September 27-30, 2021
Seattle, Washington, USA + Virtual
View More Details & Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit + Embedded Linux Conference + OSPOCon 2021 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (UTC -7). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Wednesday, September 29 • 1:45pm - 2:35pm
(VIRTUAL) Lessons from Running One of the Largest CTFs - Stephane Graber, Canonical Ltd.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
NorthSec started as a yearly on-site Capture The Flag security event in Montreal. Over the years, it has grown to close to a thousand attendees representing as many as 80 teams, while also developing a large conference and a selection of professional trainings on the side. This 3 day CTF is somewhat unique for providing a completely distinct infrastructure for each participating team. In theory making it impossible for one team to affect any of the others. All while providing sometimes hundreds of different virtual servers and services for a team to attack. Providing all of that, to every team, in a reliable, fair and safe way has at times been a bit of a struggle. This talk will be going over the past few editions, looking both at the infrastructure used to provide the CTF and how it evolved as well as the various bugs and configuration issues that were encountered. This covers all kind of interesting problems, Linux kernel bugs, container namespacing issues, resource limits working in odd ways, information leakage and network and storage tuning. Those lessons are in no way specific to operating a CTF and should be of interest for anyone running a very large set of containers in production, especially when untrusted and/or malicious users are involved!

avatar for Stephane Graber

Stephane Graber

Project leader for LXD, Canonical Ltd.
Stéphane Graber is the upstream project leader for LXC and LXD at Canonical and a frequent speaker and track leader at events related to containers and Linux. Stéphane is a longtime contributor to the Ubuntu Linux distribution as an Ubuntu core developer and previous Ubuntu technical... Read More →

Wednesday September 29, 2021 1:45pm - 2:35pm PDT
MeetingPlay Platform + Virtual Learning Lab
  Cloud Infrastructure, Container & Infrastructure Security