Tutorials:
Overview |
By Day
(Monday, Tuesday, Wednesday) |
By Instructor | All in One File
Wednesday, June 12, 2002
|
Full-Day Tutorials
W1 Blueprints for High Availability: Designing Resilient Distributed Systems
Evan Marcus, VERITAS Software Corporation
W2 Practical Wireless IP: Concepts, Administration, and Security
Philip Cox and Brad C. Johnson, SystemExperts Corporation
W3 Building Honey Pots for Intrusion Detection NEW
Marcus Ranum, NFR Security, Inc.
W4 Topics in UNIX and Linux Administration, Part 2 NEW
Trent Hein and Ned McClain, Applied Trust; Evi Nemeth, University of Colorado
W5 Exploring the Potential
of LDAP
Gerald Carter, Hewlett Packard
W6 System and Network Performance Tuning
Marc Staveley, Soma Networks
W7 Cisco's Security Features: What They Are, Where to Use Them, How to Configure Them NEW
John Stewart, Digital Island, Inc.
W8 Scripting the Web NEW
Rasmus Lerdorf, Consultant
|
W1 Blueprints for High Availability: Designing Resilient Distributed Systems
Evan Marcus, VERITAS Software Corporation
Who should attend: Beginning and intermediate UNIX system and network administrators, and UNIX developers concerned with building applications that can be deployed and managed in a highly resilient manner. A basic understanding of UNIX system programming, UNIX shell programming, and network environments is required.
This tutorial will explore procedures and techniques for designing, building, and managing predictable, resilient UNIX-based systems in a distributed environment. We will discuss the trade-offs among cost, reliability, and complexity.
Topics include:
- What is high availability? Who needs it?
- Defining uptime and cost; "big rules" of system design
- Disk and data redundancy; RAID and SCSI arrays
- Host redundancy in HA configs
- Network dependencies
- Application system programming concerns
- Anatomy of failovers: applications, systems, management tools
- Planning disaster recovery sites and data updates
- Security implications
- Upgrade and patch strategies
- Backup systems: off-site storage, redundancy, and disaster recovery
- Managing the system: managers, processes, verification
Evan Marcus (W1), who has 14 years of experience in
UNIX systems administration, is now a Senior Systems Engineer and High Availability Specialist with VERITAS Software Corporation. At Fusion Systems and OpenVision Software, Evan worked to bring the first high-availability software application for SunOS and Solaris to market. He is the author of several articles and talks on the design of high availability systems and is the co-author, with Hal Stern, of Blueprints for High Availability: Designing Resilient Distributed Systems (John Wiley & Sons, 2000).
W2 Practical Wireless IP: Concepts, Administration, and Security
Philip Cox and Brad C. Johnson, SystemExperts Corporation
Who should attend: Users, administrators, managers, and others interested in learning about some of the fundamental security and usage issues around wireless
IP services. This tutorial assumes some knowledge of TCP/IP networking and client/server computing, the ability or willingness to use administrative GUIs to set up a device, and a general knowledge of common laptop environments.
Whether you like it or not, wireless services are popping up everywhere. And you and your organization will be responsible for understanding and managing the devices you possess. Since the purpose of wireless is to share data when you aren't directly attached to a wired resource, you need to understand the fundamental security and usage options. In this tutorial we will cover a number of topics that affect you in managing and using wireless services. Some of the topics will be demonstrated live using popular wireless devices.
Topics include:
- Cellular services basics
- What's out there?
- Who's using what?
- What really matters?
- Wireless LAN fundamentals
- Architecture
- Threats
- 802.11b
- Configuration examples
- Antennas
- Access points
- Channels, placement
- Bandwidth, aggregation
- Congestion
- Roaming, signals
- General issues
- Sniffers
- Building your own access point
- 802.11a
Philip Cox (T6, W2) is a consultant with SystemExperts
Corporation. Phil frequently writes and lectures on issues of UNIX and Windows NT integration and on information security. He is the lead author of Windows 2000 Security Handbook, 2nd Edition (Osborne McGraw-Hill), a contributing author of Windows NT/2000 Network Security (Macmillan Technical Publishing), and a featured columnist in ;login: The Magazine of USENIX & SAGE. He has served on numerous USENIX program committees. Phil holds a B.S. in computer science from the College of Charleston, South Carolina.
Brad C. Johnson (W2) is vice president of
SystemExperts Corporation. He has participated in the Open Software Foundation, X/Open, and the IETF, and has often published about open systems. Brad has served as a security advisor to organizations such as Dateline NBC and CNN. He is a frequent tutorial instructor and conference speaker on network security, penetration analysis, middleware, and distributed systems. He holds a B.A. in computer science from Rutgers University and an M.S. in applied management from Lesley University.
W3 Building Honey Pots for Intrusion Detection NEW
Marcus Ranum, NFR Security, Inc.
Who should attend: System and network managers with administrative skills and a security background. The tutorial examples will be based on UNIX/Linux. While the materials may be of interest to a Windows/NT administrator, attendees will benefit most if they have at least basic UNIX system administration skills.
This class provides a technical introduction to the art of building honey pot systems for intrusion detection and burglar-alarming networks. Students completing this class will come away armed with the knowledge that will enable them to easily assemble their own honey pot, install it, maintain it, keep it secure, and analyze the data from it.
Topics include:
- Introduction
- IDSes
- Fundamentals of burglar alarms
- Fundamentals of honey pots
- Fundamentals of log-data analysis
- Spoofing servers
- Overview of our honey pot's design
- System initialization
- Services
- Spoofing server implementation walkthrough
- Multiway address/traffic manipulation
- Logging architecture: syslogs, XML logs, statistical processing
- Simple tricks for information visualization
- Crunchy implementation details
- How to write spoofing rules
- How to write log filtering rules
- Management
- How to get help in analyzing attacks
- Keeping up to date
Auxiliary materials: Attendees will receive a bootable CD-ROM containing a mini UNIX kernel and preconfigured software, and will also have source-code access to the honey pot building toolkit. Attendees may also wish to review The Honeynet Project, eds., Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community (Addison-Wesley, 2001).
Marcus Ranum (T8, W3) is founder and CTO of NFR
Security, Inc. He has been working in the computer/network security field for over 14 years and is credited with designing and implementing the first commercial Internet firewall product. Marcus also designed and implemented other significant security technologies, including the TIS firewall toolkit and the TIS Gauntlet firewall. As a researcher for ARPA, Marcus set up and managed the Whitehouse.gov email server. Widely known as a teacher and industry visionary, he has been the recipient of both the TISC Clue award and the ISSA lifetime achievement award. Marcus lives in Woodbine, Maryland, with his wife, Katrina, and a small herd of cats.
W4 Topics in UNIX and Linux Administration, Part 2 NEW
Trent Hein and Ned McClain, Applied Trust; Evi Nemeth, University of Colorado
Who should attend: System and network administrators who are interested in picking up several new technologies in an accelerated manner. The format consists of six topics.
Topics include:
- Efficient Server Log Management: Server and network device logs are one of the most useful sources of performance and security information. Unfortunately, system logs are often overlooked by organizations, out of either a lack of time or a preference for information from fancier intrusion detection systems. We present a set of open source tools and a unified strategy for securely managing centralized system logs.
- What's New with Sendmail: Newer versions of sendmail ship with a wealth of features every system administrator should know about. From advanced virus and spam filtering (Milter), to IPv6, to improved LDAP and mailbox abstraction support, we discuss sendmail's hot new features, quirks, and tricks.
- Performance Crisis Case Studies: Trying to squeeze more performance out of your existing environment? We'll walk you through the pathology of actual performance crisis situations we've encountered, and talk not only about how to fix them but also how to avoid them altogether. There's nothing like learning from real-world situations!
- Security Tools: A new generation's worth of security management tools are on the loose. We'll help you understand how to use them to your advantage. We'll examine network scanning tools such as Nessus and nmap, as well as new tools to facilitate security forensics.
- Site Localization and Management: Wouldn't it be nice if new system arrivals meant pushing a button and watching the localization work happen magically before your eyes? Imagine if systems at your site all shared a consistent configuration! We'll talk about modern tools for localization and mass deployment of systems, and how to keep systems up-to-date on a going forward basis.
- Security Incident Recovery: You've been vigilant about your site's security, but the day still comes when you detect an intruder. How do you handle the situation, analyze the intrusion, and restore both security and confidence to your environment? This crash course in incident handling will give you the skills you need to deal with the unthinkable.
Evi Nemeth (T4, W4), a faculty member in computer sci
ence at the University of Colorado, has managed UNIX systems for the past 25 years, both from the front lines and from the ivory tower. She is co-author of the UNIX System Administration Handbook. Evi is about to get out of the UNIX and networking worlds and explore the real world on a sailboat.
W5 Exploring the Potential
of LDAP
Gerald Carter, Hewlett Packard
Who should attend: Administrators and programmers interested in the potential of the Lightweight Directory Access Protocol (LDAP) and in exploring issues related to deploying an LDAP infrastructure. This tutorial is not a how-to for a specific LDAP server, nor is it an LDAP developers' course. Rather, it is an evaluation of the potential of LDAP to allow the consolidation of existing deployed directories. No familiarity with LDAP or other Directory Access Protocols will be assumed.
System administrators today run many directory services, though they may be called by such names as DNS and NIS. LDAP, the up-and-coming successor to the X500 directory, promises to allow administrators to consolidate multiple existing directories into one. Vendors across operating-system platforms are lending support.
Topics include:
- The basics of LDAP
- Current technologies employing LDAP services
- Replacing NIS using LDAP
- Integrating authentication mechanisms for other services (e.g., Apache, Sendmail, Samba) with LDAP
- LDAP interoperability with other proprietary directory services, such as Novell's NDS and Microsoft's Active Directory
- Programming tools and languages available for implementing LDAP support in applications
Gerald Carter (W5), a member of the Samba Team since
1998, is employed by Hewlett Packard as a Software Engineer, working on Samba-based print appliances. He is writing a guide to LDAP for system administrators to be published by O'Reilly. Jerry holds an M.S. in computer science from Auburn University, where he also served as a network and systems administrator. Gerald has published articles with Web-based magazines such as Linuxworld and has authored courses for companies such as Linuxcare. He recently completed the second edition of Teach Yourself Samba in 24 Hours (Sams Publishing).
W6 System and Network Performance Tuning
Marc Staveley, Soma Networks
Who should attend: Novice and advanced UNIX system and network administrators, and UNIX developers concerned about network performance impacts. A basic understanding of UNIX system facilities and network environments is assumed.
We will explore techniques for tuning systems, networks, and application code. Starting from a single-system view, we'll examine how the virtual memory system, the I/O system, and the file system can be measured and optimized. We'll move on to Network File System tuning and performance strategies. Detailed treatment of network performance problems, including network design and media choices, will lead to examples of network capacity planning. Application issues, such as system call optimization, memory usage and monitoring, code profiling, real-time programming, and controlling response time will be covered. Many examples will be given, along with guidelines for capacity planning and customized monitoring based on your workloads and traffic patterns. Analysis periods for particular situations will be provided.
Topics include:
- Performance tuning strategies
- Practical goals
- Monitoring intervals
- Useful statistics
- Tools, tools, tools
- Server tuning
- Filesystem and disk tuning
- Memory consumption and swap space
- System resource monitoring
- NFS performance tuning
- NFS server constraints
- NFS client improvements
- NFS over WANs
- Automounter and other tricks
- Network performance, design, and capacity planning
- Locating bottlenecks
- Demand management
- Media choices and protocols
- Network topologies: bridges, switches, routers
- Throughput and latency
- Modeling resource usage
- Application tuning
- System resource usage
- Memory allocation
- Code profiling
- Job scheduling and queuing
- Real-time issues
- Managing response time
Marc Staveley (W6) recently took a position with Soma
Networks, where he is applying his 18 years of experience with UNIX development and administration in leading their IT group. Previously Marc has been an independent consultant and has held positions at Sun Microsystems, NCR, Princeton University, and the University of Waterloo. He is a frequent speaker on the topics of standards-based development, multi-threaded programming, system administration, and performance tuning.
W7 Cisco's Security Features: What They Are, Where to Use Them, How to Configure Them NEW
John Stewart, Digital Island, Inc.
Who should attend: Network and system administrators running Cisco networks, and security professionals.
It's common knowledge that over 85% of all Internet traffic crosses a Cisco product at one time or another. Given this fact, it is obvious that improving security on Cisco products can improve the overall security of your site as well as the overall security of the Internet. However, the security features available in Cisco products can be a discipline in themselves. This class takes a nuts-and-bolts approach to deciding which Cisco security features to use, and when and where to use them. A sample network is used as the basis for the class. For each area, sample uses and actual configuration techniques are discussed.
Topics include:
- Perimeter Security
- Cisco Access Control Lists (ACLs)
- Lock and key
- TCP intercept
- Context-Based Access Control (CBAC)
- Firewalling technologies compared and contrasted
- PIX
- IOS
- Access Lists revealed
- Basic vs. extended
- Where and how to use ACLs
- Event logging
- Per-user ACLs on dial-up ports
- Router-to-router security
- Shared symmetrical application keys
- Distributed Director
- Remote access
- Route authentication
- User security
- Authentication, Authorization, Accounting (AAA)
- TACACS
- Fixed, OTP, SecureCard
- RADIUS
- Kerberos
- IPSec
- Current standards update
- Deploying IPSec with other
technologies
- ISAKMP/Oakley
- Availability
- Configuring and using IPSec
- Network Address Translation (NAT)
- Hiding your company
- Hiding your Web servers
- Using NAT over dial-up
- VPN
- VPDNs
- GRE tunnels
- Layer 2 Forwarding (L2F)
- L2TP tunnels
John Stewart (W7) is the Chief Security Officer at
Digital Island, Inc., a cable and wireless company. Prior to his work at Digital Island, he helped architect Cisco's Web site and worked on the security teams at Cisco and at NASA Ames Research Center. John, who is the co-author of the W3C's "WWW Security FAQ," has been teaching at the SANS and Network Security conferences since 1996 and serves on a number of technical advisory boards. He holds a B.S. and M.S. in computer science from Syracuse University.
W8 PHP: Scripting the Web NEW
Rasmus Lerdorf, Consultant
Who should attend: Web site designers or programmers working on Web-related projects. No programming background is required, but a basic understanding of HTML and HTTP is assumed.
PHP is a popular scripting language used for creating dynamic Web sites. This tutorial, taught by the original developer of the language, will cover all the main features of the language.
Topics include:
- History
- Language overview
- Sessions
- Error handling
- Database examples
- Creating graphics on the fly
- Creating PDF and Flash on the fly
- XML/XSLT
- Caching, content compression, and other tips
- Content management
- Extending PHP
Anybody involved with Web development will come out of this tutorial with some new approaches to common problems.
Rasmus Lerdorf (W8) has been designing large-scale
UNIX-based solutions since 1989. In the Open Source community, he is known mostly as the creator of the PHP scripting language. Rasmus has contributed to a number of Apache-related projects and is a member of the Apache core team. He currently lives in the San Francisco Bay Area with his wife, Christine. He can be reached at rasmus@php.net.
|