M1 Advanced Solaris System Administration Topics
Peter Baer Galvin, Corporate Technologies
Who should attend: UNIX administrators who need more knowledge of Solaris administration.
We will discuss the major new features of recent Solaris releases, including which to use (and how) and which to avoid. This in-depth course will provide the information you need to run a Solaris installation effectively. Updated to include Solaris 8 and several other new topics.
Topics include:
- Installing and upgrading
- Architecting your facility
- Choosing appropriate hardware
- Planning your installation, filesystem layout, post-installation
- Installing (and removing) patches and packages
- Advanced features of Solaris
- File systems and their uses
- The /proc file system and commands
- Useful tips and techniques
- Networking and the kernel
- Virtual IP: configuration and uses
- Kernel and performance tuning: new features, adding devices, tuning, debugging commands
- Devices: naming conventions, drivers, gotchas
- Enhancing Solaris
Peter Baer Galvin, (M1) is the chief technologist for
Corporate Technologies, Inc., and was the systems manager for Brown University's Computer Science Department. He has written articles for Byte and other magazines, is a columnist for SunWorld, and is co-author of the Operating Systems Concepts and the Applied Operating Systems Concepts textbooks. Peter has taught tutorials on security and systems administration and has given talks at many conferences and institutions.
M2 An Introduction to Computer Security NEW
Avi Rubin, AT&T LabsResearch
Who should attend: Anyone with a computer science degree or the equivalent experience who is not an expert in computer security. IT managers who need to understand how to evaluate risk, what the dangers are, and what countermeasures are available. We will emphasize issues of importance to system administrators.
As more and more of our lives move online, we are exposing more of ourselves to often untraceable, malicious, and automated attack: credit card numbers, data, a group of machines that we manage, our time, our privacy. This tutorial seeks to sweep a broad brush across the field of computer security, addressing in particular the practical aspects of the field.
Topics include:
- Assessing risk
- Viruses and worms
- Cryptography
- Secure data storage and backup
- Secure data transfer, including SSL and IPsec
- Public Key Infrastructure (PKI)
- Firewalls
- Intrusion detection
- Network sniffing and sniff detection
- Denial-of-service attacks
- E-commerce and privacy
Attendees should leave with a general understanding of the field and a direction for learning more about each topic covered.
Avi Rubin (M2) is Principal Researcher at AT&T Labs and a member of the Board of Directors of USENIX. He has been researching issues in computer security since 1991. Rubin is the author of two books on computer security: White-Hat Security Arsenal (Addison Wesley, 2001) and Web Security Sourcebook (with Dan Geer and Marcus Ranum, John Wiley &Sons, 1997). He is the author of dozens of refereed conference and journal papers, and co-authored two chapters of Peer-to-Peer (O'Reilly,2001). Rubin is also an Associate Editor of Electronic Commerce Research Journal. His latest research project, Publius, a system for circumventing censorship on the Internet, won the Index on Censorship's Freedom of Expression Award.
M3 Inside the
Linux Kernel
Ted Ts'o, IBM Linux Technology Center
Who should attend: Application programmers and kernel developers. You should be reasonably familiar with C programming in the UNIX environment, but no prior experience with the UNIX or Linux kernel code is assumed.
This tutorial will give you an introduction to the structure of the Linux kernel, the basic features it provides, and the most important algorithms it employs.
The Linux kernel aims to achieve conformance with existing standards and compatibility with existing operating systems; however, it is not a reworking of existing UNIX kernel code. The Linux kernel was written from scratch to provide both standard and novel features, and takes advantage of the best practice of existing UNIX kernel designs.
Although the material will focus on the release version of the Linux kernel, it will also address aspects of the development kernel codebase where its substance differs. It will not contain any detailed examination of the source code but will, rather, offer an overview and roadmap of the kernel's design and functionality.
Topics include:
- How the Linux kernel is organized: scheduler, virtual memory system, filesystem layers, device driver layers, and networking stacks
- The interface between each module and the rest of the kernel, and the functionality provided by that interface
- The common kernel support functions and algorithms used by that module
- How modules provide for multiple implementations of similar functionality (network protocols, filesystem types, device drivers, and architecture-specific machine interfaces)
- Basic ground rules of kernel programming (dealing with issues such as races and deadlock conditions)
- Implementation of the most important kernel algorithms and their general properties (aspects of portability, performance, and functionality)
- The main similarities and differences between Linux and traditional UNIX kernels, with attention to places where Linux implements significantly different algorithms
- Details of the Linux scheduler, its VM system, and the ext2fs file system
- The strict requirements for ensuring that kernel code is portable
Theodore Ts'o (M3) has been a Linux
kernel developer since almost the very beginnings of Linux--he implemented POSIX job control in the 0.10 Linux kernel. He is the maintainer and author for the Linux COM serial port driver and the Comtrol Rocketport driver. He architected and implemented Linux's tty layer. Outside of the kernel, he is the maintainer of the e2fsck filesystem consistency checker. Ted is a Senior Technical Staff Member of IBM's Linux Technology Center.
M4 System and Network Monitoring NEW
John Sellens, Certainty Solutions
Who should attend: Network and system administrators interested in real-life, practical, host- and network-based monitoring of their systems and networks. Participants should have an understanding of the fundamentals of networking, basic familiarity with computing and network components, and some familiarity with UNIX and scripting languages.
This tutorial will introduce the concepts and functions of monitoring systems and will describe the Simple Network Management Protocol (SNMP). It will review some of the most popular monitoring tools and will cover the installation and configuration of a number of freely available monitoring packages. The emphasis will be on the practical, and the tutorial will provide examples of easy-to-implement monitoring techniques.
Topics include:
- Monitoringgoals, techniques, reporting
- SNMPthe protocol, reference materials, relevant RFCs
- Introduction to SNMP MIBs (Management Information Bases)
- SNMP tools and libraries
- Other non-SNMP tools
- Security concerns when using SNMP and other tools on the network
- Monitoring applicationsintroductions, use, benefits and complications, installation and configuration (Big Brother, NetSaint, SNIPS, MRTG, Cricket, etc.)
- Special situationsremote locations, firewalls, etc.
- Monitoring implementation roadmappolicies, practices, notifications, escalations, reporting
Participants should expect to leave the tutorial with the information needed to immediately start using a number of monitoring systems and techniques to improve their ability to manage and maintain their systems and networks.
John Sellens (M4) has been involved in system and
network administration since 1986 and is the author of several related USENIX papers and a number of ;login: articles, including the "On Reliability"series and SAGE booklet. He has a Master's degree in computer science from the University of Waterloo and is a chartered accountant. He is currently the General Manager for Certainty Solutions (formerly known as GNAC) in Toronto. Prior to joining Certainty, John was the Director of Network Engineering at UUNET Canada, and he was a staff member in computing and information technology at the University of Waterloo for 11 years.
M5 Sendmail Configuration and Operation
(Updated for Sendmail 8.12)
Eric Allman, Sendmail, Inc.
Who should attend: System administrators who want to learn more about the sendmail program, particularly details of configuration and operational issues (this tutorial will not cover mail front ends). This intense, fast-paced tutorial is aimed at people who have already been exposed to sendmail. It describes the latest release of sendmail from Berkeley, version 8.12.
Topics include:
- The basic concepts of configuration: mailers, options, macros, classes, keyed files (databases), and rewriting rules and rulesets
- Configuring sendmail using the M4 macro package
- Day-to-day management issues, including alias and forward files, "special" recipients (files, programs, and include files), mailing lists, command line flags, tuning, and security
- How sendmail interacts with DNS
Eric Allman (M5) is the original author of sendmail. He
is the author of syslog, tset, the -me troff macros, and trek. He was the chief programmer on the INGRES database management project, designed database user and application interfaces at Britton Lee (later Sharebase), and contributed to the Ring Array Processor project at the International Computer Science Institute. He is a former member of the USENIX Board of Directors.
The sockets API is the most widely used and accepted set of interfaces for implementing client/server network applications. It is implemented on all flavors of UNIX, the Windows platform, and many embedded operating systems (VxWorks, PSOS, etc.). Familiarity with this API set is a must for anyone who writes or maintains network applications.
This course uses working examples to teach software engineers and programmers how to use the sockets API to create their own client and server applications. The differences between the TCP and UDP transport protocols for network applications are highlighted throughout so that the student comes away with a clear understanding of when it is appropriate to use which technology.
This tutorial uses case histories to show what vulnerabilities the attackers exploited, how the system administrators might have closed those loopholes, and how the intruders were discovered. Concepts and mechanisms, as well as publicly available tools, are discussed. This course focuses on non-network problems.
This course will provide a firm background in the FreeBSD kernel. The POSIX kernel interfaces will be used as examples where they are defined. Where they are not defined, the FreeBSD interfaces will be described. The course will cover basic kernel services, process structure, virtual and physical memory management, scheduling, paging and swapping. The kernel I/O structure will be described showing how I/O is multiplexed, special devices are handled, character processing is done, and the buffer pool is managed. The implementation of the filesystem and its capabilities including updates will be described. The filesystem interface will then be generalized to show how to support multiple filesystem types such as Sun Microsystem's Network File System (NFS). The course will also cover the FreeBSD socket-based network architecture, layering, and implementation. The socket communications primitives and internal layering will be discussed, with emphasis on the interfaces between the layers; the TCP/IP implementation will be used as an example. A discussion of routing issues will be included. The presentations will emphasize code organization, data structure navigation, and algorithms. It will not cover the machine specific parts of the system such as device drivers.