Tutorials:
Overview | By Day (Sunday,
Monday, Tuesday) |
By Instructor | All in One File
S1 Administering Windows NT: A Course for UNIX People
Who should attend: UNIX system administrators who are also responsible for Windows NT systems (or who may become responsible for them). Students attending this class should be comfortable with general system administration concepts (file systems, processes, user accounts, backups, and the like), as well as the major tools and procedures used to manage them on UNIX systems. A sense of humor will also be beneficial when initially approaching Windows NT. The primary goal of this course is to help you apply what you already know about systems administration under UNIX to the tasks and challenges of the Windows NT environment, in an effort to make that transition as easy and painless as possible. The course will include a variety of real-world examples and will focus on practical techniques and strategies for NT systems administration. You can expect a very fast-paced, information-rich course. This class focuses on NT 4.0, but will discuss Win2000 as appropriate. Topics include:
Aeleen Frisch (S1, M9am, M12pm) has been a system
administrator for over 15 years. She currently looks after a very heterogeneous
network of UNIX and Windows NT systems. She is the author of several books,
including Essential Windows NT System Administration.
Who should attend: This tutorial is directed at system administrators who are planning on implementing a Linux solution in a production environment. Course attendees should be familiar with the basics of systems administration in a UNIX®/Linux® environment: user-level commands, administration commands, and TCP/IP networking. The novice administrator and the guru should both leave the tutorial having learned something. From a single server to a network of workstations, the Linux environment can be a daunting task for administrators knowledgeable in other platforms. Starting with a single server and ending with a multi-server 1000+ user environment, case studies will provide practical information for using Linux in the real world. Topics include (with special emphasis on security):
Upon completion of the course, attendees should feel confident in their ability to set up and maintain a secure and useful Linux network. The tutorial will be conducted in an open manner that allows for questions at all times.
Bryan C. Andregg (S2) is the Director of MIS at Red
Hat Software, where he has held that position for almost two years. During that
time he has overseen combining two nationally distinct offices and moving the
entire organization twice and has finally been allowed to hire an assistant.
Who should attend: Beginning and intermediate UNIX system and network administrators, and UNIX developers concerned with building applications that can be deployed and managed in a highly resilient manner. A basic understanding of UNIX system programming, UNIX shell programming, and network environments is required. This course will explore procedures and techniques for designing, building, and managing predictable, resilient UNIX-based systems in a distributed environment. Hardware redundancy, system redundancy, monitoring and verification techniques, network implications, and system and application programming issues will all be addressed. We will discuss the trade-offs among cost, reliability, and complexity. Topics include:
Evan Marcus (S3) is a senior systems engineer and
high availability specialist with VERITAS Software Corporation. Evan has more
than 12 years of experience in UNIX systems administration. While employed at
Fusion Systems and OpenVision Software, Evan worked to bring the first high availability software application for SunOS and Solaris to
market. Evan is the author of several articles and talks on the design of high
availability systems.
In today's fast-moving Internet and client-server world, security is a critical component of most systems. But security systems are complex and confusing. Different systems provide overlapping functionality, and what's popular today may be gone tomorrow. This course describes many of today's most popular network security systems. We describe how the various security protocols work, what value they provide, and how difficult they are to implement. The goal: attendees should be well equipped to understand which protocols are applicable to their environments and systems, which to pursue in more detail, and which are likely to be just a flash in the pan. Topics include:
Daniel E. Geer, Jr. (S4), Sc.D., is vice-president of CertCo, LLC, market leader in digital certification. Dr. Geer has a long history in network security and distributed computing management as an entrepreneur, consultant, teacher, and architect. He holds a Bachelor of Science in electrical engineering and computer science from MIT, and a Doctor of Science in biostatistics from Harvard University. A frequent speaker, popular teacher, and member of several professional societies, he is active in USENIX, where he has participated in virtually every activity, including serving as technical program chair for the San Diego, California, 1993 Winter Technical Conference, as well as conference chair for both the First Symposium on Mobile and Location Independent Computing and the First USENIX Workshop on Electronic Commerce. He was elected to the Board of Directors in June 1994 and began an elected two-year term as vice-president in June 1996. He is the co-author of Wiley's Web Security Sourcebook (June 1997).
Jon Rochlis (S4) is a senior consultant for
SystemExperts Corp. He and his colleagues provide high-level advice to
businesses large and small in the areas of network security, distributed systems
design and management, high availability, and electronic commerce. Before
joining SystemExperts, Mr. Rochlis was engineering manager with BBN Planet, a
major national Internet service provider.
Who should attend: Network, system, and firewall administrators; security auditors and those who are audited; people involved with responding to intrusions or responsible for network-based applications or systems that might be targets for hackers. Participants should understand the basics of TCP/IP networking. Examples will use actual tools and will also include small amounts of HTML, JavaScript, and Tcl. This course will be useful for anyone with any TCP/IP-based system--a UNIX, Windowsxx, Windows NT, or mainframe operating system, or a router, firewall, or gateway network host. Whether network-based host intrusions come from the Internet, an extranet, or an intranet, they typically follow a common methodology: reconnaissance, vulnerability research, and exploitation. This tutorial will review the tools and techniques hackers (determined intruders) use to perform these activities. You will learn what types of protocols and tools they use, and you will become familiar with a number of current methods and exploits. The course will show how you can generate vulnerability profiles of your own systems. Additionally, it will review some of the important management policies and issues related to these network-based probes. The course will focus primarily on tools that exploit many of the common TCP/IP based protocols, such as WWW, SSL, DNS, ICMP, and SNMP, that underlie virtually all Internet applications, including Web technologies, network management, and remote file systems. Some topics will be addressed at a detailed technical level. This course will concentrate on examples drawn from public domain tools, because these tools are widely available and commonly used by hackers (and are free for you to use). Topics include:
Topics not covered:
Brad Johnson (S5) is a principal of SystemExperts
Corporation, a consulting firm that specializes in system security and
management. He is a well-known authority in the field of secure distributed
systems and has recently served as a technical advisor to both Dateline NBC and
CNN on network security matters. He has participated in seminal industry
initiatives, including the Open Software Foundation, X/Open, and the IETF, and
has often published about open systems.
Who should attend: System administrators who want to learn more about the sendmail program, particularly details of configuration and operational issues (this tutorial will not cover mail front ends). This will be an intense, fast-paced, full-day tutorial for people who have already been exposed to sendmail. This tutorial describes the latest release of sendmail from Berkeley, version 8.10. We begin by introducing a bit of the philosophy and history underlying sendmail. Topics include:
Eric Allman (S6, M8am) is the original author of send
mail. He was the chief programmer on the INGRES database management project and
an early contributor to the UNIX effort at Berkeley, authoring syslog, tset, the -me troff macros, and trek. He designed database user and
application interfaces at Britton Lee (later Sharebase) and contributed to the
Ring Array Processor project for neural-network-based speech recognition at the
International Computer Science Institute. He is a former member of the USENIX
Board of Directors.
Who should attend: Experienced Perl programmers interested in honing their existing Perl skills for quick prototyping, system utilities, software tools, system management tasks, database access, and WWW programming. Students should have used Perl for basic scripting for several months before taking this course. Topics include:
Upon completion of this course, students will be able to:
Tom Christiansen (S7) has been involved with Perl
since day zero of its initial public release in 1987. Lead author of The Perl
Cookbook, co-author of the second editions of Programming Perl and
Learning Perl, and co-author of Learning Perl on Win32 Systems,
Tom is also the managing editor of the www.perl.com Web site, major caretaker of
Perl's online documentation, originator and co-maintainer of the Perl Frequently
Asked Questions list, and president of The Perl Journal. Tom served two
terms on the USENIX Board of Directors. He holds undergraduate degrees in
computer science and Spanish and a master's in computer science from the
University of Wisconsin at Madison. He now lives in Boulder, Colorado.
Who should attend: This tutorial is intended for system and network administrators who wish to integrate SAMBA running on a UNIX-based machine with Microsoft Windows clients. No familarity with Windows networking concepts will be assumed. SAMBA is a freely available suite of programs that allows UNIX-based machines to provide file and print services to Microsoft Windows PCs without installing any third-party software on the clients. This allows users to access necessary resources from both PCs and UNIX workstations. As SAMBA makes its way into more and more network shops all over the world, it is common to see "configuring SAMBA servers" listed as a desired skill on many job descriptions for network administrators. This tutorial will use real-world examples taken from daily administrative tasks. Topics include:
Gerald Carter (S8am) has been a member of the
SAMBA Team since 1998. However, he has been maintaining SAMBA servers for the
past four years. Currently employed as a network manager by the College of
Engineering at Auburn University, Auburn, Alabama, Gerald daily maintains
approximately 600 PCs running a melting pot of Microsoft operating systems and
30 Solaris 2.x servers running SAMBA. He recently acted as the lead author for
Teach Yourself SAMBA in 24 Hours (Sams Publishing) and writes regularly
for the Web-based magazine LinuxWorld on Linux and Windows NT integration.
Who should attend: System or network administrators who have never been exposed to DNS, except as users. A basic understanding of the IP protocols, TCP and UDP, data encapsulation, and the seven-layer model will be beneficial. The Domain Name System (DNS) is the primary method the Internet uses to name and number machines. It is used to translate names like "www.usenix.org" into addresses like 131.106.3.253. The DNS is critical to the operation of the Internet. Any site that is serious about joining the Internet community will need to understand how to configure and administer DNS. This course will describe the basic operation of DNS and will provide instructions and guidelines for the configuration and operation of DNS on UNIX platforms using the BIND software distribution. This class is designed for the beginner and is intended to provide a foundation for the class on "Intermediate Topics in Domain Name System Administration." Topics include:
William LeFebvre (S9am, S12pm, M6) has been using
UNIX and Internet technologies since 1983. He has written many articles on UNIX,
networking, and systems administration issues. Currently he writes the monthly
"Daemons & Dragons" column for UNIX Review. William is the editor of
the SAGE series "Short Topics in System Administration." He has taught tutorials
since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS
Training Institute, IT Forum, and Great Circle Associates, and he is a certified
Cisco Systems Instructor. William is the primary programmer for the popular UNIX
utility top and has contributed to several widely used UNIX packages, including
Wietse Venema's logdaemon package. He can be reached at wnl@groupsys.com or via
https://www.groupsys.com/.
Who should attend: This tutorial is designed for system administrators at all levels of experience and without regard to particular employment situations. Of course, the legal situation of the system administrator and the appropriate resolution of legal issues may vary depending on many factors, including the status of the employer. We will attempt to address these variations as they become relevant during the tutorial. This course discusses the laws of cyberspace, with particular emphasis on the rights and liabilities of system administrators. The format is a presentation by the instructor, with plenty of time to ask questions. The course aims to provide attendees with a better understanding of how the law views system administrators, of the sensitive legal issues and potential liabilities they face, and of the concrete steps they can take to help their employers minimize their liability. Topics include:
Daniel Appelman (S10am, S13pm) is a lawyer with a
major Silicon Valley law firm. He has been practicing in the areas of cyberspace
and software law for over fifteen years. Dan is the attorney for the USENIX
Association and for many high-tech companies.
Who should attend: System administrators and managers who maintain large heterogeneous sites. These sites often use the Amd automounter to provide a uniform, sitewide filesystem hierarchy. Participants should know the basics of NFS and other file systems, but expertise is not required. Prior use of Amd or experience with Amd is not required. Amd is an automounter daemon used by administrators at many sites to provide a uniform filesystem mount strategy. Amd is particularly useful at large sites with two or more UNIX systems, because, unlike vendor-supplied automounters, it works the same for all platforms. Amd is also useful on systems whose vendors do not supply an automounter. Amd is a complex tool that supports many features. Its map syntax has numerous capabilities. Often you can achieve the same goal in several different ways. Careless use of Amd, however, can result in user-visible delays or even system hangs. This tutorial's main focus is the efficient, long-running use of Amd. Many examples will be provided to illustrate each feature discussed. Topics include:
Participants will learn useful techniques: how to run Amd efficiently, how to write shorter and more clever maps, how to use the many (new) advanced features and tools that come with am-utils, and how to debug and test their configurations.
Erez Zadok (S11pm) began maintaining Amd in 1992.
Starting in 1996, he rewrote large parts of Amd and converted it to use Autoconf
tools. Numerous new features and ports have since been added. The package, now
called am-utils, contains additional tools written by Erez (e.g., hlfsd). Erez
is a Ph.D. student in Columbia University's Computer Science Department. Erez
has been researching file systems and cross-platform filesystem extensibility
since 1989.
Who should attend: Network administrators with a basic understanding of DNS and its configuration should consider attending this course. Those whose experience is limited to administering a single domain will learn how to create and delegate subdomains. Administrators planning to install and use BIND 8 will also benefit. Attendees are expected either to have prior experience with the domain name system, including an understanding of basic operation and zone transfers, or to have attended the "Introduction to Domain Name System Administration." Once an administrator has a basic understanding of DNS, additional information and techniques are required to utilize the system's potential fully. Attendees will be taken beyond the basics into a more thorough understanding of the overall design and implementation of the domain name system. Topics include:
William LeFebvre (S9am, S12pm, M6) has been using
UNIX and Internet technologies since 1983. He has written many articles on UNIX,
networking, and systems administration issues. Currently he writes the monthly
"Daemons & Dragons" column for UNIX Review. William is the editor of
the SAGE series "Short Topics in System Administration." He has taught tutorials
since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS
Training Institute, IT Forum, and Great Circle Associates, and he is a certified
Cisco Systems Instructor. William is the primary programmer for the popular UNIX
utility top and has contributed to several widely used UNIX packages, including
Wietse Venema's logdaemon package. He can be reached at wnl@groupsys.com or via
https://www.groupsys.com/.
Who should attend: This tutorial is designed for system administrators at all levels of experience and without regard to particular employment situations. Of course, the legal situation of the system administrator and the appropriate resolution of legal issues may vary depending on many factors including the status of the employer. We will attempt to address these variations as they become relevant during the tutorial. System administrators are often faced with conflicting demands and issues. Of particular importance are the conflicting expectations of users and employers concerning rights and responsibilities in using network facilities and the Internet. Often these expectations have legal dimensions and involve real or potential liabilities. This tutorial focuses on the First Amendment (free speech) rights of users and how those rights sometimes conflict with other rights, such as the right to privacy, the right to some recourse against defamation and the distribution of obscenity, and the rights of employers to control their networks and the activities of their employees. Particular emphasis will be put on addressing how far the system administrator's duties go in policing and enforcing the rights of others. We will discuss real-life situations and the methodology for analyzing and resolving legal issues.
Daniel Appelman (S10am, S13pm) is a lawyer with a
major Silicon Valley law firm. He has been practicing in the areas of cyberspace
and software law for over fifteen years. Dan is the attorney for the USENIX
Association and for many high-tech companies.
M1 Windows NT Security: Advanced Topics Who should attend: Programmers; network and system administrators; individuals who need a better understanding of the "whys" for securing Windows NT; and anyone interested in Windows NT network protocols, details on what registry settings actually do, and other advanced topics. An intermediate knowledge of Windows NT security is assumed. Many security-related issues for Windows NT require an in-depth understanding of Windows NT security exposures and potential control measures. This course is designed for system and network administrators and system programmers who are already technically proficient with Windows NT security and want to learn more about advanced features. Experience in securing Windows NT and in dealing with network security is a prerequisite for this course. Topics include:
Phil Cox (M1, T1) is a consultant for SystemExperts
Corporation. Phil frequently writes and lectures on issues bridging the gap
between UNIX and Windows NT. He is a featured columnist in ;login;, the
USENIX Association Magazine, and has served on numerous USENIX program
committees. Phil holds a B.S. in computer science from the College of Charleston, South Carolina.
Who should attend: System and network administrators who want to learn about real-life solutions to everyday problems. Topics include:
Ned McClain (M2, T2) is a lead engineer at XOR
Network Engineering. He is currently helping with the 3rd edition of the UNIX
System Administration Handbook (by Nemeth, Snyder, and Hein). He has a
degree in computer science from Cornell University and has done research with
both the CS and Engineering Physics departments at Cornell.
Who should attend: Novice and advanced UNIX system and network administrators, and UNIX developers concerned about network performance impacts. A basic understanding of the UNIX system facilities and network environments is assumed. We will explore procedures and techniques for tuning systems, networks, and application code. Starting from the single-system view, we will examine how the virtual memory system, the I/O system, and the file system can be measured and optimized. We'll extend the single-host view to include Network File System tuning and performance strategies. Detailed treatment of networking performance problems, including network design and media choices, will lead to examples of network capacity planning. Application issues, such as system call optimization, memory usage and monitoring, code profiling, real-time programming, and techniques for controlling response time will be addressed. Many examples will be given, along with guidelines for capacity planning and customized monitoring based on your workloads and traffic patterns. Question and analysis periods for particular situations will be provided. Topics include:
Marc Staveley (M3) recently took a position with Sun
Microsystems Enterprise Services, where he is applying his 16 years of
experience with UNIX development and administration in helping to create new
service programs. Previously Marc was an independent consultant and has held
positions at NCR, Princeton University, and the University of Waterloo. He is a
frequent speaker on the topics of standards-based development, multi-threaded
programming, systems administration, and performance tuning.
Who should attend: System, network, and security administrators, people who communicate remotely a lot and require security, developers of applications that require authentication or privacy, managers needing to understand better what is (and is not) possible. Cryptography continues to grow in importance, and cryptographic algorithms are well understood. Actually using cryptography, however, either embedded in day-to-day applications or by developing new "crypto-enabled" applications, is hard. This tutorial aims to provide an understanding of the capabilities of cryptographic techniques, some common pitfalls in their use, and some techniques for successfully using cryptography in applications. Examining some very useful tools which embed cryptography supplies both directly applicable knowledge and good examples. Topics include:
After completing this tutorial, participants will know many tricks for using cryptography successfully in their work or applications.
Greg Rose (M4) graduated from the University of New
South Wales with a B.Sc. (honours) in computer science, and he was awarded the
University Medal in 1977. A member of the Board of Directors of the USENIX
Association, he served as program chair of the 1996 USENIX Security Symposium.
His work at QUALCOMM focuses on cryptographic security and authentication for
wireless communications, particularly mobile phones. He has written a number of
public tools using cryptography, and he holds generic cryptographic export
licenses for two countries.
Who should attend: Network and system managers, security managers, and auditors. This tutorial will assume some knowledge of TCP/IP networking and client/server computing. What can intrusion detection do for you? Intrusion detection systems are designed to alert network managers to the presence of unusual or possibly hostile events within the network. Once you've found traces of a hacker, what should you do? What kinds of tools can you deploy to determine what happened, how they got in, and how to keep them out? This tutorial provides a highly technical overview of the state of intrusion detection software and the types of products that are available, as well as basic principles to apply to building your own intrusion detection alarms. Methods of recording events during an intrusion are also covered. Topics include:
Marcus J. Ranum (M5) is CEO and founder of Network
Flight Recorder, Inc. He is the principal author of several major Internet
firewall products, including the DEC SEAL, the TIS Gauntlet, and the TIS
Internet Firewall Toolkit. Marcus has been managing UNIX systems and network
security for over 13 years, including configuring and managing whitehouse.gov.
Marcus is a frequent lecturer and conference speaker on computer security
topics.
Who should attend: System administrators who are, or who anticipate being, responsible for router configuration and maintenance for their Internet or intranet site. Attendees are expected to have a solid knowledge of general networking concepts, data encapsulation, the ISO seven-layer model, the Internet Protocol, IP addressing, and subnetting. Knowledge of routing protocols, especially distance vector versus link state, is also recommended. The class is not intended to teach networking concepts, but to apply those concepts to the configuration of a router. Routers are the glue that holds the Internet together by providing direct connectivity between adjacent networks. Cisco routers dominate the router marketplace. They are an extremely popular choice among sites with high networking demands. But configuring and maintaining Cisco routers is unlike anything else in the industry. The command-oriented interface is unique and difficult to master. This session introduces the attendees to the essentials of Cisco router configuration. Those who complete the class will feel comfortable at a router's console and will be able to interpret the output from the more common router commands. They will understand the various modes of the Internetwork Operating System (IOS), and how to read and alter a basic configuration. Topics include:
The class size will not permit hands-on work, but live demonstrations will be provided throughout the lecture.
William LeFebvre (S9am, S12pm, M6) has been using
UNIX and Internet technologies since 1983. He has written many articles on UNIX,
networking, and systems administration issues. Currently he writes the monthly
"Daemons & Dragons" column for UNIX Review. William is the editor of
the SAGE series "Short Topics in System Administration." He has taught tutorials
since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS
Training Institute, IT Forum, and Great Circle Associates, and he is a certified
Cisco Systems Instructor. William is the primary programmer for the popular UNIX
utility top and has contributed to several widely used UNIX packages, including
Wietse Venema's logdaemon package. He can be reached at wnl@groupsys.com or via
https://www.groupsys.com/.
Who should attend: Programmers moderately experienced in Perl and CGI/HTML who would like to automate their Web site so that they can get more done with less work. This is not a class for non-programmers--we will be doing a lot of Perl code-reading. With the proliferation of Web sites, the problem of maintenance has become almost unmanageable. Every Web site needs a person to update databases, send and answer mail, and handle membership sign-ups and account expiration, password protection, and a host of other tasks. Or do they? This tutorial will show, with numerous real-life examples, how a Web site can be largely automated, leaving the site maintainer free to handle only the exceptional cases. Topics include:
We'll use Web-based modules from CPAN and explain their interfaces. We will also pay special attention to file locking, synchronization, error checking, reporting, and recovery, and to the special needs of the asynchronous environment the Web provides. For each example, we will present a problem, discuss the conceptual overview, and delve into the code to solve it. Using these examples, attendees will easily be able to implement solutions on their own sites. In all cases, issues of scalability will be discussed. The instructor's wide range of experience will give the students the perspective they need to plan for their needs.
Mark-Jason Dominus (M7, T8am) has been involved in
computer security since 1988 and has been developing interactive Web
applications since 1994. He was a system administrator and the first Webmaster
at the University of Pennsylvania's Department of Computer and Information
Sciences, and then became a founding staff member of Pathfinder, Time-Warner's
Internet Web service, where he was the leader of the system administration and
network security group. He is now an independent consultant working in the area
of dynamic application development and systems and security analysis. He writes
a regular column for The Perl Journal.
Who should attend: System and network administrators responsible for sendmail security, particularly on firewalls and other similar systems. Sendmail is a powerful Mail Transport Agent that can be configured for many different environments, from firewalls through workstation mail servers. These environments have different security requirements; in particular, in a pure relay configuration (with no local user accounts or delivery) sendmail can be configured to relinquish root permissions. This is a fast-paced tutorial intended for system and network administrators who are already familiar with configuring and administering sendmail. You will learn essential principles of sendmail security, including how to configure sendmail on systems that have special security requirements, such as firewalls; configuring sendmail to run as anon-root user; and running sendmail in a "chroot"ed jail, as well as how and when to relax sendmail's file security checks.
Eric Allman (S6, M8am) is the original author of send
mail. He was the chief programmer on the INGRES database management project and
an early contributor to the UNIX effort at Berkeley, authoring
syslog, tset, the -me troff macros, and trek. He designed database user and
application interfaces at Britton Lee (later Sharebase) and contributed to the
Ring Array Processor project for neural-network-based speech recognition at the
International Computer Science Institute. He is a former member of the USENIX
Board of Directors.
Who should attend: This course is designed for both current and prospective Linux system administrators. It will cover configuring and managing Linux computer systems in production environments, with a focus on the administrative issues involved in deploying Linux systems for real-world tasks and problems arising from both commercial and R&D contexts. Topics include:
Aeleen Frisch (S1, M9am, M12pm) has been a system
administrator for over 15 years. She currently looks after a very heterogeneous
network of UNIX and Windows NT systems. She is the author of several books,
including Essential Windows NT System Administration.
Who should attend: Anyone who is a system administrator or has access to confidential information, and anyone who manages system administrators or makes policy decisions about computer systems and their users. This introductory class will start by examining some of the ethical responsibilities that come along with access to other users' data, accounts, and confidential information, with several case studies. All attendees will be encouraged to participate in the discussion. We will look at numerous viewpoints in order to give students a perspective from which to develop their own reasoned response to ethical challenges. We will use the SAGE Ethics statement as a model. Topics include:
The answers to these and other problems are often far more complicated than one would initially guess. After completing this tutorial, you will be better able to resolve questionable situations and will have the means to support your decisions.
Lee Damon (M10am) holds a B.S. in speech communi
cation from Oregon State University. He has been a UNIX system administrator
since 1985 and has been active in SAGE since its inception. He is a member of
the SAGE Ethics Working Group and was one of the commentators on the SAGE Ethics
document. He has championed awareness of ethics in the systems administration
community, including writing it into policy documents.
Who should attend: Anyone with two or more networked clients (Macintosh, UNIX, or Windows) who wants to automatically distribute network information to those clients. Attendees should have a basic knowledge of TCP/IP and typical network set-ups and should understand the procedures for installing and working with their operating systems. DHCP can be used to distribute IP address, router, DNS, WINS, and other information to network clients, to eliminate manual configuration of each machine. DNS, the Domain Name Service, is the system by which Internet TCP/IP hosts look up host addresses and network services. We will discuss these protocols and how they fit into a typical network. We will cover both UNIX and Windows NT servers but will focus on Windows clients, since UNIX and Macintosh clients are similar. Topics include:
Please note: This is not a tutorial on integrating DHCP & DNS; it simply covers both topics in the same tutorial.
Greg Kulosa (M11pm, T11pm) has been a UNIX system
administrator for over eight years. He is currently a senior consultant, solving
a myriad of host and networking problems for a variety of clients. In his spare
time, he trains and grooms his American Quarter Horse, Jane, and goes on regular
trail rides in the hills around San Francisco Bay.
Who should attend: Students attending this class should be familiar with elementary Windows NT systems administration concepts and tasks, including basic server configuration and maintenance, configuring TCP/IP networking under Windows NT, and administering Windows NT services. Experience tuning UNIX or other systems is helpful but not required. This course, designed for NT system administrators, will provide in-depth advice on monitoring and improving Windows NT system and network performance. It will include a variety of real-world scenarios and examples. We will use the standard Windows NT Performance Monitor utility to track system performance. Topics include:
Aeleen Frisch (S1, M9am, M12pm) has been a system
administrator for over 15 years. She currently looks after a very heterogeneous
network of UNIX and Windows NT systems. She is the author of several books,
including Essential Windows NT System Administration.
Who should attend: System administrators who have been given nontechnical responsibilities and need to learn techniques that may help them in performing these duties. As system administrators mature in their knowledge and responsibilities, they come to rely on a number of "soft skills" to help them in their jobs. Topics include:
This tutorial provides an overview of these diverse areas and provides tools that assist in communicating effectively with peers, managers, and other important constituents and users of sysadmin services.
Geoff Halprin (M13pm, T3) is the principal consultant
at The SysAdmin Group. He has been a system administrator for the past 15 years
and a consulting system administrator for over 10. Geoff specializes in data
security and systems management disciplines and in the evaluation and
improvement of systems management practices. He has acted as consultant to a
wide variety of organizations, including government, large corporations, and
several major ISPs. Geoff is also the vice-president of the System
Administrators Guild of Australia (SAGE-AU) and is a member of the SAGE
Executive Committee.
T1 Windows NT and UNIX Integration: Problems and Solutions
NEW Who should attend: System administrators who are responsible for heterogeneous Windows NT and UNIX-based systems. Attendees should have user-level knowledge of both UNIX and Windows NT, and it's recommended they have systems administration experience in at least one. Today's organizations choose computing solutions from a variety of vendors. Often, integration of the solutions into a seamless, manageable enterprise is an afterthought, left up to system administrators. This class covers specific problem areas and practical solutions for administering a mixture of UNIX and Windows NT systems. The focus will be on solutions that can be applied today to real-world administration problems in heterogeneous UNIX and Windows NT-based networks. Topics include:
Phil Cox (M1, T1) is a consultant for SystemExperts
Corporation. Phil frequently writes and lectures on issues bridging the gap
between UNIX and Windows NT. He is a featured columnist in ;login;, the
USENIX Association Magazine, and has served on numerous USENIX program
committees. Phil holds a B.S. in computer science from the College of Charleston, South Carolina.
Who should attend: System and network administrators who want to learn about real-life solutions to everyday problems. Topics include:
Ned McClain (M2, T2) is a lead engineer at XOR
Network Engineering. He is currently helping with the 3rd edition of the UNIX
System Administration Handbook (by Nemeth, Snyder, and Hein). He has a
degree in computer science from Cornell University and has done research with
both the CS and Engineering Physics departments at Cornell.
Who should attend: System administrators who are responsible for developing strategy for their sites, performing system reviews, planning improvements, or proposing expenditures to improve practices, and consultants wishing to develop their skills in planning work and communicating with clients. As a system administrator, you know when there is a problem. But how can you convince the higher-ups that something needs to be done? The audit is the most valuable tool in your arsenal when it comes to dealing with management, because it forces a rigorous assessment of the current situation, evaluates alternatives, and results in a document that cogently addresses the problems. Audits also have the side effect of uncovering problems you didn't even know existed! An audit enables you to prove your point and also cover your back. It should be your primary tool for:
Audits come in many shapes and sizes. They are a basic mechanism for system review and control over entropy. This workshop will introduce the concepts and principles of audits and will examine in detail how to conduct an audit, including interviews and system inspections, and how to present the results of that work to management in the form of a formal audit report. Topics include:
Geoff Halprin (M13pm, T3) is the principal consultant
at The SysAdmin Group. He has been a system administrator for the past 15 years
and a consulting system administrator for over 10. Geoff specializes in data
security and systems management disciplines and in the evaluation and
improvement of systems management practices. He has acted as consultant to a
wide variety of organizations, including government, large corporations, and
several major ISPs. Geoff is also the vice-president of the System
Administrators Guild of Australia (SAGE-AU) and is a member of the SAGE
Executive Committee.
Who should attend: System and network administrators who implement or maintain networks, and site managers charged with selecting and setting site security requirements. Familiarity with TCP/IP networking is a plus. Many classic security problems, such as perimeter and host security, have become well defined and are routinely addressed by a wide range of product offerings; however, computer and network attacks are still on the rise. Effectively combating these attacks is a network and security management discipline with emerging strategies and solutions. This tutorial will cover the latest trends in computer attacks and the security precautions you can take against them, including defensive penetration analysis, host auditing, network logging solutions, and intrusion detection. After taking this tutorial, attendees will understand the important areas of security management. They will be able to defensively assess their system and network security. Additionally, they will have an appreciation for auditing and monitoring hosts and networks for intrusions, and for storing critical information required for network forensics. Topics include:
Tina Darmohray (T4) is a network and security consult
ant with over a decade of experience in administration and programming
UNIX/TCP-based computers. She specializes in firewalls, Internet connections,
sendmail/DNS configurations, and defensive intrusion management. Previously Tina
was the lead for the UNIX support team at Lawrence Livermore National
Laboratory. She was a founding board member of SAGE. She is the author of the
popular SAGE jobs booklet Job Descriptions for System Administrators,
she's the editor of SAGE News and Features for ;login:, the USENIX
Association magazine, and she co-chaired the USENIX LISA IX conference. Tina
holds a B.S. and an M.S. from the University of California, Berkeley.
Who should attend: UNIX system, network, and security administrators who need to understand better the various security tools currently available. The goal of this course is to assist UNIX security administrators, and other interested users, in locating and using publicly available programs to improve the security of their systems. This course will compare the uses and drawbacks of several different programs, with an emphasis on when to use which. Topics include:
Matt Bishop (T5) began working on problems of security
in computer systems, and UNIX systems in particular, at Purdue, where he earned
his doctorate. He subsequently worked at the Research Institute for Advanced
Computer Science at NASA and taught courses in operating systems, computer
security, and software engineering at Dartmouth College. Matt chaired the first
USENIX Security Workshop and plays an active role in identifying and thwarting
security threats. Matt has been on the faculty at UC Davis since 1993.
Who should attend: Name-server administrators and software developers who need a deeper understanding of the DNS protocol and of the internals of BIND. Participants should already be responsible for the operation of at least one name server, should be familiar with Internet protocols such as TCP and UDP, and should be able to recognize C source code when they see it (which they will). This tutorial will survey the DNS protocol and describe upcoming extensions to it, as well as implementation considerations in BIND. Topics include:
After completing this tutorial, participants will know what the IETF has been up to lately, and what to expect in upcoming BIND releases. A note to those who have taken Paul's tutorials before: this tutorial will not be a rehash of prior material--new subjects will be covered.
Paul Vixie (T6) is the current maintainer of the BIND
software system. BIND, the Berkeley Internet Name Domain, includes the name
server ("named") used every-where on the Internet. Paul is also a coauthor of
Sendmail: Theory and Practice (Digital Press, 1995) and serves as
moderator of the comp.sources.unix newsgroup.
Who should attend: UNIX administrators who need more knowledge of Solaris administration. This course covers a variety of topics that matter to Solaris system administrators. We will discuss the major new features of recent Solaris releases, including which to use and how to use them, and which to avoid. This in-depth course will provide the information a system manager/administrator needs to run a Solaris installation effectively. Topics include:
Peter Baer Galvin (T7) is the chief technologist for
Corporate Technologies, Inc., and was the systems manager for Brown University's
Computer Science Department. He has written articles for Byte and other
magazines, is security columnist for SunWorld, and is co-author of the
Operating Systems Concepts textbook. As a consultant and trainer, Peter
has taught tutorials on security and system administration and has given talks
at many conferences.
Who should attend: Programmers and managers involved in the development of CGI programs and other applications designed to deliver dynamic or interactive content on the Web, and system administrators of Web servers. Participants should have some experience in developing these applications. Interactive content on the Web is the world's biggest computer security hole. Before the WWW was invented, sane system administrators would never have considered setting up a network service that allowed an anonymous user to execute a complex program on their systems. Nevertheless, this is exactly what the Web does. Programs of formidable complexity and power are executed thousands of times every day on your systems, by unknown users in unknown locations with no supervision. If these programs are not written with great care, they can be subverted and used to steal your information or vandalize your machine.
The tutorial will include a number of case studies of programs that appear safe
but aren't, and will show why "eyeball" methods of program verification are
ineffective. We will spend some time discussing common problems and oversights
and will show how they can be avoided. The examples will be in the Perl
programming language, but the problems are not language- We will examine the common programming error of trusting the browser, including improper use of cookies and client-side data validation. Additionally, we will take a close look at the strengths and weaknesses of authentication systems commonly used on the Web. Along the way, the tutorial will present important basic principles of security, with an emphasis on developing a sound security policy that is effective for your situation.
Mark-Jason Dominus (M7, T8am) has been involved in
computer security since 1988 and has been developing interactive Web
applications since 1994. He was a system administrator and the first Webmaster
at the University of Pennsylvania's Department of Computer and Information
Sciences, and then became a founding staff member of Pathfinder, Time-Warner's
Internet Web service, where he was the leader of the system administration and
network security group. He is now an independent consultant working in the area
of dynamic application development and systems and security analysis. He writes
a regular column for The Perl Journal.
Who should attend: Newer administrators of AFS, a distributed filesystem product of the Transarc corporation, who wish to further their knowledge. Working knowledge of AFS administration is required. This is not an advanced class; programming knowledge is not required, nor is access to AFS source. This tutorial will offer both information and methods for a more efficient Cell. Participants will be walked through various parts of AFS and shown some of the internal workings. Topics include:
After completing this tutorial, participants will be aware of a number of ways to make their AFS administration tasks more trouble-free and efficient. Esther Filderman (T9am) has been administrating AFS since its first incarnation as the file system behind the Andrew system, which was originally designed as part of an experiment by Carnegie Mellon University and IBM. She has been a system administrator for nearly 10 years. Once the 24x7 on-call person for the Andrew system, Esther is currently the senior operations specialist for the Pittsburgh Supercomputing Center, the site that, in a moment of insanity, ported AFS to Unicos.
Ted McCabe (T9am) has been administrating AFS since
its first incarnation as the file system behind the Andrew system, which was
originally designed as part of an experiment by Carnegie Mellon University and
IBM. He was a system administrator at Carnegie Mellon for three years,
maintaining and improving the backup system, known as Stage, that was initially
developed with AFS. In 1996 Ted received an M.A. in mathematics from Boston
University. Ted then returned to systems administration at Massachusetts
Institute of Technology, where he has been wrestling with Transarc's backup
system ever since.
Who should attend: Anyone who needs to deal with difficult people on the job; it will be especially useful to manager, and those who deal with difficult clients. Do you work with some difficult people? They may be clients, employees, peers, or managers. This tutorial will discuss what makes people difficult, and how you can deal more easily with them without knuckling under. Topics include:
Steve Johnson (T10am, T13pm) has been a technical manager on and off for nearly two decades, in both large and small companies. At AT&T, he is best known for writing Yacc, Lint, and the Portable C Compiler. He served as the head of the UNIX Languages Department at AT&T's Summit Labs. He has also been involved in a number of Silicon Valley startup companies. He served for ten years on the USENIX Board of Directors, four of them as president. He presented an invited talk on management at LISA two years ago, he has taught USENIX tutorials on technical subjects, and he has led management training seminars at Transmeta.
Dusty White (T10am, T13pm) was an early employee of
Adobe, where she served in a variety of managerial positions. She now works as a
management consultant in Silicon Valley, where she acts as a trainer, coach, and
troubleshooter for technical companies.
Who should attend: System administrators and managers responsible for multiple machines, who are charged with performing consistent and reliable operating system installs. Installing the "MIS approved" operating system on lots of incoming hardware can become a chore at any site. It's boring for one person to do all the installs, but if you farm it out to lots of staff, how do you guarantee that all machines have identical set-ups? Using an automated system can solve both these problems at once. We will cover the most popular methods vendors provide to automate this process, and we'll mention some home-grown and free solutions. Topics include:
Greg Kulosa (M11pm, T11pm) has been a UNIX system
administrator for over eight years. He is currently a senior consultant, solving
a myriad of host and networking problems for a variety of clients. In his spare
time, he trains and grooms his American Quarter Horse, Jane, and goes on regular
trail rides in the hills around San Francisco Bay.
Who should attend: System administrators involved in the design, implementation, and administration of Legato NetWorker. Participants should be familiar with basic NetWorker installation and administration. Participants who are planning to use, but are not yet using, NetWorker should review the NetWorker documentation before attending this session. Anyone who has implemented a medium to large installation of any commercial backup software package understands the challenges such a project will face. This tutorial will focus on the challenges unique to Legato NetWorker, with a heavy emphasis on automation, monitoring, and reporting. The tutorial will also answer questions all NetWorker administrators find themselves asking, and it will provide scripts that can be used to automate NetWorker. Topics include:
After completing this tutorial, participants will be able to answer all of these questions and will have the tools necessary to completely automate their NetWorker installation. They will also be aware of common pitfalls and how to avoid them.
W. Curtis Preston (T12pm), a principal consultant for
Collective Technologies, has been specializing in backup and recovery for over
six years. He has designed and implemented many large Legato NetWorker
installations and is also an accomplished author and speaker. (This will be his
third time speaking at LISA.) Curtis has just completed work on his upcoming
O'Reilly & Associates book, UNIX Backup & Recovery, which will be
on the shelves this fall. Curtis's Web site is https://www.backupcentral.com/,
and he can be reached at curtis@colltech.com.
Who should attend: Anyone who wants to feel more in control of the "uncontrollable" part of their job, or who manages people with interrupt-driven jobs. How can you have an interrupt-driven job and still feel in control? The source of interruption may be your manager, or customer needs. Most people try some kind of time management, and this is surely part of the answer. However, time management alone will not allow you to avoid stress and overload. We will teach you some additional techniques. Topics include:
Many examples will be taken from systems administration, but they can be applied much more broadly. Steve Johnson (T10am, T13pm) has been a technical manager on and off for nearly two decades, in both large and small companies. At AT&T, he is best known for writing Yacc, Lint, and the Portable C Compiler. He served as the head of the UNIX Languages Department at AT&T's Summit Labs. He has also been involved in a number of Silicon Valley startup companies. He served for ten years on the USENIX Board of Directors, four of them as president. He presented an invited talk on management at LISA two years ago, he has taught USENIX tutorials on technical subjects, and he has led management training seminars at Transmeta.
Dusty White (T10am, T13pm) was an early employee of
Adobe, where she served in a variety of managerial positions. She now works as a
management consultant in Silicon Valley, where she acts as a trainer, coach, and
troubleshooter for technical companies.
|
Need help? Use our Contacts page.
Last changed: 11 Aug. 1999 mc |
|