October 2007
M	T	W	T	F	S	S
« Sep		Nov »
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31

Archive for October 8th, 2007

weeCamp Breakout Sessions

Posted October 8, 2007 at 10:10pm in Computers, Conferences

Just finished up my first breakout session at weeCamp covering RoR security. I would say half the time was spent with real security topics, but we had some insightful conversation about RoR and I feel those of us that are less familiar with Rails learned some important lessons about properly handling input in Rails. I was hoping to see Eric Pugh at weeCamp, but unfortunately he was not, I think his input in this might have been good, or he could have entered in some good questions if he didn’t have any input on the subject directly.

– Blog Break –

We are now moving into the hardening breakout discussing MySQL, Apache, and PHP hardening. The last two breakouts were SQL injection in PHP and authentication. Authentication was interesting, the injection was standard stuff really, I did pickup something I did not know about the PEAR DB library since I do not use it. I may begin using PEAR more it seems like a pretty nice set of scripts.

– Blog Break –

I really enjoyed the session on hardening, Josh explained a number of features found in FreeBSD that would be great for security on the project I am working on. I am however debating Solaris, but I will have to install them both and see which one gives me more of a headache.

Josh took some time afterwards to answer my questions about FreeBSD security levels and a method they used to harden the file system. This method involves moving configuration files in the /etc directory that will need modification and putting them in /var. The files are then recreated as symlinks to the files now located in /var and /etc is then mounted as read-only. This certainly does add an additional layer of protection and I am excited to try this out.

– Drive Home –

I left weeCamp as excited as when I left beCamp. I was able to connect with more people and learn a number of new techniques that I may not have picked up on my own. I hope to one day have a topic worth speaking about at one of these events. As of right now I don’t feel like I could speak well enough in front of people and teach at the same time.

I have come to the conclusion that conferences are key to a successful career in technology. Especially when they follow the structure of barCamp/beCamp/weeCamp, an environment much like hallway discussion where topics are discussed in a round table fashion or presented by an individual and followed up by a round table type of discussion.

If you would like more details about what we discussed you can see them on the weeCamp page.

I also noticed earlier today that for some reason my 1024 layout is extending by around 40 pixels. Very strange since I don’t have anything pushing it out that far. Oh well, I will probably fix it when I upgrade to WP 2.3, but I really don’t care right now.

No Comments · 368 views · 0.2% Popularity