Users Conference

This year, and for first time, the workshop includes a users section. The users conference will take place on 3rd and 4th Oct. The attendance is free. Contact if you've got any question related with the event.

This section will include the following talks:

October 3th:

10h - Welcoming
Timing: 45 minutes
Welcoming by the organization committee and other guests.

11h00 - Analisis y propuestas para Honeynets
Speaker: Sergio Pozo Hidalgo (Quivir Labs)
Timing: 45 minutes
Details: Las Honeynets son sistemas trampa, preparados para ser atacados y extraer información de ataques e intrusos. Desde que surgieron las Honeynets, se han venido desarrollando como sistemas sin actividad de producción real y lícita, sistemas sin valor. Sin embargo un sistema sin valor no es atractivo. Para solucionar este problema proponemos utilizar técnicas estratégicas de simulación de comportamiento, que aplicaremos a Honeynets

12h - Netlink interface for the Connection Tracking System
Speaker: Pablo Neira Ayuso (Netfilter Project)
Language: Spanish/English
Timing: 30 minutes
Every subsystem in kernel space requires a proper method to interact with
user space. This talk introduces the Netlink infrastructure for
Netfilter, the corresponding libraries and the brand new command line
tool: conntrack.

16h30 - Eleccion de Hardware para Firewalls
Speaker: Javier de Miguel Rodriguez (SUGUS)
Language: Spanish
Timing: 60 minutes
En la presente charla se describirán los requerimientos de hardware
necesarios para implantar cortafuegos de alto rendimiento empleando el
subsistema netilfter. Se hablará del tipo de procesador más adecuado
para alto rendimiento de filtrado, elección de tarjetas de red, buses de
conexión, requerimientos de memoria y en general todo aquel
requerimiento hardware específico para el filtrado de tráfico multigigabit

17h30 - TCP connection tracking in netfilter
Speaker: Jozsef Kadlecsik (Netfilter Project)
Language: English
Timing: 30 minutes
Connection tracking is one of the cornerstone of netfilter/iptables. As
today Internet traffic is dominated by TCP, it is crucial how TCP
connection tracking is handled. In the short talk we discuss the main
features of TCP connection tracking (aka window tracking) in the 2.6.x
tree of the Linux kernel.

18h00 - ipset
Speaker: Jozsef Kadlecsik (Netfilter Project)
Language: English
Timing: 30 minutes
ipset is an exciting approach to handle large number of rules fast and
efficiently in netfilter/iptables. We present ipset in general,
and the main characteristics of the different set types currently
supported. The demonstration of the capabilities of ipset is planned.

19h00 - Netfilter High Availability
Speaker: Krisztian Kovacs (BalaBit Ltd)
Language: English
Timing: 60 minutes
With traditional, stateless firewalling (such as ipfwadm, ipchains)
there is no need for special HA support in the firewalling subsystem.
However, Netfilter's stateful operation makes creating HA packet
filter systems a bit more complicated. The presentation will cover the design, implementation and usage of the connection tracking failover system (ct_sync).

October 4th:

10h - Better Than Netfilter or Kernel Hacking
Speaker: Paul 'Rusty' Russell (IBM)
Language: English
Timing: 60 minutes
You can learn a lot by working on the Linux kernel, but some of the
brightest people work on completely different Free Software projects.
Sometimes it's more fun to avoid the crowd: Rusty will present a handful
of examples.

11h15 - Application Layer Gateways: A different approach to firewalling
Speaker: Balazs Scheidler (BalaBit Ltd)
Language: English
Timing: 60 minutes
I am going to describe the major differences between packet filtering and
application layer gateways. While packet filters operate at layers 3 (IP)
and layer 4 (TCP/UDP), application layer gateways separate networks at layer
7 (application layer), using separate transport layer connections and
processing the application specific protocol layer as well. This has some
advantages by improving the filtering possibilities and protecting against
attacks targeting the application layer.

16h30 - Enforcing the GNU GPL - Copyright helps Copyleft
Speaker: Harald Welte (Netfilter Project)
Language: English
Timing: 60 minutes
More and more vendors of various computing devices, especially
network-related appliances such as Routers, NAT-Gateways and 802.11
Access Points are using Linux, including netfilter/iptables and other
GPL licensed free software in their products.

The speaker will present an overview about his recent successful
enforcement of the GNU GPL, mostly within German jurisdiction. In the
end, it seems like the idea of the founding fathers of the GNU GPL
works: Guaranteeing Copyleft by using Copyright.

17h45 - NuFW, Now User Filtering Works
Speaker: Eric Leblond (INL)
Language: English
Timing: 60 minutes
We will present NuFW, an authenticating firewall extending Netfilter
capabilities. After describing our authentication algorithm and its
advantages over existing solutions, we will present the obtained
functionnalities (per User QoS and routing, Extensive logging, Single
Sign On) and focus on NuFW evolutions in the scope of the new nfnetlink

19h - nf-HiPAC
Speaker: Michael Bellion (MARA Systems)
Language: English
Timing: 60 minutes
nf-HiPAC is a full featured packet filter for Linux. It provides the
same rich feature set as iptables but uses an advanced algorithm to
reduce the number of memory lookups per packet. This makes it ideal for
environments where large rulesets and/or high bandwidth networks are

20h30 - End of the users event