MeetBSD CA 2010 is now over.  It was an eye-opening experience!  There are a lot of good things coming.  Let me just highlight a few things, though:


I don't even know where to begin.  PC-BSD is making amazing progress at bringing BSD to the desktop.  PC-BSD's pc-sysinstall and PBI system are also making waves in the BSD community.  I think these are both going to find their way into FreeBSD eventually.

PC-BSD will soon give you a choice between KDE, Gnome, and Xfce during installation.  This is staus:done, it's just waiting for the next release. 

There are improvements to the intstaller gui, making some of the choices and defaults more sane and generally easier for people to use.

The next generation PBI system will support digital signatures and decrease bloat by detecting the presense of common (meaning shared by more than one program) dependencies and hardlinking instead of duplicating them. 



With any luck, FreeNAS will soon split into a new, generic appliance framework and a NAS implementation.  I know, you weren't at the conference, so what does that mean?  FreeNAS is moving away from its roots in PHP and m0n0wall and towards a flexible appliance with configurable, modular behavior based on django apps.  Ideally this django box would provide developers with a framework for creating web-managed network appliances such as NAS, firewalls, media servers, mail toasters, or whatever you want. 



It's hard to describe what the Kane-box is because there's not much like it on the market.  The website does not do it justice.  The Kane-box is a network security appliance that uses "Why the !@# didn't I think of that!?" technology to identify and defend against malicious network traffic.  Current IDS systems use attack fingerprints to detect known attacks.  The kane-box is more flexible, using Bayesian filters to probabilistically classify network traffic and separate the good from the bad.  The attack fingerprint may change, but the filters will still correctly identify the attack.  All of this runs under OpenBSD on a custom motherboard.  It's fully open-source and priced at just under $200 for the SOHO version and $850 to $1450 for the rackmount versions. 


newLISP is a LISP-like scripting language for doing things you typically do with scripting languages: programming for the internet, system administration, text processing, gluing other programs together, etc. newLISP is a scripting LISP for people who are fascinated by LISP's beauty and power of expression, but who need it stripped down to easy-to-learn essentials.

Kane-box is built with newLISP, a powerful network scripting language that allows you to quickly and abstractly construct and analyze network packets.  Wait, what was that?  It's easy to miss the subtle significance of that statement:  newLISP allows you to create raw packets for penetration testing just by calling a function with a few arguments.  It's a programming language with networking built-in and NOT included as a library.  This saves you time by letting you stop copy/pasting your basic network code.  Keep it simple and be DRY.

newLISP is extremely small/efficient and ideally suited to a number of network security related tasks.



Well I was the only person to take the BSDA exam at MeetBSD.  Sure enough, there actually is a non-disclosure agreement that prevents me from talking about the exam questions.  My lab experience with NetBSD and OpenBSD was very helpful, though.  I had planned to practice playing with package systems and building kernels before the exam, but somehow procrastinated until it was too late.  That was a mistake–the experience in those areas would have paid off. 

They say that the BSDA exam is broad, and they are right.  It's VERY broad.  Unless you're in the habit of using all four of these operating sysems daily, there's probably a good chunk of questions on the exam covering commands or issues you've never had to deal with.  This is in stark contrast with the BSDP hands-on, where the focus will be on the results and not the implementation.  For BSDA, anyway, one needs to venture outside one's comfort zone a little and get some practice with the OTHER utilities that do the same thing your favorite ones do, just with a completely different syntax.

A good point was raised yesterday about BSD certification in general.  Right now the actual number of people who have taken the exam is quite low–an order of magnitude less than the number of people who expressed interest in taking the exam.  There are many people in the BSD community who might be interested in the BSD certification initiative, but can't find a reason to take the exams themselves.  If nothing else, do realize that taking the exam supports the BSD community directly.  The exam is not about profit–the fees go to cover the costs of creating and proctoring the exams.  The more people who take the exam, the more momentum in builds and the more it gets awareness of BSD out there.  Even if you think it is beneath your abilities or irrelevant to the work you do with BSD, getting certified and telling people (bosses and vendors) about it helps the other certificate holders and shows the world that BSD is niether dead nor an academic playtoy.  The question pool is a closely guarded secret so you can't go to a bootcamp and memorize the answers.  At this stage, the only way to know the correct answers is to actually have experience performing the tasks listed in the exam objectives.  There is some trivia about the different ways of doing things in the various *BSDs, but the exam itself is not silly trivia.  Even though the BSDA is claimed to be targeted at junior admins with 6 months of experience, I personally think that may be a stretch.  Don't let those words fool you–the BSDA exam is broad and comprehensive and I am almost sure an old dog can be taught new tricks whilst preparing for it.