(Monday, Tuesday, Wednesday) |
By Instructor | All in One File
T1 Building Secure Software NEW
Gary McGraw, Cigital
Who should attend: Developers, architects, and managers charged with developing code for security-critical and mission-critical projects (e.g., code that is intended to live on the Net), and security practitioners who must grapple with software security issues such as code review and risk analysis. Participants should have some familiarity with software development. Code examples include C, Java, and Python. This tutorial is based on material found in the book Building Secure Software, published by Addison-Wesley in their Professional Computing series.
What do wireless devices, cell phones, PDAs, browsers, operating systems, network services, public key infrastructure, and firewalls have in common? The answer is "software." Software is everywhere, and it is not usually built to be secure. This tutorial explains why the key to proactive computer security is making software behave. With software complexity growing alarmingly--the source code base for Windows XP is 40 million lines--we have our work cut out for us. Clearly, the penetrate-and-patch approach is non-optimal. Even worse is bolting security mechanisms on as an afterthought. Building software properly, both at the design and the implementation level, is a much better approach. This tutorial takes an in-depth look at some common software security risks, including buffer overflows, race conditions, and random number generation, and goes on to discuss essential guidelines for building secure software. A risk-driven approach to software security which integrates analysis and risk management throughout the software lifecycle is the key to better computer security.
Gary McGraw (T1) Cigital Inc.'s CTO, researches soft
ware security and sets technical vision in the area of software risk management. Dr. McGraw is co-author of four popular books: Java Security (Wiley, 1996), Securing Java (Wiley, 1999), Software Fault Injection (Wiley 1998), and Building Secure Software (Addison-Wesley, 2001). He consults with major e-commerce vendors, including Visa, MasterCard, and the Federal Reserve, functions as principal investigator on several government grants, and serves on commercial and academic advisory boards. Dr. McGraw holds a dual Ph.D. in cognitive science and computer science from Indiana University and a B.A. in philosophy from UVa.
Who should attend: Anyone who is designing, implementing, or maintaining a UNIX environment with 2 to 20,000+ hosts. System administrators, architects, and managers who need to maintain multiple hosts with few admins.
This tutorial won't propose one "perfect solution." Instead, it will try to raise all the questions you should ask in order to design the right solution for your needs.
Lee Damon (T2) holds a B.S. in speech communication
from Oregon State University. He has been a UNIX system administrator since 1985 and has been active in SAGE since its inception. He has developed several large-scale mixed environments. He is a member of the SAGE Ethics Working Group and was one of the commentators on the SAGE Ethics document. He has championed awareness of ethics in the system administration community, including writing ethics concerns into policy documents.
Who should attend: Software engineers, application architects and developers, kernel developers, device driver writers, system administrators, performance analysts, capacity planners, Solaris users who wish to know more about the system they're using and the information available from bundled and unbundled tools, and anyone interested in operating system internals.
The installed base of Solaris systems being used for various commercial data-processing applications across all market segments and scientific computing applications has grown dramatically over the last several years, and it continues to grow. As an operating system, Solaris has evolved considerably, with some significant changes made to the UNIX SVR4 source base on which the early system was built. An understanding of how the system works is required in order to design and develop applications that take maximum advantage of the various features of the operating system, to understand the data made available via bundled system utilities, and to optimally configure and tune a Solaris system for a particular application or load.
Topics include the major subsystems of the Solaris 8 kernel. We review the major features of the release and take a look at how the major subsystems are tied together. We cover in detail the implementation of Solaris services (e.g. system calls) and low-level functions, such as synchronization primitives, clocks and timers, and trap and interrupt handling. We discuss the system's memory architecture; the virtual memory model, process address space and kernel address space, and memory allocation. The Solaris process/thread model is discussed, along with the kernel dispatcher and the various scheduling classes implemented and supported. We cover the Virtual File System (VFS) subsystem, the implementation of the Unix File System (UFS), and file IO-related topics.
All topics are covered with an eye to the practical application of the information, such as for performance tuning or software development. Solaris networking (topics related to TCP/IP and STREAMS) is not covered in this course.
After completing this course, participants will have a solid understanding of the internals of the major areas of the Solaris kernel that they will be able to apply to systems performance analysis, tuning, load/ behavior analysis, and application development.
James Mauro (T3) is a Senior Staff Engineer
in the Performance and Availability Engineering group at Sun Microsystems. Jim's current projects are focused on quantifying and improving enterprise platform availability, including minimizing recovery times for data services and Solaris. He co-developed a framework for system availability measurement and benchmarking and is working on implementing this framework within Sun. Jim co-authored Solaris Internals: Architecture Tips and Techniques (Sun Microsystems Press/Prentice Hall, 2000).
Who should attend: System and network administrators who are interested in picking up several new technologies in an accelerated manner. The format consists of six topics.
Trent Hein (T4, W4) is co-founder
of Applied Trust
Engineering. Previously, he was the CTO at XOR Inc., where he focused on using UNIX and Linux in production-grade commercial environments.Trent worked on the 4.4 BSD port to the MIPS architecture at Berkeley, is co-author of both the UNIX Systems Administration Handbook and the Linux Administration Handbook, and holds a B.S. in computer science from the University of Colorado. Email him at email@example.com.
Who should attend: People with system administration duties, advanced-beginner to intermediate Perl experience, and a desire to make their jobs easier and less stressful in times of sysadmin crises.
Perl was originally created to help with system administration, so it is a wonder that there isn't more instructional material devoted to helping people use Perl for this purpose. This tutorial hopes to begin to remedy this situation by giving you six solid hours of instruction geared towards putting your existing Perl knowledge to practice in the system administration realm.
The morning section will concentrate on the power of Perl in this context. Based on the instructor's O'Reilly book, we'll take a multi-platform look at using Perl in cutting-edge and old-standby system administration domains. This jam-packed survey will include:
At the end of the day, you'll walk away from this class with Perl approaches and techniques that can help you solve your daily system administration problems. You'll have new ideas in hand for writing small Perl programs to get you out of big sysadmin pinches. And on top of all this, you are also likely to deepen your Perl knowledge.
David N. Blank-Edelman (T5) is the Director of
Technology at the Northeastern University College of Computer Science and the author of Perl for System Administration (O'Reilly). He has spent the last 15 years as a system/network administrator in large multi-platform environments and has served as Senior Technical Editor for the Perl Journal. He has also written many magazine articles on world music.
Who should attend: System and network administrators who implement or maintain intrusion detection systems, managers charged with selecting and setting intrusion detection requirements, and anyone who wants to know the details of how to make intrusion detection work. Familiarity with TCP/IP networking is a plus.
In today's increasingly networked world, intrusion detection is essential for protecting resources, data, and reputation. It's a rapidly evolving field with several models and deployment methods from which to choose.
After taking this tutorial, attendees will understand the fundamental concepts of intrusion detection and will gain practical insights into designing, deploying, and managing intrusion detection systems in the real world.
Mark Mellis (T6) is a consultant with SystemExperts Corporation. Over the past two years, Mark has assisted several premier Internet companies in responding to major network attacks and has designed and implemented robust infrastructure to limit future exposure. Mark was the Principal of Mellis and Associates, where he provided network consulting services to various high-tech firms. Mark attended the University of Washington, where he studied physics.
T7 Practical UNIX Cryptography NEW
Craig Hunt, WroteTheBook.com
Who should attend: System administrators interested in using the cryptographic tools that are now available for UNIX. System administrators interested in practical configuration examples will benefit the most. Attendees need basic system administration skills and knowledge of UNIX configuration to reap the greatest benefit from this course.
Export restrictions have eased, and the RSA patent has expired, removing legal barriers to strong encryption. Soon all Linux and UNIX systems will ship with built-in cryptographic capabilities. System administrators need to understand what those tools can and cannot do for them and how to use the tools. This course outlines the current state of cryptographic support in UNIX and shows attendees how to make use of SSL and SASL services. The network protocols that underlie these cryptographic services are described. Practical advice about using strong authentication and encrypted data streams is given. This tutorial provides detailed, practical examples of installing, configuring, and using OpenSSL and SASL to support encryption for applications such as Apache. Installation, configuration and use of encryption tools such as SSH and GPG are also covered.
T8 FreeBSD Kernel Internals: Data Structures, Algorithms, and NetworkingPart 2
Marshall Kirk McKusick, Author and Consultant
Please see the description under M8.
Marshall Kirk McKusick (M8, T8) writes books and
articles, consults, and teaches classes on UNIX- and BSD-related subjects. While at the University of California at Berkeley, he implemented the 4.2BSD fast filesystem and oversaw the development and release of 4.3BSD and 4.4BSD. His particular areas of interest are the virtual-memory system and the filesystem. He earned a B.S. in Electrical Engineering from Cornell University. At the University of California at Berkeley, he received Master's degrees in computer science and business administration, and a doctoral degree in computer science. He is past president and a current member of the USENIX Board of Directors and is a member of AAAS, ACM, and IEEE.