Technical Sessions | |||||||
THURSDAY, NOVEMBER 7, 2002
Wednesday, November 6 |
Friday, November 8 |
All in one file
| |||||||
9:00 a.m. - 10:30 a.m.
| |||||||
Logging and Monitoring
Chair: Marcus Ranum, Ranum.com
A New Architecture for Managing Enterprise Log Data
MieLog: A Highly Interactive Visual Log Browser Using Information Visualization and Statistical Analysis
Process Monitor: Detecting Events That Didn't Happen
|
Internet Security: Beyond Firewalls, Passwords, and Crypto
Peter Salus, Matrix NetSystems, Inc.
If you are safely dug in behind your
firewall and everyone in your company employs password security and cryptography, are you OK? No. You're as safe as the inhabitants of a mediaeval city under siege. DDoS attacks and SYN floods
render you helpless, for businesses require constant traffic.
Using graphs and numbers from past attacks, this presentation will discuss the nature of such attacks and will suggest ways their effects can be reduced.
|
Risk-Taking vs. Management
Paul Evans
The fundamental role of operational
management in the modern corporation is to balance the equation of putting assets at risk in the service of profit. What
happens in a world where management doesn't understand the risks well enough to judge? The experience of the dot-com years gives the answer: managers will underestimate familiar risk and overestimate unfamiliar risk. In combination with the obsessively risk-averse American
culture of the 1990s, this fact about human nature produced some very unfortunate economic consequences. Find out what happens when Boss-bert meets
the world of production Internet service operations!
|
Backups Guru
W. Curtis Preston,
Curtis is the president of a storage consulting firm focused on bridging the gap between customers and storage products. Curtis has ten years' experience designing storage systems for environments both large and small. He has advised the major product vendors regarding product features and implementation methods. Curtis is the administrator of the NetBackup and NetWorker FAQs, and answers the
"Ask The Experts" backup forum on SearchStorage.com. He is the author of O'Reilly's UNIX Backup & Recovery and Using SANs & NAS, as well as a monthly column in Storage Magazine.
| ||||
10:30 a.m. - 11:00 a.m. Break
| |||||||
11:00 a.m. - 12:30 p.m.
| |||||||
Short Subjects
Chair: Alva Couch, Tufts University
An Analysis of RPM Validation Drift
Awarded
Best Paper!
Environmental Acquisition in Network Management
A Simple Way to Estimate the Cost of Downtime
|
The Promise of Privacy
Len Sassaman, Consultant
More than ten years have passed since the release of the controversial encryption program PGP, which proclaimed itself "encryption for the masses". In this
presentation, I will discuss how PGP and other privacy-enhancing technologies have failed in their mission. I will examine the different problems that companies, governments, implementers, and individuals face when attempting to
harness the benefits of privacy-enhancing technologies, using PGP as the primary example of these failures.
Among the issues: the importance of usability, reliability, and interoperability, the role of government interference, and public misconceptions.
|
So You Want to Do a Startup?
Eric Allman, Sendmail, Inc.
So you want to start your own company. Is it too late to talk you out of it? Let me warn you: it probably won't turn out the way you expect. Company founders have to deal with a maze of annoying but critical details you know nothing about, and you often have to make decisions without all the information you feel you need.
In this talk I'll relate some of my experiences founding Sendmail, Inc. I am (more accurately, used to be) an engineer, so that's the perspective you'll hear. The focus will be on the first six months, but
|
Perl/Scripting Gurus
Daniel V. Klein, LoneWolf Systems, and Mark-Jason Dominus, Plover Systems Co.
Dan Klein started programming in Perl in 1995, about a month before he started teaching it (the best way to learn things is to tackle new problems, and there's no better way to find new problems than to hear other people's). He is the author of dozens of Perl-based Web applications, and tends to specialize in logfile analysis and compression.
Mark-Jason Dominus has been programming in Perl since 1992. He is a moderator of the comp.lang.perl.
moderated newsgroup; the author of the Text::Template, Tie::File, and Memoize modules; a contributor to the Perl core; and author of the perlreftut man page. Last year his work on the Rx regular expression debugger won the Larry Wall Award for Practical Utility.
| ||||
12:30 p.m. - 2:00 p.m. Lunch (on your own)
| |||||||
2:00 p.m. - 3:30 p.m.
| |||||||
Service and Network Upgrades
Chair: Steve Traugott, TerraLuna LLC
Defining and Monitoring Service-Level Agreements for Dynamic e-Business
HotSwapTransparent Server Failover for Linux
Over-Zealous Security Administrators Are Breaking the Internet
|
My Years with the NSA
Tim Nagle, TRW Systems
Ready for a surprise visit from the Red Team? Tim Nagle will talk about NIST/NSA authorities and their partnership for government information security, and about NSA Information Security services. He'll discuss his experiences: the rules that must be followed, the tools and techniques, the legal issuesand his own views on the "ethical hacker."
Mr Nagle served as Deputy Associate General Counsel (Information Systems Security) at the National Security Agency, acting as the principal legal advisor to all teams conducting government-wide information system and network vulnerability assessments, and directing the procedures to be followed before and during the evaluations.
|
Making Backups Easier with Disk
Curtis Preston, The Storage Group
A new weapon in the backup and recovery arsenal: ATA-based, SCSI- and fiber-channel-addressable storage arrays. They come in three flavors, and are turning the backup world on its head.
Why should you look at these new tools? Wonder how they can help you? If you'd like to increase your backup and recovery speeds significantly, and simultaneously get your onsite backups much easier to administer and your offsite backups
|
Email/MTAs Guru
Eric Allman, Sendmail, Inc.
Eric is the original author of sendmail. He is the author of syslog, tset, the -me nroff macros, and trek. He was the chief programmer on the INGRES database management project, designed database user and application interfaces at Britton Lee, and contributed to the Ring Array Processor project at the International Computer Science Institute. He is a former member of the USENIX Board of Directors.
| ||||
3:30 p.m. - 4:00 p.m. Break
| |||||||
4:00 p.m. - 5:30 p.m.
| |||||||
"Who ARE These People?" Internet Governance, Peering, and Legislation (PDF)
Paul Vixie, Internet Software Consortium
As the Internet engineering community ages, it seems as though the "Internet graybeard" population is burgeoning. Who are these people, and what are they doing to our playground? Mr. Vixie, as a member of the loyal opposition, will try to sort it all out for you.
|
The Intrusion Detection Timeline
Paul Proctor, Practical Security, Inc.
Numerous intrusion detection technologies can be found on the market today: TCP/IP analysis, log analysis, system call trapping, vulnerability assessment, network-node intrusion detection, file integrityto name but a few. Each of these has its own value proposition, and each organization has its own requirements. This presentation shows enterprises how to match needs to capabilities so that you can choose the best tools to maximize your security effectiveness and minimize your budget. This is a vendor-neutral presentation.
|
"Who ARE These People?" Internet Governance, Peering, and Legislation (PDF)
Paul Vixie, Internet Software Consortium
|
Project Management Guru
Strata Rose Chalup, VirtualNet Consulting
Strata Rose Chalup has managed project teams on Internet service rollouts from 50K to 500K users, and has managed to keep a sense of humor. Come on down!
|
Need help? Use our Contacts page.
Last changed: 11 Nov. 2002 aw |
|