Technical Sessions: Wednesday, November 17 | Thursday, November 18 | Friday, November 19 | All in one file

Friday, November 19, 2004
9:00 a.m.–10:30 a.m.			Friday
REFEREED PAPERS Marquis III Security Session Chair: David Hoffman, Stanford University Making a Game of Network Security Marc Dougherty, Northeastern University Securing the PlanetLab Distributed Testbed: How to Manage Security in an Environment with No Firewalls, with All Users Having Root, and No Direct Physical Control of Any System Paul Brett, Mic Bowman, Jeff Sedayao, Robert Adams, Rob Knauerhause, and Aaron Klingaman, Intel Corporation Secure Automation: Achieving Least Privilege with SSH, Sudo, and Suid Robert A. Napier, Cisco Systems	NETWORK/SECURITY/ PROFESSIONAL TRACK Marquis II Session Chair: Lee Damon, University of Washington System Administration and Sex Therapy: The Gentle Art of Debugging Speaker: David Blank-Edelman, Northeastern University Listen in MP3 format View Presentation Slides (PDF) Already debugged three things today and it's not even breakfast? You must be a sysadmin. Our life is chock full of debugging "opportunities." Not only do we have to fix problems in complex systems, we often find ourselves debugging the interactions between complex systems designed by other people. To understand this process better and to get better at it, we're going to turn to an unlikely source of information: sex therapists, counselors, and educators. With their help, we'll explore why improving the interactions between complex systems when they go awry is so hard and what techniques and craft can be used to make the process easier. Come to this talk not for its mature subject matter, but for the chance to learn to be a better sysadmin through better debugging.		GURU SESSIONS Marquis IV RAID/HA/SAN (with a Heavy Dose of Veritas) Doug Hughes, Global Crossing; Darren Dunham, TAOS Doug Hughes and Darren Dunham have 13+ years of Veritas between them. They have years of experience working on Volume Manager, Veritas File System, Database Edition, Volume Replicator, Cluster Server, and NetBackup. Whether you have a SAN or direct-attach storage, a database or a fileystem, a single system or a cluster, or a perplexing backup or disaster recovery issue, this session will cover it all. Generic questions about technology components (RAID, SAN, HA, backup, disaster recovery) are welcome.
10:30 a.m.–11:00 a.m.   Break
11:00 a.m.–12:30 p.m.			Friday
REFEREED PAPERS Marquis III Theory Session Chair: John Sechrest, Public Electronic Access to Knowledge Experience in Implementing an HTTP Service Closure Steven Schwartzberg, BBN Technologies; Alva Couch, Tufts University Meta Change Queue: Tracking Changes to People, Places, and Things Jon Finke, Rensselaer Polytechnic Institute Solaris Zones: Operating System Support for Consolidating Commercial Workloads Daniel Price and Andrew Tucker, Sun Microsystems, Inc.	INVITED TALKS Marquis I Session Chair: Adam Moskowitz, Menlo Computing The Administrator, Then and Now Speaker: Peter H. Salus, UNIX Historian 50 years ago, enormous, isolated machines were tended by priests in white coats called operators. 40 years ago, people carried large boxes of cards and presented them to operators, who (if one was lucky) returned work product 24 hours later. By 30 years ago, many "terminals" were connected to more central "mainframes"; 20 years ago, "workstations" and "personal computers" had come into being. As storage and connectivity waxed, the role of the operator transformed into that of the system administrator. This talk will trace that transformation.	NETWORK/SECURITY/ PROFESSIONAL TRACK Marquis II Session Chair: Rudi Van Drunen, Leiden Pathology and Cytology Labs, Leiden, The Netherlands Used Disk Drives Speaker: Simson Garfinkel, MIT Computer Science and Artificial Intelligence Laboratory View Presentation Slides (PDF) Between 1998 and 2002, Simson Garfinkel purchased 200 used hard drives on eBay. Analyzing these hard drives with a simple UNIX-based system, he found a treasure trove of personal and business confidential information—information he never should have seen. In this talk, Garfinkel will discuss the information he found and why it was findable. He'll give a brief survey of how filesystems lay information on the hard drive, how and when that information is overwritten, and what tools you can use to perform forensic analysis and properly sanitize media. Finally, he'll show how the results of this research are applicable to digital cameras, flash memory, MP3 players, Palm Pilots, and a wide variety of other systems.	GURU SESSIONS Marquis IV Professional Growth David Parter, University of Wisconsin David has been a system administrator at the University of Wisconsin Computer Science Department since 1991, serving as Associate Director of the Computer Systems Lab since 1995. David has been the senior system administrator, guiding a staff of 8 full-time sysadmins and supervising up to 12 student sysadmins at a time. His experiences in this capacity include working with other groups on campus; providing technical leadership to the group; managing the budget; dealing with vendors; dealing with faculty; and training students. As a consultant, he has dealt with a variety of technical and management challenges. He has sat on the SAGE executive committee since December 1999, serving as SAGE President in 2001–2002.
12:30 p.m.–2:00 p.m.   Lunch (on your own)
2:00 p.m.–3:30 p.m.			Friday
Work-in-Progress Reports (WiPs) Marquis I Session Chair: Esther Filderman, Pittsburgh Supercomputing Center Short, pithy, and fun, Work-in-Progress reports introduce interesting new or ongoing work. If you have work you would like to share or a cool idea that's not quite ready for publication, send a one- or two-paragraph summary to lisa04wips@usenix.org. We are particularly interested in presenting students' work. A schedule of presentations will be posted at the conference, and the speakers will be notified in advance. Work-in-Progress reports are five-minute presentations; the time limit will be strictly enforced. Click here for a current WiPs schedule	INVITED TALKS Marquis II Session Chair: David Blank-Edelman, Northeastern University Lessons Learned from Howard Dean's Digital Campaign Speakers: Keri Carpenter, UC Irvine; Tom Limoncelli, Consultant Listen in MP3 format View Keri Carpenter's Presentation Slides (PDF) View Tom Limoncelli's Presentation Slides (PDF) Howard Dean's campaign use of Web technology has had a lasting effect on politics. Their Internet-based tools had 2 goals: raise funds and raise the level of participation. They broke all fundraising records ($50 million during the campaign) and invigorated a volunteer base the like of which had not been seen before. The talk will describe tools including the Web site, the blog, fundraising tools, and online meet-up tools. The culture and the tools employed during the campaign offer important lessons on how the Internet can be used by any campaign and any political party to organize distributed masses of people to collaborate for active participation in the democratic process. Campaigns from local races to national campaigns have adopted the techniques developed by Dean for America.	NETWORK/SECURITY/ PROFESSIONAL TRACK Marquis III Session Chair: David Hoffman, Stanford University Storage Security: You're Fooling Yourself Speaker: W. Curtis Preston, Glasshouse Technologies Those of us who design and administer networked storage must now begin to apply security principles and techniques to our storage networks. This talk will start with brief explanations of security for storage administrators, and storage for security administrators. It will then cover the vulnerabilities and exploits of SAN and NAS networks. Once these issues are on the table, we will discuss techniques to overcome these vulnerabilities, from readily available configuration choices to future industry directions.	GURU SESSIONS Marquis IV Configuration Management Gene Kim, Tripwire, Inc. So you need to build a change management process: either you were nailed by an IT audit, an industry regulation, or Sarbanes-Oxley, or you just need a better way to integrate security into your IT operational processes. How are you identifying the gaps and bootstrapping the necessary controls, with each step having a beginning and a clearly defined goal? Join our guru session to discuss and explore how to build auditable change and configuration management processes, not only to achieve sustainable security and auditable processes, but also to build a high-performing IT ops team with the best service levels (MTTR, MTBF, low amounts of unplanned work) and efficiencies (improved server to system administrator ratios).
3:30 p.m.–4:00 p.m.   Break
4:00 p.m.–5:30 p.m.			Friday
LISA Game Show Marquis II Closing this year's conference, the LISA Game Show will once again pit attendees against each other in a test of technical knowledge and cultural trivia. Host Rob Kolstad and sidekick Dan Klein will provide the questions and color commentary for this always memorable event.