Sunday, November 3, 2002

S1 Advanced Solaris System Administration Topics
Peter Baer Galvin, Corporate Technologies

Who should attend: UNIX administrators who need more knowledge of Solaris administration.

We will discuss the major new features of recent Solaris releases, including which to use (and how) and which to avoid. This in-depth course will provide the information you need to run a Solaris installation effectively. Updated to include Solaris 8 and several other new topics.

Topics include:

• Installing and upgrading
  • Architecting your facility
  • Choosing appropriate hardware
  • Planning your installation, filesystem layout, post-installation
  • Installing (and removing) patches and packages
• Advanced features of Solaris
  • File systems and their uses
  • The /proc file system and commands
  • Useful tips and techniques
• Networking and the kernel
  • Virtual IP: configuration and uses
  • Kernel and performance tuning: new features, adding devices, tuning, debugging commands
  • Devices: naming conventions, drivers, gotchas
• Enhancing Solaris

Baer Galvin (S1) is the Chief Technologist for Corporate Technologies, and was the systems manager for Brown University's Computer Science Department. He has written articles for Byte and other magazines, is a columnist for SunWorld, and is coauthor of the Operating Systems Concepts and the Applied Operating Systems Concepts textbooks. Peter has taught tutorials on security and system administration and has given talks at many conferences and institutions.

S2 Topics in UNIX and Linux Administration, Part 1 NEW
Trent Hein and Ned McClain, Applied Trust Engineering; Evi Nemeth, University of Colorado Emeritus

Who should attend: System and network administrators who are interested in picking up several new technologies in an accelerated manner. The format consists of six topics.

Topics include:

• Logical Volume Management for Linux: Logical volume support for Linux has brought storage flexibility and high availability to the masses. By abstracting physical storage devices, logical volumes let you grow and shrink partitions, efficiently back up databases, and much more. We'll talk about Linux LVM, what you need to get it up and running, and how to take advantage of its many features.
• Security Packet Filtering Primer: What does the word "firewall" really mean, and how do you set up a packet filter list to implement a basic one? We'll teach you the dos and don'ts of creating a tough packet filter, and talk specifically about capabilities of packages available for Linux.
• What's New in BIND9? BINDv9 includes a long laundry list of features needed for modern architectures, huge zones, machines serving a zillion zones, co-existence with PCs, security, and IPv6­specifically, dynamic update, incremental zone transfers, DNS security via DNSSEC and TSIG, A6, and DNAME records. We'll talk about the gory details of these new features.
• Network Server Performance Tuning: Instead of throwing expensive hardware at a performance problem, consider that many performance problems are really due to misconfigured networks, systems, and applications. We'll focus on Linux and UNIX performance tuning, with an emphasis on low-cost, high-impact strategies and solutions.
• Security Crisis Case Studies: Before your very eyes, we'll dissect a set of security incident case studies using many tools available on your system or from the Net. We'll specifically describe how to avoid common security-incident pitfalls.
• Policy and Politics: Many of the policies and procedures followed at a site are carefully filed in the sysadmin's head. With the worldwide Net invading your local site, these secrets need to be written down, run by lawyers, and followed by your sysadmin staff. We will discuss approaches to these tasks, both good and bad, and illustrate with war stories, sample policy agreements, and procedure checklists.

Trent Hein (S2, M2) is co-founder of Applied Trust Engineering. Trent worked on the 4.4 BSD port to the MIPS architecture at Berkeley, is co-author of both the UNIX Systems Administration Handbook and the Linux Administration Handbook, and holds a B.S. in computer science from the University of Colorado.

Ned McClain (S2, M2), co-founder and CTO of Applied Trust Engineering, lectures around the globe on applying cutting-edge technology in production computing environments. Ned holds a B.S. in computer science from Cornell University and is a contributing author to both the UNIX System Administration Handbook and the Linux Administration Handbook.

Evi Nemeth (S2, M2) has retired from the computer science faculty at the University of Colorado, where she administered UNIX systems, both from the trenches and from the ivory tower. She is a co-author of the UNIX System Administration Handbook (now in its 3rd edition) and its green cousin, the Linux Administration Handbook. Evi is slowly learning what "retired" is supposed to mean, as she spends more time on her sailboat in the Caribbean and less time on computers, networks, and security.

S3 Linux System Administration
Joshua Jensen, Red Hat Inc.

Who should attend: System administrators who plan to implement a Linux solution in a production environment. Attendees should be familiar with the basics of system administration in a UNIX/Linux environment: user-level commands, administration commands, and TCP/IP networking. Both novice and intermediate administrators should leave the tutorial having learned something.

From a single server to a network of workstations, the Linux environment can be a daunting task for administrators knowledgeable on other platforms. Starting with a single server and finishing with a multi-server, 1000+ user environment, case studies will provide practical information for using Linux in the real world.

Topics include (with an emphasis on security):

• Installation features
• Disk partitioning and RAID
• Networking
• User accounts
• Services
• NFS and NIS
• Security through packet filtering and SSH
• New developments (journaling file systems, VPNs, and more)

At the completion of the tutorial, attendees should feel confident in their ability to set up and maintain a secure and useful Linux network. The instructor invites questions during the presentation.

Joshua Jensen (S3, T3) was the first Red Hat instructor and examiner, and has been with Red Hat for 4 years. In that time he has written and maintained large parts of the Red Hat curriculum: Networking Services and Security, System Administration, Apache and Secure Web Server Administration, and the Red Hat Certified Engineer course and exam. Joshua has worked with Linux for 7 years, and has been teaching Cisco Internetworking and Linux courses since 1998.

S4 Intrusion Detection: Evaluation, Architecture, and Implementation NEW
Cory Scott, ABN-AMRO North America

Who should attend: System, network, and security administrators who understand the basics of IDS technologies and are interested in the details of deploying IDS in their organization. The class will also be attractive to managers who want to implement IDS.

Topics include:

• How IDS fits into an IT organization
• How to measure ROI and provide metrics for an IDS deployment. ^* How tointegrate incident response and other security initiatives
• How to evaluate IDS technologies
  • Scoping a pilot project
  • Building a test environment.
• Risk assessment
• Threat modeling
• Architecture review of IDS deployments
• Data collection issues
  • Bandwidth feasibility for network-based IDS
  • log aggregation for host-based IDS
• How to deal with the intrusion detection community
• Overview of future IDS technologies

Whenever possible, the tutorial will cover a range of potential environments, from large networks to smaller deployments. The instructor invites attendees to email him before the conference with particular implementation questions or concerns and he will attempt to cover them during class.

Cory Scott (S4) has extensive experience in information systems and security and years of experience in network and systems security architecture, as well as operational experience in several demanding datacenters. Currently he is a manager of systems and security at ABN-AMRO North America. Previously he was a security consultant, performing assessment, penetration testing, and intrusion detection research. He has a CISSP certification, with speaking engagements at Blackhat Briefings and SANS. As a technical editor and writer, he has worked on several security publications, including recent technical reviews of "Know Your Enemy: The Honeynet Project" and NIST's "Special Publication on Intrusion Detection Systems."

S5 Hacking and Securing Web-Based Applications NEW
David Rhoades, Maven Security Consulting

Who should attend: People who are auditing Web application security, developing Web applications, or managing the development of a Web application.

Although numerous commercial and freeware tools assist in locating network-level security vulnerabilities, these tools are incapable of locating application-level issues. This course will demonstrate how to identify security weaknesses for Web-enabled services that could be exploited by remote users.

With numerous real-world examples, this informative and entertaining course is based on fact and experience, not theory. The course material is presented in a step-by-step approach, and will apply to Web portals, e-commerce, online banking, shopping, subscription-based services, and any Web-enabled application.

Topics include:

• Information-gathering attacks: How hackers read between the lines
• User sign-on process: Many sites contain serious flaws which expose them to the threat of bad publicity and loss of customer confidence
• User sign-off process: Are users really signed off?
• OS & Web server weaknesses: buffer overflows and default material
• Encryption: Finding the weakest link
• Session tracking
  • URL rewriting, basic authentication, and cookie: strengths and weaknesses
  • Session cloning, IP hopping, and other subtle dangers
  • A recipe for strong session IDs
• Authentication: server, session,
  transactional
• Transaction-level issues
  • Hidden form elements
  • Unexpected user input
  • GET vs. POST
  • JavaScript filters
  • Improper server logic

David Rhoades (S5) is president of Maven Security Consulting Inc.Since 1996 David has been providing information protection services for various Fortune 500 customers. His work has taken him across the U.S .and to Europe and Asia, where he has lectured and consulted in various areas of information security. David holds a B.S. in computer engineering from the Pennsylvania State University and is an instructor for the SANS Institute, the MIS Training Institute, and Sensecurity (based in Singapore).

S6 Beyond Shell Scripts: 21st-Century Automation Tools and Techniques NEW
Aeleen Frisch, Exponential Consulting

Who should attend: System administrators who want to explore new ways of automating administrative tasks. Shell scripts are appropriate for many jobs, but more complex operations will often benefit from sophisticated tools.

Topics include:

• Automating installations
  • Vendor-supplied tools
  • Alternative approaches
  • State-of-the-art package control
  • A heterogeneous environment
• Mark Burgess's cfengine package
  • Installations and beyond
  • "Self-healing" system configurations
  • Other uses
  • cfengine limitations and how to overcome them
• Don Libes's Expect package for automating interactive procedures
  • What to Expect . . .
  • Using Expect with other tools
  • Security issues
• Amanda, an enterprise backup management facility
  • Prerequisites
  • Configuration
  • Getting the most from Amanda
• STEM, a new package for automating network operations
  • Understanding the context and tool capabilities
  • Example applications
  • Performance and scaling

We'll conclude the course with a shell scripts redux covering some shell features you may not have heard of (and a bit of Perl, too).

Aeleen Frisch (S6, M3, T11) has been a system administrator for over 20 years. She currently looks after a pathologically heterogeneous network of UNIX and Windows systems. She is the author of several books, including Essential System Administration (now in its 3rd edition).

S7 Blueprints for High Availability: Designing Resilient Distributed Systems
Evan Marcus, VERITAS Software Corp.

Who should attend: Beginning and intermediate UNIX system and network administrators, and UNIX developers concerned with building applications that can be deployed and managed in a highly resilient manner. A basic understanding of UNIX system programming, UNIX shell programming, and network environments is required.

This tutorial will explore procedures and techniques for designing, building, and managing predictable, resilient UNIX-based systems in a distributed environment. We will discuss the trade-offs among cost, reliability, and complexity.Topics include:

• What is high availability? Who needs it?
• Defining uptime and cost; "big rules" of system design
• Disk and data redundancy; RAID and SCSI arrays
• Host redundancy in HA configs
• Network dependencies
• Application system programming concerns
• Anatomy of failovers: applications, systems, management tools
• Planning disaster recovery sites and data updates
• Security implications
• Upgrade and patch strategies
• Backup systems: off-site storage, redundancy, and disaster recovery
• Managing the system: managers, processes, verification

Evan Marcus (S7, M10) is a Senior Systems Engineer and High Availability Specialist with VERITAS Software Corporation. Evan has more than 14 years of experience in UNIX system administration. While working at Fusion Systems and OpenVision Software, Evan worked to bring to market the first high-availability software application for SunOS and Solaris. He is the author of several articles and talks on the design of high-availability systems and is the co-author, with Hal Stern, of Blueprints for High Availability: Designing Resilient Distributed Systems (John Wiley & Sons, 2000).

Who should attend: System administrators involved in the design, implementation, and administration of Veritas NetBackup. Participants who are not yet using NetBackup should review NetBackup documentation before attending this session.

Anyone who has implemented a medium-to-large installation of any commercial backup software package understands the challenges that such a project will face. This tutorial focuses on the challenges unique to Veritas NetBackup, with heavy emphasis on configuring NetBackup in such a way that it will be easier to automate, easier to monitor and make reports from, takes full advantage of your storage resources, and, above all, ensures that your data is being protected properly. The tutorial will also answer the questions that all NetBackup administrators find themselves asking and will provide scripts to automate NetBackup.

Topics include (with an emphasis on decisions to be made):

• NetBackup architecture
• System design
• Commonly used (and misunderstood) commands
• System automation
• frequently asked questions, including:
  • How do I do offsite tape duplication? Is bpvault worth it?
  • Why can't I delete this tape?
  • Can NetBackup tell me when I'm low on volumes, instead of waiting until I'm out?
  • How do I automate the importing, exporting, and labeling of library volumes?
  • How do I back up NAS systems?
  • Is there any way to manage the exclude lists centrally?

After completing this tutorial, participants will be able to answer all of these questions and will have the tools necessary to better automate their NetBackup installation. They will also be aware of common pitfalls and how to avoid them.

W. Curtis Preston (S8, S11) is the president of The Storage Group, Inc., a storage consulting firm focused on bridging the gap between customers and storage products. Curtis has ten years' experience designing storage systems for environments both large and small. Curtis has advised the major product vendors regarding product features and implementation methods. He is the administrator of the NetBackup and NetWorker FAQs and answers the "Ask The Experts" backup forum on SearchStorage.com. He is the author of O'Reilly's UNIX Backup & Recovery and Using SANs & NAS, as well as a monthly column in Storage Magazine.

S9 Perl for System Administration: The Networking Power Hours, Part 1 NEW
David N. Blank-Edelman, Northeastern University

Who should attend: System and network administrators with advanced-beginner to intermediate Perl skills (important prerequisite).

Now that we've offered several successful survey courses on using Perl to make system administration easier, it is time to go deeper. In this half-day course we'll take an hour per subject to probe how Perl can be used to work with three different network-related topics. We'll get you jump-started and then dive into the approaches, tools and methods you need to tame these areas with your existing Perl skills.

Topics include:

• SNMP: How to query and configure SNMP v1- and 3-capable devices
• Packet Play
  • Sniffing for specific packets
  • Creating packets with Perl
• Network Monitoring and Mapping: Continuously monitoring a network and displaying the results

This final module will tie together the two previous modules and work toward building simple tools to help. We'll also look at some of the more advanced free tools already available to solve this problem.

David N. Blank-Edelman (S9, S12) is the Director of Technology at the Northeastern University College of Computer Science and the author of the O'Reilly book Perl for System Administration. He has spent the last 16 years as a system/network administrator in large multi-platform environments, including Brandeis University, Cambridge Technology Group, and the MIT Media Laboratory. He has served as Senior Technical Editor for the Perl Journal.

S10 Introduction to Domain Name System Administration
William LeFebvre, CNN Internet Technologies

Who should attend: System or network administrators who have been exposed to the Domain Name System only as users. A basic understanding of the IP protocols, TCP and UDP, data encapsulation, and the seven-layer model will be beneficial.

DNS, the primary method the Internet uses to name and number machines, is used to translate names like "www.usenix.org" into addresses like 131.106.3.253. Any site that is serious about joining the Internet community will need to understand how to configure and administer DNS.

This tutorial will describe the basic operation of DNS and will provide instructions and guidelines for the configuration and operation of DNS on UNIX platforms using the BIND software distribution. This class is designed for the beginner and is intended to provide a foundation for the tutorial on "Intermediate Topics in Domain Name System Administration."

Topics include:

• DNS and BIND
• The DNS Name Hierarchy
• The four components of DNS
• Iterative vs. recursive querying
• Essential resource records: SOA, A, PTR, CNAME, NS
• Zone transfers and secondaries
• Vendor-specific differences

William LeFebvre (S10, S13) is an author, programmer, teacher, and sysadmin expert who has been using UNIX and Internet technologies since 1983. He writes a monthly column for UNIX Review and has taught since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS Training Institute, IT Forum, and Great Circle Associates. He has contributed to several widely used UNIX packages, including Wietse Venema's logdaemon package. He is also the primary programmer for the popular UNIX utility top. William is currently a technology fellow at CNN Internet Technologies, exploring the applicability of new technology to one of the busiest Web farms on the Internet. He received his bachelor's degree in 1983 and his master of science degree in 1988, both from Rice University.

S11 Using SANs and NAS
W. Curtis Preston, The Storage Group

Who should attend: System administrators and system engineers responsible for the design and implementation of storage systems. Attendees should be aware of storage systems concepts; a basic familiarity with SAN and NAS is helpful but not required.

This tutorial will explain the differences and similarities between Storage Area Networks (SAN) and Network Attached Storage (NAS), including an explanation of why NAS is now competing with SAN in certain markets. It will also cover the myriad of backup and recovery options that each brings to the table, and the pros and cons of each of them. It will then offer guidelines on how to decide whether SAN or NAS is right for you.

Topics include:

• SAN & NAS overview: why and what
• SAN architecture overview
• NAS architecture overview
• Managing SANs
• Backing up with SANs
• Managing NAS
• Backing up NAS

W. Curtis Preston (S8, S11) is the president of The Storage Group, Inc., a storage consulting firm focused on bridging the gap between customers and storage products. Curtis has ten years' experience designing storage systems for environments both large and small. Curtis has advised the major product vendors regarding product features and implementation methods. He is the administrator of the NetBackup and NetWorker FAQs and answers the "Ask The Experts" backup forum on SearchStorage.com. He is the author of O'Reilly's UNIX Backup & Recovery and Using SANs & NAS, as well as a monthly column in Storage Magazine.

S12 Perl for System Administration: The Networking Power Hours, Part 2 NEW
David N. Blank-Edelman, Northeastern University

Who should attend: System and network administrators with advanced-beginner to intermediate Perl skills (important prerequisite).

Now that we've offered several successful survey courses on using Perl to make system administration easier, it is time to go deeper. In this half-day course we'll take an hour per subject to probe how Perl can be used to work with three different network-related topics. We'll get you jump-started and then dive into the approaches, tools and methods you need to tame these areas with your existing Perl skills.

Part 1 (S9) is not a prerequisite for this class.

Topics include:

• LDAP: How to use Perl to perform common LDAP operations.
• Mail
  • Using Perl to send mail with SMTP
  • Using Perl to perform mail operations using POP3 and IMAP
  • Parsing mail
• Potpourri
  • Parsing logs efficiently and effectively
  • How to roll your own daemons
  • Using encrypted transports from Perl

David N. Blank-Edelman (S9, S12) is the Director of Technology at the Northeastern University College of Computer Science and the author of the O'Reilly book Perl for System Administration. He has spent the last 16 years as a system/network administrator in large multi-platform environments, including Brandeis University, Cambridge Technology Group, and the MIT Media Laboratory. He has served as Senior Technical Editor for the Perl Journal.

S13 Intermediate Topics in Domain Name System Administration
William LeFebvre, CNN Internet Technologies

Who should attend: Network administrators with a basic understanding of DNS and its configuration who need to learn how to create and delegate subdomains, and administrators planning to install BIND8. Attendees are expected either to have prior experience with DNS, including an understanding of basic operation and zone transfers, or to have attended the "Introduction to Domain Name System Administration" tutorial.

Attendees will move beyond the basics into a more thorough understanding of the overall design and implementation of DNS.

Topics include:

• Subdomains and delegation
• Resource records: NS, RP, MX, TXT, AAAA
• Migration to BIND8
• DNS management tools
• DNS design
• DNS and firewalls

William LeFebvre (S10, S13) is an author, programmer, teacher, and sysadmin expert who has been using UNIX and Internet technologies since 1983. He writes a monthly column for UNIX Review and has taught since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS Training Institute, IT Forum, and Great Circle Associates. He has contributed to several widely used UNIX packages, including Wietse Venema's logdaemon package. He is also the primary programmer for the popular UNIX utility top. William is currently a technology fellow at CNN Internet Technologies, exploring the applicability of new technology to one of the busiest Web farms on the Internet. He received his bachelor's degree in 1983 and his master of science degree in 1988, both from Rice University.

M1 Exploring the Potential of LDAP
Gerald Carter, Hewlett Packard

Who should attend: Administrators and programmers interested in the potential of the Lightweight Directory Access Protocol (LDAP) and in exploring issues related to deploying an LDAP infrastructure. This tutorial is not a how-to for a specific LDAP server, nor is it an LDAP developers' course. Rather, it is an evaluation of the potential of LDAP to allow the consolidation of existing deployed directories. No familiarity with LDAP or other Directory Access Protocols will be assumed.

System administrators today run many directory services, though they may be called by such names as DNS and NIS. LDAP, the up-and-coming successor to the X500 directory, promises to allow administrators to consolidate multiple existing directories into one. Vendors across operating-system platforms are lending support.

Topics include:

• The basics of LDAP
• Current technologies employing LDAP services
• Replacing NIS using LDAP
• Integrating authentication mechanisms for other services (e.g., Apache, Sendmail, Samba) with LDAP
• LDAP interoperability with other proprietary directory services, such as Novell's NDS and Microsoft's Active Directory
• Programming tools and languages available for implementing LDAP support in applications

David N. Blank-Edelman (S9, S12) is the Director of Technology at the Northeastern University College of Computer Science and the author of the O'Reilly book Perl for System Administration. He has spent the last 16 years as a system/network administrator in large multi-platform environments, including Brandeis University, Cambridge Technology Group, and the MIT Media Laboratory. He has served as Senior Technical Editor for the Perl Journal.

M2 Topics in UNIX and Linux Administration, Part 2 NEW
Trent Hein and Ned McClain, Applied Trust Engineering; Evi Nemeth, University of Colorado Emeritus

Who should attend: System and network administrators who are interested in picking up several new technologies in an accelerated manner. The format consists of six topics. Part 1 is not a prerequisite to this class.

Topics include:

• Efficient Server Log Management: Server and network device logs are one of the most useful sources of performance and security information. Unfortunately, system logs are often overlooked by organizations, out of either a lack of time or a preference for information from fancier intrusion detection systems. We present a set of open source tools and a unified strategy for securely managing centralized system logs.
• What's New with Sendmail: Newer versions of sendmail ship with a wealth of features every system administrator should know about. From advanced virus and spam filtering (Milter), to IPv6, to improved LDAP and mailbox abstraction support, we discuss sendmail's hot new features, quirks, and tricks.
• Performance Crisis Case Studies: Trying to squeeze more performance out of your existing environment? We'll walk you through the pathology of actual performance crisis situations we've encountered, and talk not only about how to fix them but also how to avoid them altogether. There's nothing like learning from real-world situations!
• Security Tools: A new generation's worth of security management tools are on the loose. We'll help you understand how to use them to your advantage. We'll examine network scanning tools such as Nessus and nmap, as well as new tools to facilitate security forensics.
• Site Localization and Management: Wouldn't it be nice if new system arrivals meant pushing a button and watching the localization work happen magically before your eyes? Imagine if systems at your site all shared a consistent configuration! We'll talk about modern tools for localization and mass deployment of systems, and how to keep systems up-to-date on a going forward basis.
• Security Incident Recovery: You've been vigilant about your site's security, but the day still comes when you detect an intruder. How do you handle the situation, analyze the intrusion, and restore both security and confidence to your environment? This crash course in incident handling will give you the skills you need to deal with the unthinkable.

Trent Hein (S2, M2) is co-founder of Applied Trust Engineering. Trent worked on the 4.4 BSD port to the MIPS architecture at Berkeley, is co-author of both the UNIX Systems Administration Handbook and the Linux Administration Handbook, and holds a B.S. in computer science from the University of Colorado.

Ned McClain (S2, M2), co-founder and CTO of Applied Trust Engineering, lectures around the globe on applying cutting-edge technology in production computing environments. Ned holds a B.S. in computer science from Cornell University and is a contributing author to both the UNIX System Administration Handbook and the Linux Administration Handbook.

M3 Administering Linux in Production Environments
Aeleen Frisch, Exponential Consulting

Who should attend: Current Linux system administrators and administrators from sites considering converting to or adding Linux systems.

This course will cover configuring and managing Linux computer systems in production environments. We will be focusing on the administrative issues that arise when Linux systems are deployed to address a variety of real-world tasks and problems arising in commercial and research-and-development contexts.

Topics include:

• Recent kernel developments
• High-performance I/O
  • Advanced filesystems and logical volumes
  • Disk striping
  • Optimizing I/O performance
• Advanced compute-server environments
  • Beowulf
  • Clustering
  • Parallelization environments/facilities
  • CPU performance optimization
• High-availability Linux: fault-tolerance options
• Enterprise-wide authentication
• Fixing the security problems you didn't know you had (or, what's good enough for the researcher/hobbyist won't do for you)
• Automating installations and other mass operations
• Linux in the office environment

Aeleen Frisch (S6, M3, T11) has been a system administrator for over 20 years. She currently looks after a pathologically heterogeneous network of UNIX and Windows systems. She is the author of several books, including Essential System Administration (now in its 3rd edition).

M4 Issues in UNIX Infrastructure Design
Lee Damon, University of Washington

Who should attend: Anyone who is designing, implementing, or maintaining a UNIX environment with 2 to 20,000+ hosts. System administrators, architects, and managers who need to maintain multiple hosts with few admins.

This tutorial won't propose one "perfect solution." Instead, it will try to raise all the questions you should ask in order to design the right solution for your needs.

Topics include:

• Administrative domains: Who is responsible for what? What can users do for themselves?
• Desktop services vs. farming
• Disk layout
• Free vs. purchased solutions: Do you write your own, or do you outsource?
• Homogeneous vs. heterogeneous
• Master database: What do you need to track, and how?
• Policies to make your life easier
• Push vs. pull: Do you force data to each host, or wait for a client request?
• Quick replacement techniques: How to get the user back up in 5 minutes
• Remote install/upgrade/patching: How can you implement lights-out operation? Handle remote user sites? Keep up with vendor patches?
• Scaling and sizing: How do you plan?
• Security vs. sharing
• Single sign-on: Can one-password access to multiple services be secure?
• Single system images: Should each user see everything the same way, or should each user's access to each service be consistent with his/her own environment?
• Tools: What's free? What should you buy? What can you write yourself?

Lee Damon (M4) holds a B.S. in speech communication from Oregon State University. He has been a UNIX Systems Administrator since 1985, and has been active in SAGE since its inception. He assisted in developing a mixed AIX/SunOS environment at IBM Watson Research, and has developed mixed environments for Gulfstream Aerospace and QUALCOMM. He is currently leading the development effort for the Nikola project at the University of Washington Electrical Engineering department. He is a member of the SAGE Ethics Working Group, and was one of the commentators on the SAGE Ethics document. He has championed awareness of Ethics in the Systems Administration community, including writing it into policy documents.

M5 Practical Wireless IP: Concepts, Administration, and Security
Philip Cox and Brad C. Johnson, SystemExperts Corp.

Who should attend: Users, administrators, managers, and others interested in learning about some of the fundamental security and usage issues around wireless
IP services. This tutorial assumes some knowledge of TCP/IP networking and client/server computing, the ability or willingness to use administrative GUIs to set up a device, and a general knowledge of common laptop environments.

Whether you like it or not, wireless services are popping up everywhere. And you and your organization will be responsible for understanding and managing the devices you possess. Since the purpose of wireless is to share data when you aren't directly attached to a wired resource, you need to understand the fundamental security and usage options. In this tutorial we will cover a number of topics that affect you in managing and using wireless services. Some of the topics will be demonstrated live using popular wireless devices.

Topics include:

• Cellular services basics
  • What's out there?
  • Who's using what?
  • What really matters?
• Wireless LAN fundamentals
  • Architecture
  • Threats
  • 802.11b
  • Configuration examples
  • Antennas
• Access points
  • Channels, placement
  • Bandwidth, aggregation
  • Congestion
  • Roaming, signals
  • General issues
  • Sniffers
  • Building your own access point
  • 802.11a

Philip Cox (M5) is a consultant for SystemExperts Corporation, a consulting firm that specializes in system security and management. Phil frequently writes and lectures on issues bridging the gap between UNIX and Windows NT and on information security. He is the lead author of Windows 2000 Security Handbook 2nd edition from Osborne McGraw-Hill and contributing author to Windows NT/2000 Network Security from Macmillan Technical Publishing. Phil is also a featured columnist in the USENIX Association Magazine ;login:, and serves on the SANS NT Digest editorial board.

Brad C. Johnson (M5, T6) is vice president of SystemExperts Corporation. He has participated in seminal industry initiatives such as the Open Software Foundation, X/Open, and the IETF, and has published often about open systems. Brad has served as a technical advisor to organizations such as Dateline NBC and CNN on security matters. He is a regular tutorial instructor and conference speaker on topics related to practical network security, penetration analysis, middleware, and distributed systems. Brad holds a B.A. in computer science from Rutgers University and an M.S. in applied management from Lesley University.

M6 Building a syslog Infrastructure
Tina Bird, Counterpane Internet Security

Who should attend: System administrators and network managers responsible for monitoring and maintaining the health and well-being of computers and network devices in an enterprise environment. Although some review is provided, participants should be familiar with the UNIX and Windows operating systems and basic network security.

The purpose of this tutorial is to illustrate the importance of a network-wide centralized logging infrastructure, to introduce several approaches to monitoring audit logs, and to explain the types of information and forensics that can be obtained with well-managed logging systems.

Every device on your network--routers, servers, firewalls, application software--spits out millions of lines of audit information a day. Hidden within the data that indicate normal day-to-day operation (and known problems) are the first clues that systems are breaking down, attackers are breaking in, and end users are breaking up. If you manage that data flow, you can run your networks more effectively.

Topics include:

• The extent of the audit problem: How much data are you generating every day, and how useful is it?
• Logfile content: Improving the quality of the data in your logs
• Logfile generation: syslog and its relatives, including building a central loghost, and integrating MS Windows systems into your UNIX log system
• Log management: Centralization, parsing, and storing all that data
• Legal issues: What you can do to be sure you can use your logfiles for human resources issues and for legal prosecutions

This class won't teach you how to write Perl scripts to simplify your logfiles. It will teach you how to build a log management infrastructure, how to figure out what your log data means, and what in the world you do with it once you've acquired it.

Tina Bird (M6) is a network security architect at Counterpane Internet Security. She has implemented and managed a variety of wide-area-network security technologies and has developed, implemented and enforced corporate IS security policies. She is the moderator of the Virtual Private Networks mailing list, and the owner of "VPN Resources on the World Wide Web." Tina has a B.S. in physics from Notre Dame and an M.S. and Ph.D. in astrophysics from the University of Minnesota.

M7 Technical Tools for Creating Happy Users NEW
Tom Limoncelli, Lumeta, Inc., and Christine Hogan, Consultant

Who should attend: Anyone seeking to increase user happiness though better technology; especially those whose environments contain large numbers of users and/or desktops. If you are considering creating a helpdesk or find yourself being pushed to manage or create helpdesk-like functions, you'll find this tutorial especially useful.

This workshop will present technical solutions that contribute to making a good first impression on users and maintaining that relationship.

Topics include:

• The importance of making a good first impression
• Perception vs. visibility: "customers" vs. "users"
• The secret to making users feel they are the center of the universe: an algorithm for ordering request priorities
• How to make a good first impression always
  • The employee's first day
  • Every day
• Technology that helps make a good first impression
  • The first-day checklist
  • Rapid PC deployment techniques (Ghost, JumpStart, AutoLoad, etc.)
  • Tools to improve homogeneity (cfengine, etc.)
• Helpdesks (both real and virtual)
  • Pros and cons of formal helpdesks
  • How to create and manage a helpdesk
  • Survey of request and ticket systems
• Customer care: the 9-step process for handling customer requests
• Catching what's wrong before they do
  • Monitoring services
  • Historical trend analysis
  • Should you have a NOC?
• Training every customer-facing person needs

Tom Limoncelli (M7, T8), co-author of The Practice of System and Network Administration from Addison-Wesley, is Director of Operations at Lumeta Corporation, where he is responsible for building and scaling the deployment systems. A sysadmin and network wonk since 1987, he has worked at Bell Labs/Lucent, Mentor Graphics, and Drew University. He is a frequent presenter at LISA conferences.

Christine Hogan (M7, T8), co-author of The Practice of System and Network Administration from Addison-Wesley, is an independent consultant, currently studying for a Ph.D. at Imperial College, London. Previously employed by Synopsys and Global Networking and Computing (GNAC, Inc.), she serves as consultant to start-ups, e-commerce sites, bio-tech companies, and large multi-national hardware and software companies. Her system administration career began at the Department of Mathematics in Trinity College Dublin.

Who should attend: Anyone who is struggling with backup and restore, and anyone who anticipates growing his/her backup system in the next year.

Backup/restore is the killer app for storage area networks, and you do not need to have a SAN disk system in order to SAN-enable your backup system. This class takes an under-the-hood look at the surprisingly affordable SAN backup technology.

We focus on the conservative use of new technologies and how to get the best results from your budget. The course covers architectures and principles that will be relevant to any backup software.

Topics include:

• Blocks, files, storage objects, and metadata
• Block-level vs. file-level backups
• 4 ways to take a snapshot
• Storage interfaces and protocols in relation to backup
• Tape-library sharing (a.k.a. LAN-free backup)
  • Specifying an affordable SAN infrastructure
  • Connecting existing tape devices on the SAN
• Sizing and configuring SAN bridges and routers
• Challenges of device addressing
• Fibre-channel tape devices
• Fail-over for backup connections
• Directing backup traffic flow on the SAN
• Tape-drive technology: AIT, LTO, DLT, STK
• Disk-enabled backup
• Disk-to-disk backup
• Virtual tape and disk staging
• "Serverless" backup and alternatives
• High-performance NAS backup
  • Parallel file systems
  • NDMP (Network Data Management Protocol)

Jacob Farmer (M8, M11) is the CTO of Cambridge Computer Services, an integrator and training provider specializing in storage management. He has more than 15 year's experience with data storage technologies and is an accomplished author and lecturer. He writes the expert advice column for InfoStor magazine (the leading trade publication of the data storage industry) and is currently is currently working on a book on storage networking technologies.

M9 Regular Expression Mastery NEW
Mark-Jason Dominus, Plover Systems Co.

Who should attend: System administrators and users who use Perl, grep, sed, awk, procmail, vi, or emacs.

Almost everyone has written a regex that produced unexpected results. Sometimes regexes appear to hang forever, and it's not clear what has gone wrong. Sometimes they behave differently in different utilities, and you can't tell why. This class will fix all these problems.

The first section of the class will explore the matching algorithms used internally by common utilities such as grep and Perl. Understanding these algorithms will allow us to predict whether a regex will match, which of several matches will be found, and which regexes are likely to be faster than others, and to understand why all of these behaviors occur. We'll learn why commonly used regex symbols such as ".," "$." and "\1" may not mean what you thought they did.

In the second section, we'll look at common matching disasters, a few practical parsing applications, and some advanced Perl features. We'll finish with a discussion of optimizations that were added to Perl 5.6, and why you should avoid using "/i."

Topics include:

• Inside the regex engine
  • Regular expressions are programs
  • Backtracking
  • NFA vs. DFA
  • POSIX and Perl
  • Quantifiers
  • Greed and anti-greed
  • Anchors and assertions
  • Backreferences
• Disasters and optimizations
  • Where machines come from
  • Disaster examples
  • Tokenizing
  • New optimizations
  • Matching strings with balanced parentheses

Mark-Jason Dominus (M9, M12) has been programming in Perl since 1992. He is a moderator of the comp.lang.perl.moderated newsgroup, the author of the Text::Template, Tie::File, and Memoize modules, a contributor to the Perl core, and author of the perlreftut man page. Last year his work on the Rx regular expression debugger won the Larry Wall Award for Practical Utility. He lives in Philadelphia with his wife and several plush octopuses.

Who should attend: Anyone who needs to develop a disaster recovery plan.

We'll identify the key parts of a plan, how to test it, and some of the technology that can speed recovery, with an eye toward balancing costs and benefit.

Topics include:

• What a DR plan should contain
• The costs of developing a DR plan
• Do you need a DR plan at all?
• Downtime and data loss: two sides of the same coin
• Four different methods for testing your DR plan
• DR as a subset of high availability
• Methods and technologies for protecting data through a disaster
• How disasters may affect the people who are responsible for recovery
• Building and staffing DR teams
• The role of senior management in DR
• A real-life case study of a company that survived a major disaster

Mark-Jason Dominus (M9, M12) has been programming in Perl since 1992. He is a moderator of the comp.lang.perl.moderated newsgroup, the author of the Text::Template, Tie::File, and Memoize modules, a contributor to the Perl core, and author of the perlreftut man page. Last year his work on the Rx regular expression debugger won the Larry Wall Award for Practical Utility. He lives in Philadelphia with his wife and several plush octopuses.

Who should attend: System architects, storage administrators, and disaster-recovery planners who are interested in cutting-edge storage technologies and/or whose needs have not been satisfied by the big vendors. Some familiarity with storage networking and/or SCSI and network file systems would be useful.

Proprietary monolithic SAN and NAS subsystems are giving way to open-system and distributed architectures. Data-transfer protocols such as SCSI, NFS, and CIFS are facing competition from VI and DAFS. Fibre-channel and parallel SCSI interfaces are challenged by Gigabit Ethernet and serial ATA. Bottlenecks imposed by PCI and SBUS stand to be eliminated by Infiniband with RDMA. This class identifies solutions available today and hints at what to expect for tomorrow.

Students will leave with ideas for leveraging existing hardware investments and for planning future migration strategies.

Topics include:

• Fundamentals of storage system architectures
• Shortcomings of conventional SAN and NAS architectures
• Performance bottlenecks
• Cost-reducing strategies
• Comparison of storage interfaces: fibre channel, SCSI, serial ATA, Infiniband, Ethernet
• Comparison of storage protocols: CIFS, NFS, SCSI, VI, DAFS
• Open systems storage virtualization
• The convergence of SAN and NAS
• High-performance file sharing (NAS on steroids)
  • Indirect file systems
  • SAN-enabled file systems
• Parallel file systems
• Distributed metadata
• Fixed content
• Content-addressable storage

Jacob Farmer (M8, M11) is the CTO of Cambridge Computer Services, an integrator and training provider specializing in storage management. He has more than 15 year's experience with data storage technologies and is an accomplished author and lecturer. He writes the expert advice column for InfoStor magazine (the leading trade publication of the data storage industry) and is currently is currently working on a book on storage networking technologies.

Who should attend: System administrators and others who write Perl programs or deal with Perl programs other people have written.

In the typical program, 30% to 50% is just fat, harboring bugs and wasting maintenance and execution time. It's easy to learn to recognize and remove this fat, leaving your code more robust, more reliable, more readable, and more modular.

All the bad Perl code in this class is guaranteed 100% genuine and typical--no fake examples. We will examine several typical system administration programs in detail and see how to improve them. The class will focus on "red flags," the obvious warning signs in your code. We concentrate on techniques that yield big benefits for little effort. Clever tricks are forbidden, because everyone has off days, and this class is about how to write good, clean code even on the off days.

Participants are encouraged to submit their own code for respectful, anonymous review in the class. (Send it to mjd-lisa-repair+@plover.com before July 22.)

Topics include:

• Families of variables
• Making relationships explicit
• Refactoring
• Programming by convention
• The Flesh Blanket
• Structural vs. functional code
• Conciseness
• Why you should avoid the "." operator
• Elimination of global variables
• Superstition
• The "use strict" zombies
• Repressed subconscious urges
• The cardinal rule of computer programming
• The psychology of repeated code
• Programs that are 10% backslashes
• What can go wrong with "if"and "else"
• The Condition that Ate Michigan
• Resisting Holy Doctrine
• How (and why) to let "undef" be the special value
• Trying it both ways

Mark-Jason Dominus (M9, M12) has been programming in Perl since 1992. He is a moderator of the comp.lang.perl.moderated newsgroup, the author of the Text::Template, Tie::File, and Memoize modules, a contributor to the Perl core, and author of the perlreftut man page. Last year his work on the Rx regular expression debugger won the Larry Wall Award for Practical Utility. He lives in Philadelphia with his wife and several plush octopuses.

M13 Practical Project Management NEW
Strata Rose Chalup, VirtualNet Consulting

Who should attend: Sysadmins who want to stay hands-on as team leads or system architects and need a new set of skills with which to tackle bigger, more complex challenges. No previous experience with project management is required. Participants will get a no-nonsense grounding in methods that work without adding significantly to one's workload. People who have been through traditional multi-day project management courses will be shocked, yet refreshed, by the practicality of our approach. To get the most out of this tutorial, participants should have some real-world project or complex task in mind for the lab sections.

This tutorial focuses on complementing your own organizational style (or lack thereof) with a toolbox of ways to organize and manage complex tasks without drowning in paperwork or clumsy, meeting-intensive methodologies. Also emphasized is how to bridge the gap between ad-hoc methods and the kinds of tracking and reporting that traditionally trained managers will understand.

Topics include:

• Quick basics of project management
• Skill sets
  • Defining success
  • Chunking and milestoning
  • Delegating
  • Tracking
  • Reporting
• Problem areas
• Project mangement tools
  • What tools should do for you
  • UNIX commands and scripts for 90+%
  • Freeware PM tool options
  • The only 15 minutes of MS Project you'll ever need
• Real-world lab
  • Applying skillsets to a sample project
  • Generating skeleton documents and notes as we go along
  • Project Fixit Q&A

Strata Rose Chalup (M13) began as a fledgling sysadmin in 1983, and has been leading and managing complex IT projects for many years, serving in roles ranging from Project Manager to Director of Network Operations. She has authored several articles on management and working with teams, and specializes in multi-vendor infrastructure rollouts. Another MIT dropout, Strata is founder and CEO of VirtualNet Consulting, and applies her management skills on various volunteer boards, including BayLISA and SAGE.

T1 System and Network Monitoring NEW
John Sellens, Certainty Solutions

Who should attend: Network and system administrators interested in real-life, practical, host- and network-based monitoring of their systems and networks. Participants should have an understanding of the fundamentals of networking, basic familiarity with computing and network components, and some familiarity with UNIX and scripting languages.

This tutorial will introduce the concepts and functions of monitoring systems and will describe the Simple Network Management Protocol (SNMP). It will review some of the most popular monitoring tools and will cover the installation and configuration of a number of freely available monitoring packages. The emphasis will be on the practical, and the tutorial will provide examples of easy-to-implement monitoring techniques.

Topics include:

• Monitoring--goals, techniques, reporting
• SNMP--the protocol, reference materials, relevant RFCs
• Introduction to SNMP MIBs (Management Information Bases)
• SNMP tools and libraries
• Other non-SNMP tools
• Security concerns when using SNMP and other tools on the network
• Monitoring applications--introductions, use, benefits and complications, installation and configuration (Big Brother, Nagios, SNIPS, MRTG, Cricket, etc.)
• Special situations--remote locations, firewalls, etc.
• Monitoring implementation roadmap--policies, practices, notifications, escalations, reporting

Participants should expect to leave the tutorial with the information needed to immediately start using a number of monitoring systems and techniques to improve their ability to manage and maintain their systems and networks.