Conference News & Coverage

Diamond Sponsors

  • Fotango
  • Intel
  • Microsoft

Gold Sponsors

  • Dell Inc.
  • Hewlett Packard
  • IBM
  • Mozilla Corporation

Silver Sponsors

  • ActiveState
  • Autodesk
  • Google
  • Greenplum
  • Ingres
  • Novell, Inc.
  • OpSource
  • Rearden Commerce
  • SnapLogic
  • ThoughtWorks
  • Ticketmaster

Sponsors & Exhibitors

For information on exhibition and sponsorship opportunities at the convention, contact Sharon Cordesse

For Media Partnership opportunities, please contact Avila Reese

Download the OSCON Sponsor/Exhibitor Prospectus (PDF).

Conference News

To stay abreast of Conference news and to receive email notification when registration opens, please sign up here.

Press & Media

For media-related inquiries, contact Dawn Applegate at

Program Ideas

Drop us a line at and tell us who and/or what would make OSCON a must-attend event.

User Groups & Professional Associations

For user group and professional association related inquiries, contact Marsee Henon at


Iptables Attack Visualization

Michael Rash, Security Architect, Enterasys Networks, Inc.

Track: Security
Date: Thursday, July 26
Time: 10:45am - 11:30am
Location: D137-138

The iptables logging format provided by the Netfilter project contains a wealth of detailed information about network traffic. Nearly every interesting field in the network and transport layer headers is logged by iptables. By combining the graphing capabilities of the AfterGlow with the attack detection capabilities of the psad project, it is possible to render eye-catching graphical visualizations of network attacks. These visualizations can expose important relationships between attackers and their targets that are difficult to acquire via non-graphical means.

This talk will analyze iptables log data from two sources: the Honeynet Project, and from an internet-facing Linux system. The data contains instances of the Nachi and Slammer worms, and suspicious outbound SSH and IRC connections from compromised systems. In addition, material from the book Linux Firewalls: Attack Detection and Response will be presented to show you how to deploy psad on a live firewall.

As more people run Linux, mountains of iptables log data are piling up. It is time to maximize the effectiveness of this data and mine it for suspicious traffic and network-based attacks. This talk will show you how.