Peter N M Hansteen, Datadokumentasjon A/S

The objective of the tutorial is to show you the tools and methods for taking control of your network traffic - keeping some of it safely inside or outside your network, directing traffic to specific hosts or services, flexible resource allocation and protection against cracking, DOSing and spamming.

Topics covered include: Background and history; Packet filter? Firewall? Demystifying some common terms; NAT - why NAT was needed, how it works; PF today - features; BSD vs Linux - Configuration (for the BSD-curious Linuxer); Basic setup on OpenBSD, FreeBSD and NetBSD; Exploring the basics of rule sets; Lists and macros and why they are good for you; A few information gathering techniques; Simple gateway with NAT - a common setup explained; Handling that sad old FTP thing; Making your firewall troubleshooting friendly; Hygiene: block-policy, scrub and antispoof; Adapting to changing needs, easily; The practical sides of logging; Keeping an eye on things with pftop; Invisible gateway - bridge (you can filter even if you're invisible); Directing traffic with altq; CARP and pfsync: redundancy and failover - a taste of what is possible; Wireless networks and how to stop worrying about them; Giving bruteforcers and spammers a hard time - stopping stupidity at $ext_if, greylisting and tarpitting.

Topics not covered: Getting BSD to run on your hardware; the intricacies of Microsoft networking; social engineering.

Who should attend: Seasoned and aspiring network administrators looking for ways to make their environment more efficient and secure. Basic to intermediate familiarity with TCP/IP and unixes required.

Back to schedule

Google IBM O'Reilly mod3

$Id: PHansteen.html 555 2006-09-27 14:04:22Z ray $