forked from laurens/fediversity_website
38 lines
2.2 KiB
Markdown
38 lines
2.2 KiB
Markdown
|
---
|
||
|
categories:
|
||
|
date: 2023-10-31T11:21:01+02:00
|
||
|
description:
|
||
|
layout: event-talk
|
||
|
slug:
|
||
|
tags:
|
||
|
- bsd
|
||
|
- freebsd
|
||
|
title: "Eirik Øverby - On FreeBSD, DDoS, and getting up from under the bus"
|
||
|
speakers:
|
||
|
- eirik-overby
|
||
|
---
|
||
|
|
||
|
## Abstract
|
||
|
|
||
|
The Blame Game continues (or: Squid Game for sysadmins)
|
||
|
The financial and payment industries are dominated by dinosaurs, and those are not known for moving fast. The associated security compliance business is much the same. It should come as no surprise that we are still - three years after my 2019 talk on FreeBSD and the absurdities of security compliance - regularly finding ourselves in puzzling and sometimes nonsensical situations where compliance, security and sanity are a "pick any two" proposition.
|
||
|
|
||
|
That said: The side effects of dinosaurs trying to turn around too quickly can be quite painful if you're too close. In 2021, we got the rough end of the deal when the dinosaurs got in the way of some of the seedier elements on the Internet, who decided to take it out on us and others like us through a 9-month long wave of denial-of-service attacks.
|
||
|
|
||
|
We've spent the better part of 20 years building a FreeBSD-based platform - routers, firewalls, servers and all. It was all chugging along nicely until someone decided to paint a big target on our backs and then turn away. The Blame Game just got real.
|
||
|
|
||
|
What we've put FreeBSD through over the last year and a half is unlike anything we've seen in the previous 20.
|
||
|
|
||
|
This is both a story of "look what we can do with BSD" and "look what we've put BSD through".
|
||
|
|
||
|
About Modirum
|
||
|
Modirum provides software - both through licensing and as a service - to banks, card issuers, merchants and payment processors that allow them to implement 3-D Secure. 3-D Secure is, very roughly, a protocol defined by the major card brands that allows the bank or card issuer to intervene during an online payment process in order to authenticate the card holder before the purchase is completed.
|
||
|
|
||
|
## Biografie
|
||
|
|
||
|
Model '77, Slackware-gone-BSD in the early 00s, escaped the dying world of OS/2 to be doomed to death by Netcraft for another decade. Now managing jailed (but not dead!) systems for a living and as a hobby.
|
||
|
|
||
|
Mid-life crisis topic: Retro PCs.
|
||
|
|
||
|
~ love over gold ~
|