presentation about OpenCVS given at NYC*BUG.
Sichere Systeme mit OpenBSD (german), Alexander von Gernler
Presentation containing a general introduction to OpenBSD for a rather Linux-related audience, as well as an approach to the advantages that OpenBSD can offer for people who want to develop secure and bug-free software.
Supporting Radio Clocks in OpenBSD, Marc Balmer
This paper presents the use of GPS- or time signal station receivers as external time sources in OpenBSD. Slides of the corresponding presentation from AsiaBSDCon 2007 are also available.
OpenBSD as a Development Environment, Ryan McBride
This talk details the benefits of using OpenBSD as a Development Environment, including toolchain improvements, runtime environment, and licensing.
Time is not a secret: Network Randomness in OpenBSD, Ryan McBride
Network randomness talk, updated to cover new work including code being tested for TCP timestamps and sequence numbers and RIP/OSPF authentication fixes.
Recent Improvements in OpenBSD's IPsec Support, Mathieu Sauve-Frankel
This talk looks at the useability of modern day IPsec software and contrasts it with recent additions and improvements to the OpenBSD IPsec toolchain.
Security Measures in OpenSSH, Damien Miller
This paper examines several security measures that have been implemented in OpenSSH that are intended to reduce both the likelihood of exploitable mistakes being made and their consequences of should they occur. Slides of the corresponding presentation from AsiaBSDCon 2007 are also available.
OpenBSD - Past, Present and Future, Felix Kronlage
Presentation on what has been added to OpenBSD in the 3.9 and 4.0 releases as well as an lookout on what will come in OpenBSD 4.1.
Xenocara - integrating X.Org in OpenBSD, Matthieu Herrb
Presentation of how X and OpenBSD go along, work on Xenocara to integrate the modular X.Org and about security issues.
Driver Architecture and Implementation in OpenBSD, Jonathan Gray
Presentation dealing with driver development and politics.
OpenRIPD, Michele Marchetto
Presentation about OpenRIPD: internals, motivation and use.
Exploring the OpenBSD network stack, Claudio Jeker
Presentation about some of the new stuff in the OpenBSD networking code.
Support for GPS- and Time Signal Station Receivers, Marc Balmer
Presentation about using GPS- or time signal station receivers as external time sources in OpenBSD.
Why hardware documentation matters so much and why it is so hard to get, Theo de Raadt
Update on Portugal hackathon, followed by a talk on device support in the face of vendors hostile to documentation release.
3G Technology and OpenBSD, Felix Kronlage
Introduction to the use of 3G Technology with OpenBSD and overview of the current state of support of 3G hardware devices in OpenBSD.
The OpenBSD Culture, David Gwyne
The development culture of OpenBSD explained.
Bio and Sensors in OpenBSD, David Gwyne
The bio and sensors talk covers on how OpenBSD can provide a consistent interface to hardware monitoring across completly different computers.
Bio & Sensors in OpenBSD, David Gwyne and Marco Peereboom
Updated presentation (online, tarball) about RAID management that touches on the issues OpenBSD has faced during development.
OpenBSD/sparc64, Jason L. Wright
Updated presentation (online, tarball) History of the sparc64 port and current status.
Qualitätssicherung bei der Entwicklung des freien Betriebssystems OpenBSD, Marc Balmer
A presentation in German "Ensuring Quality in the Development of the Free Operating System OpenBSD"
bio and sensors in OpenBSD, David Gwynne and Marco Peereboom
Presentation about the sensor and RAID management implementations in OpenBSD.
Proactive Wireless Networks With OpenBSD, Reyk Flöter
Presentation (online, tarball) about WLAN support in OpenBSD with a focus on the Host Access Point daemon.
Routing with OpenBSD using OpenOSPFD and OpenBGPD, Claudio Jeker
Presentation and paper about using OpenBGPD and OpenOSPFD on OpenBSD routers.
PAE for OpenBSD/i386, Michael Shalayeff
Presentation about PAE implementation for OpenBSD/i386 given at NYCBUG May 2006 meeting. A brief overview has been given on motivation for and current implementation of Physical Address Extension feature for i386 Architecture.
Embedded OpenBSD, Niall O'Higgins & Uwe Stuehler
New Evolutions in the X Window System, Matthieu Herrb & Matthias Hopf
The Design and Implementation of OpenOSPFD, Claudio Jeker
rthreads: A New Thread Implementation for OpenBSD, Ted Unangst
OpenBSD ports and packages, Marc Espie
Porting OpenBSD, Niall O'Higgins & Uwe Stuehler
OpenBSD Networking Update, Henning Brauer
Exploit Mitigation Techniques (updated to include random malloc and mmap), Theo de Raadt
OpenBSD hackathon report, Venezia 2005, Peter Valchev
Secure Portability, Damien Miller
Paper (PS and PDF) and presentation slides (online, PS, or tarball) from Australian Unix Users Group AUUG 2005 conference, introducing portable OpenSSH's approach to porting secure software.
Open Source in a Windows World: A Business Case for OpenBSD, Mark T. Uemura
Presented to the Tokyo PC Users Group, the largest English-speaking personal computer club in Japan, June, 2005. Focusses on OpenBSD and related open source projects and how businesses can use them to best advantage. Presentation began with a live demo of redundant OpenBSD firewalls with CARP failover.
The OpenBSD project, Alexandre Anriot
French presentation (online, tarball) on OpenBSD and some associated projects (OpenBGPD etc.) given at the April meeting of the PLUG (Provence Linux User Group).
OpenBSD/hppa, Michael Shalayeff
Presentation about OpenBSD/hppa and HP PA-RISC given at NYCBUG March 2005 meeting. An attempt has been made to outline the porting effort and describe architecture features essential for operating systems development. Tarball of the presentation for offline viewing.
OpenBSD, Saâd Kadhi and Marc Espie
French presentation about OpenBSD in general and security with a focus on the ports collection and PF, given during Solutions Linux 2005 in Paris, France in February 2005. This presentation is an update of the SUR Group 200412 one. Tarball of the presentation for offline viewing.
OpenBSD et Sécurité, Saâd Kadhi
French presentation about OpenBSD in general and security, given at the December meeting of the SUR Group (Sécurité Unix et Réseaux). This presentation is intended as a general overview of OpenBSD with a particular focus on the security of the system. Tarball of the presentation for offline viewing.
Signal Handlers, Henning Brauer
Presentation on signal handlers, given at OpenCON 04 in Venice, Italy in December 2004. This presentation outlines some issues to take care of when dealing with signal handlers and possible solutions. Tarball of the presentation for offline viewing.
Exploit Mitigation Techniques, Theo de Raadt
Presentation on exploit mitigation techniques that was presented at AUUG 04 in Melbourne, Australia in September 2004. This presentation outlines implementation details on features such as: stackgap, ProPolice/SSP, W^X, !X, StackGhost & PrivSep. This presentation is an update from the BSDCAN 04 version. Tarball of the presentation for offline viewing.
OpenNTPD, Henning Brauer
Presentation on OpenNTPD that was presented at SUCON 04 in Zurich, Switzerland in September 2004. This presentation outlines implementation details and rationale behind OpenNTPD. Tarball of the presentation for offline viewing.
A Secure BGP Implementation, Henning Brauer
Presentation on BGPD that was presented at SUCON 04 in Zurich, Switzerland in September 2004. This presentation outlines implementation details and rationale behind BGPD. Tarball of the presentation for offline viewing.
Exploit Mitigation Techniques, Theo de Raadt
Presentation on exploit mitigation techniques that was presented at BSDCAN 04 in Ottawa, Canada in May 2004. This presentation outlines implementation details on features such as: ProPolice/SSP, W^X, !X, StackGhost & PrivSep. This presentation is an update from the PACSEC 03 version. Tarball of the presentation for offline viewing.
Introduction to PF, Ryan McBride
Presentation on PF for BSDCAN 04 in Ottawa, Canada in May 2004. This presentation outlines the packet filtering basics in OpenBSD and discusses some of the more advanced features in PF such as denial of service mitigation techniques, firewall redundancy, and load balancing. Tarball of the presentation for offline viewing.
Enhancing XFree86 security, Matthieu Herrb
This presentation focuses on XFree86 security. It describes the existing access control mechanisms, and two ways to enhance it: the privilege separation code that is now part of OpenBSD's XF4 and one systrace policy for the X server.
Exploit Mitigation Techniques, Theo de Raadt
This is the initial version of the exploit mitigation techniques presentation. It was presented at PACSEC 03 in Tokyo, Japan in November 2003. This presentation outlines implementation details on features such as: ProPolice/SSP, W^X, !X, StackGhost & PrivSep. Same presentation in Japanese. Tarballs of presentation for offline viewing: English, Japanese.
Advances in OpenBSD, Theo de Raadt
This presentation covers a variety of topics including DARPA, the 2002 Hackathon, ProPolice, W^X etc. It was presented at CanSecWest 03 in Vancouver, Canada in April 2003 Magicpoint presentation for offline viewing.
OpenSSH und OpenBSD, Markus Friedl, Henning Brauer
German presentation on OpenSSH and OpenBSD that was presented at CEBIT 03 in Hannover, Germany in March 2003. It outlines what OpenSSH is and it's history. Tarball of the presentation for offline viewing.
SSH protocol and tips tutorial, Damien Miller
Slides and tutorial notes from a half-day session on the SSH protocol and the cool things that can be done with it. All examples use OpenSSH (of course). Presented at the Australian Unix Users Group 2002 winter conference. The slides are a brief introduction to the protocol, whereas the notes cover usage examples and tricks. Tarball or postscript of the presentation for offline viewing. Postscript or PDF of the tutorial notes.
Secure Internet Servers/Firewalls with OpenBSD, Ian Darwin
These notes are the outline for the half-day tutorial on Secure Internet Servers/Firewalls with OpenBSD. Presented at the O'Reilly Open Source Conference in Monterey, California in July of 2000. Tarball of the presentation for offline viewing.
Transparent Network Security Policy Enforcement, Jason L. Wright, Angelos D. Keromytis
This paper describes the architecture and implementation of a Layer-2 (link layer) bridge with extensions for offering Layer-3 security services. Same paper in PDF format bridgepaper.pdfSlides that accompany the transparent network security policy enforcement paper. Presented at USENIX 2000 in San Diego, California in June of 2000. Same slides in PDF format bridgeslides.pdf
Encrypting Virtual Memory, Niels Provos
Many computer systems use encrypted file systems. However, the backing store of virtual memory is generally unprotected which can lead to potential security vulnerabilities. This paper discusses the details of encrypting virtual memory. Same paper in PDF format swapencrypt.pdfSlides that accompany the Encrypting Virtual Memory paper. Presented at USENIX SECURITY 2000. Same slides in PDF format swapencrypt-slides.pdf
Dealing with Public Ethernet Jacks, Switches, Gateways, and Authentication, Bob Beck
This paper describes the tools and techniques developed and deployed to address the problem of blocking unauthorized users on unprotected Ethernet jacks. Same paper in PDF format authgw-paper.pdfSlides that accompany the dealing with public Ethernet jacks paper. Presented at LISA '99 in November of 1999 in Seattle, Washington. Same slides in PDF format authgw-slides.pdf
Opening The Source Repository With Anonymous CVS, Charles D. Cranor & Theo de Raadt
Anonymous CVS is an advanced source file distribution mechanism we created to allow open source software projects to distribute source code and information about code to Internet users. Built on top of the Concurrent Versions System (CVS) revision control system, Anonymous CVS safely allows anonymous read-only access to a CVS source repository. Same paper in PDF format anoncvs-paper.pdfSlides that accompany the anonymous CVS paper. Presented at USENIX 1999 in June of 1999 in Monterey, California. Same slides in PDF format anoncvs-slides.pdf
Future-Adaptable Password Scheme, Niels Provos, David Mazieres
Many authentication schemes depend on secret passwords. Unfortunately the length and randomness of user chosen passwords remain fixed over time. This paper discusses ways of building systems in which password security keeps up with hardware speeds. Same paper in PDF format bcrypt-paper.pdfSlides that accompany the future-adaptable password scheme paper. Presented at USENIX 1999 in June of 1999 in Monterey, California. Same slides in PDF format bcrypt-slides.pdf
Cryptography in OpenBSD: An overview, Theo de Raadt, Niklas Hallqvist, Artur Grabowski, Angelos D. Keromytis, Niels Provos
This paper gives an overview of the cryptography employed in OpenBSD. It discusses various components like IPsec, SSL libraries, stronger password, encryption, Kerberos IV, random number generators etc, and their role in system security including their interactions with the rest of the system. Same paper in PDF format crypt-paper.pdfSlides that accompany the cryptography in OpenBSD: an overview paper. Presented at USENIX 1999 in June of 1999 in Monterey, California. Same slides in PDF format crypt-slides.pdf
strlcpy and strlcat - Consistent, Safe, String Copy and Concatenation, Todd C Miller, Theo de Raadt
This paper describes the motivation behind and implementation of the length-bounded string functions: strlcpy and strlcat. Same paper in PDF format strlcpy.pdfSlides that accompany the strlcpy and strlcat paper. Presented at USENIX 1999 in June of 1999 in Monterey, California. Same slides in PDF format strlcpy-slides.pdf