Tuesday, June 26, 2001

T1 Internet Security for UNIX & Linux System Administrators
Ed DeHart, Prism Servers, Inc.

T2 Perl for System Administration—The Power and the Praxis  NEW
David N. Blank-Edelman, Northeastern University CCS

T3 Advanced CGI Techniques Using Perl
Tom Christiansen, Consultant

T4 UNIX Network Programming Topics  NEW
Evi Nemeth, University of Colorado; Ned McClain, XOR Network Engineering; Andy Rudoff, Sun Microsystems; Bill Fenner, AT&T Labs—Research

T5 Cryptography Decrypted  NEW
H.X. Mel and Doris Baker, Consultants

T6 Network Design for High Availability  NEW
Vincent C Jones, Networking Unlimited, Inc.

T7 Advanced Solaris Systems Administration Topics
Peter Baer Galvin, Corporate Technologies

T8 Forensic Computer Investigations: Principles and Procedures  NEW
Steve Romig, Ohio State University

T9 Basic Management Techniques  NEW
Stephen C. Johnson, Transmeta Corp.; Dusty L. White, Consultant

T10 Practical Wireless IP Security and Connectivity: How to Use It Safely  NEW
Phil Cox and Brad C. Johnson, SystemExperts Corporation

Who should attend: UNIX and Linux system and network administrators and operations/support staff. After completing the tutorial, you should be able to establish and maintain a site that allows the benefits of Internet connectivity while protecting your organization's information.

You will learn strategies to reduce the threat of Internet intrusions and to improve the security of your UNIX and Linux systems connected to the Internet, as well as how to set up and manage Internet services appropriate to your site's mission.

Topics include:

• Latest news on security problems
• UNIX and Linux system security
• TCP/IP network security
• Site security policies

Ed DeHart (T1) is a former member of Carnegie Mellon University's CERT Coordination Center, which he helped found in 1988. Ed has also owned an ISP, Pittsburgh OnLine Inc., which operated several UNIX servers. Currently, Ed is President of Prism Servers, Inc., a manufacturer of Internet firewalls and UNIX-based Internet servers.

T2 Perl for System Administration—The Power and the Praxis NEW
David N. Blank-Edelman, Northeastern University CCS

Who should attend: People with system administration duties, advanced-beginner to intermediate Perl experience, and a desire to make their jobs easier and less stressful in times of sysadmin crises.

Perl was originally created to help with system administration, so it is a wonder that there isn't more instructional material devoted to helping people use Perl for this purpose. This tutorial hopes to begin to remedy this situation by giving you six solid hours of instruction geared towards putting your existing Perl knowledge to practice in the system administration realm.

The morning section will concentrate on the power of Perl in this context. Based on the instructor's O'Reilly book, we'll take a multi-platform look at using Perl in cutting-edge and old-standby system administration domains. This jam-packed survey will include:

• Secure Perl scripting
• Dealing with files and file systems (including source control, XML, databases, and log files)
• Dealing with SQL databases via DBI and ODBC
• Email as a system administration tool (including spam analysis)
• Network directory services (including NIS, DNS, LDAP, and ADSI)
• Network management (including SNMP and WBEM)

In the afternoon, we will look at putting our Perl knowledge to work for us to solve time-critical system administration problems using short Perl programs. Centered around a set of "battle stories" and the Perl source code used to deal with them, we'll discuss different approaches to dealing with crises using Perl.

At the end of the day, you'll walk away from this class with Perl approaches and techniques that can help you solve your daily system administration problems. You'll have new ideas in hand for writing small Perl programs to get you out of big sysadmin pinches. And on top of all this, you are also likely to deepen your Perl knowledge.

David N. Blank-Edelman (T2) is the Director of Technology at the Northeastern University College of Computer Science and the author of Perl for System Administration (O'Reilly). He has spent the last 15 years as a system/network administrator in large multi-platform environments and has served as Senior Technical Editor for the Perl Journal. He has also written many magazine articles on world music.

T3 Advanced CGI Techniques Using Perl
Tom Christiansen, Consultant

Who should attend: Experienced Perl programmers and Webmasters interested in learning more about CGI techniques than would be learned in a class on how to write

a CGI program in Perl. Attendees are assumed to know the fundamentals of HTML and CGI programming, as well as using (but not writing) Perl modules.

CGI programming is fundamentally an easy thing. The Common Gateway Interface merely defines that a CGI program be able to read stdin and environment variables, and to write stderr. But writing efficient CGI programs of any degree of complexity is a difficult process.

Topics include:

• Multi-stage forms
  • Sequential "shopping cart" systems
  • Undirected "jump page" systems
  • Techniques for recording selections across pages
• Cookies
  • For authentication and authorization
  • For user tracking
  • For data validation
  • For data hiding and indirection
  • Data exchange and efficiency
  • File uploading
  • Redirection and temporary aliasing
• CGI Security
  • Taint checking
  • Denial-of-Service attacks
  • Data security
• Daemonization of processes
  • Fast CGI and mod_perl
  • Front-end/back-end solutions
  • Backgrounding
• Invocation and response techniques
  • Statelessness and statefulness
  • PATH_INFO vs. cookies vs. CGI parameters
  • Static vs. dynamic vs. locally cached responses
• Web automation from CGI scripts
  • Fetching remote pages
  • Parsing HTML and extracting data
  • Determining and setting image sizes

In all examples, we will show which Perl modules make these tasks easier. Numerous code examples will be provided, as well as pointers to Web pages containing fully functioning examples for later examination.

Tom Christiansen (M3, T3) has been involved with Perl since day zero of its initial public release in 1987. Lead author of The Perl Cookbook, co-author of the second editions of Programming Perl and Learning Perl, and co-author of Learning Perl on Win32 Systems, Tom is also the major caretaker of Perl's online documentation. He holds undergraduate degrees in computer science and Spanish and a master's in computer science. He now lives in Boulder, Colorado.

T4 UNIX Network Programming Topics NEW
Evi Nemeth, University of Colorado; Ned McClain, XOR Network Engineering; Andy Rudoff, Sun Microsystems; Bill Fenner, AT&T Labs—Research

Who should attend: Programmers who are rusty in network programming or newcomers to network programming. We assume that you know programming in C and a bit of Perl and Java, so we concentrate on the interfaces to the network libraries. We look at both the socket level and higher-level interfaces such as RPC and RMI.

This tutorial attempts to follow in the footsteps of Richard Stevens' wonderful USENIX tutorials of the past. We begin with an introduction to the client-server paradigm and the various levels of network programming interfaces. We include the C socket interfaces and data structures, Perl networking interfaces, and of course Java. For the C interfaces we look in detail at the IPv4 and IPv6 constructs available and also at the ioctl magic necessary to make a socket connection behave properly.

We briefly cover multicast programming, which is used for applications typically involving audio or video data that needs to go from one source to many destinations efficiently. Finally, we discuss debugging network programs.

	Evi Nemeth (M4, T4), a faculty member in computer science at the University of Colorado, has managed UNIX systems for the past 20 years, both from the front lines and from the ivory tower. She is co-author of the UNIX System Administration Handbook.
	Ned McClain (M4, T4) is a lead engineer at XOR Network Engineering. He is currently helping with the 3rd edition of the UNIX System Administration Handbook (by Nemeth, Snyder, and Hein). He has a degree in computer science from Cornell University and has done research with both the CS and Engineering Physics departments at Cornell.
	Andy Rudoff (T4) works for Sun Microsystems in Boulder, Colorado, where he is a software architect focusing on reliability, availability, and serviceability. His background is in operating systems, networking, and fle systems. He has taught various courses over the years, including network programming and part of Evi Nemeth's first USENIX tutorial.
	Bill Fenner (T4) is a Principal Technical Staff Member at AT&T Labs—Research in Menlo Park, California, where he primarily works on IP multicasting and IP network management and measurement. Bill is an active participant in the IETF, chairing two working groups and contributing to several more. He also occasionally acts as a developer for the FreeBSD project, concentrating on networking issues.

T5 Cryptography Decrypted NEW
H.X. Mel and Doris Baker, Consultants

Who should attend: Anyone working with computer security--security professionals, network administrators, IT managers, CEOs, and CIOs--will want to have a comfortable understanding of the cryptographic concepts covered in this seminar.

The tutorial is based on the book, Cryptography Decrypted, a pictorial introduction to cryptography recently published by Addison-Wesley, which describes the component parts of secret key and public key cryptography with easy-to-understand analogies, visuals, and historical anecdotes.

The tutorial covers four broad categories:

• Secret keys and secret-key methods such as DES and the new Advanced Encryption Standard Rijndael
• Public and private keys and public key methods like RSA
• How keys are distributed through digital certificates
• Three real-world systems. Common cryptographic terminology is clarified and made concrete with numerous graphics.

This presentation is designed to be understandable by those with little previous knowledge of cryptography but systematic and comprehensive enough to solidify the knowledge for those with some understanding of the subject. Cryptographic terms (e.g. confidentiality, authentication, integrity, etc) are clarified and made concrete with images. As we examine the pieces (e.g. digital signatures, hash, and digital certificates), we'll look at cryptographic capabilities like detecting imposters and stopping eavesdropping. We'll also examine some possible attacks such as man-in-the-middle and birthday attacks.

Cryptographic systems such as secure email (S-MIME and PGP mail), secure socket layers (SSL), and internet protocol security (IPsec) are outlined using the component parts described. Both X-509 and PGP public key distribution and authentication systems are described and contrasted.

A security professional who authored Cryptography Decrypted's Foreword wrote: "Even after 10 years working in the field of information protection for a major electronics manufacturing company, I learned a lot from this book. I think you will too."

H.X. Mel (T5) has taught custom-designed technology courses for employees of Lucent, Xerox, MIT, the US Treasury/GAO, Motorola, Goldman Sachs, and Price Waterhouse Coopers. Over the last seven years, Mel has taught a variety of subjects, including Java, C++, and Visual Basic, and in the past two years he managed the development of a secure file-transport program using cryptographic technologies and wrote Cryptography Decrypted.

Doris Baker (T5), as a freelance writer and technical editor, has collaborated with H. X. Mel on many projects. Over the past twenty years, she's worn the hats of magazine editor, public relations manager, and computer-training government contractor.


T6 Network Design for High Availability NEW
Vincent C Jones, Networking Unlimited, Inc.

Who should attend: System and network designers and administrators who want to improve the availabiity of their network infrastructure and Internet access, and anyone looking for a survey of how IP networks can fail and techniques for keeping critical network services available despite failures. Attendees should already be familiar with basic network terminology and concepts, TCP/IP protocols, and the role of routers and switches. (This tutorial is designed to complement Tutorial M6, "Designing Resilient Distributed Systems--High Availability.")

No matter how the price is measured, downtime impacts the bottom line. As organizations grow ever more dependent upon computers and their support networks, hardware and software failures that interfere with business operations are increasingly seen to be unacceptable. Availability has become a key network performance metric, commensurate with throughput and delay.

We will discuss how to select and configure appropriate redundancy for common production network needs. The emphasis will be on how to take advantage of standard capabilities to make the network more reliable and to minimize the need for emergency manual intervention. Proven solutions based on open standards and protocols will be provided for a wide range of application requirements.

Topics include:

• Providing bullet-proof network access to servers
• Forcing dial backup calls on soft as well as hard link failures
• Tuning popular routing protocols to speed up failure recovery
• Building very large hub and spokes networks with small spoke routers
• Routing around firewall failures without sacrificing security
• Making Internet connectivity immune to the loss of a router, link, or ISP
• Continuing to provide services despite loss of an entire facility

Vincent C. Jones (T6) is the founder and principal consultant of Networking Unlimited, Inc., a network design consulting firm specializing in network performance and reliability enhancement. Vince has been applying the theory of networking to the solution of real-world problems for almost three decades and is the author of High Availability Network Design, to be published later this year by Addison-Wesley.

T7 Advanced Solaris Systems Administration Topics
Peter Baer Galvin, Corporate Technologies

Who should attend: UNIX administrators who need more knowledge of Solaris administration.

We will discuss the major new features of recent Solaris releases, including which to use (and how) and which to avoid. This in-depth course will provide the information you need to run a Solaris installation effectively. Updated to include Solaris 8 and several other new topics.

Topics include:

• Installing and upgrading
  • Architecting your facility
  • Choosing appropriate hardware
  • Planning your installation, filesystem layout, post-installation
  • Installing (and removing) patches and packages
• Advanced features of Solaris 2
  • File systems and their uses
  • The /proc file system and commands
  • Useful tips and techniques
• Networking and the kernel
  • Virtual IP: configuration and uses
  • Kernel and performance tuning: new features, adding devices, tuning, debugging commands
  • Devices: naming conventions, drivers, gotchas
• Enhancing Solaris
  • High-availability essentials: disk failures and recovery, RAID levels, uses and performance, H-A technology and implementation
  • Performance: how to track down and break up bottlenecks
  • Tools: useful free tools, tool use strategies
  • Security: locking down Solaris, system modifications, tools
  • Resources and references

Peter Baer Galvin (T7) is the chief technologist for Corporate Technologies, Inc., and was the systems manager for Brown University's Computer Science Department. He has written articles for Byte and other magazines, is a columnist for SunWorld, and is co-author of the Operating Systems Concepts and the Applied Operating Systems Concepts textbooks. Peter has taught tutorials on security and systems administration and has given talks at many conferences.

T8 Forensic Computer Investigations: Principles and Procedures NEW
Steve Romig, Ohio State University

Who should attend: People who investigate computer crimes and are familiar with systems or network administration and the Internet.

This tutorial will explain where evidence can be found, how it can be retrieved securely, how to build a picture of the "crime scene," and what can be done beforehand to make investigations easier and more successful. Examples are drawn from UNIX, Windows NT, and telecommunications hardware.

Topics include:

• Basic forensic science
  • What evidence is
  • How evidence is used in an investigation
  • The investigation game plan
  • How to collect and process evidence
• Where the evidence is
  • How computers and networks work
  • Examples of incidents and location of evidence
• Host-based investigations
  • Memory and swap space
  • Processes
  • Network activity
  • Files and file systems
• Network-based investigations
  • Host-based network service logs
  • Network activity logs
  • Authentication logs
  • Telco logs, including pen registers, phone traces, caller ID
• Tying it all together

Steve Romig (T8, W8) is in charge of the Ohio State University Incident Response Team and is working with a group of Central Ohio businesses to improve Internet security practices. Steve has also worked as lead UNIX system administrator at one site with 40,000 users and 12 hosts and another with 3,000 users and over 500 hosts. Steve received his B.S. in mathematics (computer science track) from Carnegie Mellon University.

T9 Basic Management Techniques NEW
Stephen C. Johnson, Transmeta Corp.; Dusty L. White, Consultant

Who should attend: Newly promoted technical managers and those who expect promotion in the near future, and people who want to understand management issues better.

So you have done well at your technical job and have been asked to take on some management responsibility. You understand the technical side of the jobs your group is doing. What else do you need to do to succeed as a manager? This class will orient you, show you techniques you can apply immediately to become more effective, and suggest ways you can guide your own growth as a manager.

One issue each new manager must deal with is power. Many managers report that although their job seemed powerful before they took it, it does not feel that way any longer. We show how power is typically

associated more with the person than with the job, and we offer practical ways you can empower yourself and others. True empowerment comes from within and can be developed even in a hostile environment.

Topics include:

• How to find out what your job really is
• How to develop a new definition of job satisfaction and success
• How to help your people grow
• How to handle performance reviews
• Why being right is not enough
• How to avoid common mistakes technical managers make
• A theory of power and empowerment
• How to experience how empowered you already are
• Empowerment and trust
• How to gain and keep agreement
• How to make goals, plans, and budgets work for you

Stephen Johnson (M9, T9) has been a technical manager on and off for nearly two decades, in both large and small companies. At AT&T, he is best known for writing Yacc, Lint, and the Portable C Compiler. He served as the head of the UNIX Languages Department at AT&T's Summit Labs and has been involved in a number of Silicon Valley startup companies. He served for ten years on the USENIX Board of Directors, four of them as president. He presented an invited talk at LISA three years ago, he has taught USENIX tutorials on technical subjects, and he has led management training seminars at USENIX conferences, as well as at Transmeta.

Dusty White (M9, T9) was an early employee of Adobe, where she served in various managerial positions. She now works in Silicon Valley as a trainer, coach, and troubleshooter for technical companies. She has presented tutorials at LISA and the USENIX Annual Technical Conference.

T10 Practical Wireless IP Security and Connectivity: How to Use It Safely NEW
Phil Cox and Brad C. Johnson, SystemExperts Corporation

Who should attend: Users, administrators, managers, and anyone who is interested in learning about some of the fundamental security and usage issues that we all must come to grips with in purchasing, setting up, and using wireless IP services. This course assumes some knowledge of TCP/IP networking and client/server computing, the ability or willingness to use administrative GUIs to setup a device, and a general knowledge of common laptop environments. It does not assume that the attendee is intimately familiar with the physics of signals, the various wireless protocols, or the details of various emerging wireless standards (e.g., WML, Bluetooth, 802.11, CDPD, WTLS).

The primary focus is on wireless IP services for laptops, although we'll glance at some popular mobile devices such as handheld systems and cell-phones with Internet access.

Whether you like it or not, wireless services are popping up everywhere. As time goes on, more of your personal and corporate data communications will be done over various types of wireless devices. We're faced with a proliferation of business and technical choices concerning security, hardware, software, protocols, and administration.

The good news is that generally somebody else will handle these complicated issues for users (of course, that "someone else" may be you!). However, since for most wireless services you're carrying the device everywhere you go, you and your organization will still be responsible for understanding and managing them. Since the purpose of wireless is to share data when you aren't directly attached to a wired resource, you need to understand the fundamental security and usage options.

In this course we will cover a number of topics that affect you in managing and using wireless services. Some of the topics will be demonstrated live using popular wireless devices.

Topics include:

• Wireless practicals
  • Transmission networks: packet and cellular
  • Who's using what?
  • What really matters?
• Popular access points
  • Cisco Aironet
  • Apple Airport
  • Lucent ORiNOCO
  • 3Com Airconnect
• Configuration issues
  • Setting up an access point
  • Using an access point
  • Setting up your laptop
• Threats
  • Eavesdropping
  • Transitive trust
  • Denial of service
• Practical uses
  • At home
  • At a conference
  • At work
  • At a university
• Miscellaneous wireless topics

Phil Cox (T10) is a consultant for SystemExperts Corporation. Phil frequently writes and lectures on issues of UNIX and Windows NT integration and on information security. He is the lead author of Windows 2000 Security Handbook, 2nd Edition, and a featured columnist in ;login: The Magazine of USENIX & SAGE. He has served on numerous USENIX program committees. Phil holds a B.S. in computer science from the College of Charleston, South Carolina.

Brad Johnson (M1, T10) is vice president of SystemExperts Corporation. He has participated in the Open Software Foundation, X/Open, and the IETF, and has often published about open systems.Brad has served as a security advisor to organizations such as Dateline NBC and CNN. He is a frequent tutorial instructor and conference speaker on network security, penetration analysis, middleware, and distributed systems. He has a B.A. in computer science from Rutgers University and an M.S. in applied management from Lesley University.