Check out the new USENIX Web site.
Conference Home At a Glance Register Tutorials Technical Sessions FREENIX Exhibition Organizers Activities

Tutorials: Overview | By Day (Sunday, Monday, Tuesday) | By Instructor | All in One File

SUNDAY, JUNE 18, 2000    

S1 UNIX Security Tools: Use and Comparison
Matt Bishop, University of California, Davis

Who should attend: UNIX system, network, and security administrators who need to better understand the various security tools currently available.

The goal of this course is to assist UNIX security administrators, and other interested users, in locating and using publicly available programs to improve the security of their systems. This course will compare the uses and drawbacks of several different programs, with an emphasis on when to use which. Only free tools with source code available will be discussed.

Topics include:

  • Tool checking and analysis
    • What to look for
    • How to analyze a tool
    • Checking downloaded tools for security problems
  • Static analysis tools: filesystem auditing (tiger, COPS)
  • Network analysis and security tools: monitors (nfsbug, tcp_wrappers), SATAN, Gabriel
  • Tools for privilege: managing shells (lsu, smrsh)
  • Tools for logging and log analysis tools (swatch, logcheck)
  • Libraries (msystem, trustfile)
  • Tools for authentication: proactive password changers (passwd+, crack)

Matt Bishop (S1) began working on problems of bishop_matt security in UNIX systems at Purdue, where he earned his doctorate. He subsequently worked at the Research Institute for Advanced Computer Science at NASA and taught courses in operating systems, computer security, and software engineering at Dartmouth College. Matt chaired the first USENIX Security Workshop and has been on the faculty at UC Davis since 1993.




S2 Sendmail Configuration and Operation (Updated for Sendmail 8.10)
Eric Allman, Sendmail, Inc.

Who should attend: System administrators who want to learn more about the sendmail program, particularly details of configuration and operational issues (this tutorial will not cover mail front ends). This will be an intense, fast-paced, full-day tutorial for people who have already been exposed to sendmail. This tutorial describes the latest release of sendmail from Berkeley, version 8.10.

We begin by introducing a bit of the philosophy and history underlying sendmail.

Topics include:

  • The basic concepts of configuration: mailers, options, macros, classes, keyed files (databases), and rewriting rules and rulesets
  • Configuring sendmail using the m4 macro package
  • Day-to-day management issues, including alias and forward files, "special" recipients (files, programs, and include files), mailing lists, command-line flags, tuning, and security
  • How sendmail interacts with the Domain Name System

Eric Allman (S2, T10) Eric Allman wrote sendmail, leads allman_eric sendmail.org, and is CTO of Sendmail, Inc. Eric was the lead programmer for the INGRES database management and the Mammoth infrastructure projects and authored syslog, tset, the -me troff macros, and trek, developed a commercial client/server implementation, helped develop a first-generation window system, and contributed to the Ring Array Processor Project. He has been a member of the Board of Directors of the USENIX Association. Eric received his M.S. in Computer Science from U.C. Berkeley. He collects wines, which he stashes in the cellar of the house he shares with Kirk McKusick, his partner of 20-and-some-odd years.

S3 System and Network Performance Tuning
Marc Staveley, Sun Microsystems, Inc.

Who should attend: Novice and advanced UNIX system and network administrators, and UNIX developers concerned about network performance impacts. A basic understanding of UNIX system facilities and network environments is assumed.

We will explore procedures and techniques for tuning systems, networks and application code. Starting from the single-system view, we will examine how the virtual memory system, the I/O system, and the file system can be measured and optimized. We'll extend the single-host view to include Network File System tuning and performance strategies. Detailed treatment of networking performance problems, including network design and media choices, will lead to examples of network capacity planning. Application issues, such as system call optimization, memory usage and monitoring, code profiling, real-time programming, and techniques for controlling response time will be addressed. Many examples will be given, along with guidelines for capacity planning and customized monitoring based on your workloads and traffic patterns. Question-and-analysis periods for particular situations will be provided.

Topics include:

  • Performance tuning strategies
    • Practical goals
    • Monitoring intervals
    • Useful statistics
    • Tools, tools, tools
    • Server tuning
    • Filesystem and disk tuning
    • Memory consumption and swap space
    • System resource monitoring
  • NFS performance tuning
    • NFS server constraints
    • NFS client improvements
    • NFS over WANs
    • Automounter and other tricks
  • Network performance, design, and capacity planning
    • Locating bottlenecks
    • Demand management
    • Media choices and protocols
    • Network topologies: bridges, switches, routers
    • Throughput and latency considerations
    • Modeling resource usage
  • Application tuning
    • System resource usage
    • Memory allocation
    • Code profiling
    • Job scheduling and queuing
    • Real-time issues
    • Managing response time

Marc Staveley (S3) recently took a position with Sun staveley_mark Microsystems Enterprise Services, where he is applying his 16 years of experience with UNIX development and administration in helping to create new service programs. Previously Marc was an independent consultant, and he has held positions at NCR, Princeton University, and the University of Waterloo. He is a frequent speaker on the topics of standards-based development, multi-threaded programming, systems administration, and performance tuning.



S4 Advanced Topics in Perl Programming NEW
Tom Christiansen, Consultant

Who should attend: Experienced Perl programmers interested in honing their existing Perl skills for quick prototyping, system utilities, software tools, system management tasks, database access, and WWW programming. Participants should have used Perl for basic scripting for several months prior to taking this course.

Topics include:

  • Complex data structures
  • References
  • Memory management and anonymous data structures
  • Packages and modules
  • Namespaces, scoping, and extent
  • Classes and objects
  • Object-oriented programming
  • Process control and management
  • Pipes and signals
  • Advanced I/O techniques and file locking
  • Assorted tips and tricks to use Perl effectively

Upon completion of this course, students will be able to:

  • Develop standard and OO modules for code reuse
  • Understand complex and hierarchical data structures
  • Understand Perl's facilities for file locking
  • Use Perl for multi-process and daemon programming
  • Understand inheritance, closures, and scoping in Perl
Tom Christiansen (S4, M8) has been involved with Perl christiansen_tom since day zero of its initial public release in 1987. Lead author of The Perl Cookbook, co-author of Programming Perl, Learning Perl, and Learning Perl on Win32 Systems, Tom is also the major caretaker of Perl's online documentation. He holds undergraduate degrees in computer science and Spanish and a Master's in computer science. He now lives in Boulder, Colorado.




S5 Windows NT Internals
Jamie Hanrahan, Kernel Mode Systems

Who should attend: This tutorial is aimed at operating system developers, applications programmers, and system administrators who need to understand the internal behavior and architecture of Windows NT. (Note: The information presented is valid for both NT Version 4 and Version 5.)

Windows NT is built on a new operating system code base, similar in many ways to well-established OSes such as UNIX and VMS, and very different from Microsoft's DOS/Win16/Windows 9x platforms. This tutorial will describe the behavior of Windows NT from a "system architecture" point of view. Using a variety of tools, we will explore internal interfaces and the behavior of the system, show how NT implements fundamental operating-system functions such as scheduling and memory management, and show how NT's architecture affects some of its functionality.

Topics include:

  • General system architecture
  • Providing operating system functions to user mode
  • Thread scheduling
  • Memory management internals
  • Using and interpreting performance measurement tools

Jamie Hanrahan (S5) provides Windows NT driver hanrahan_jamie development, consulting, and training services to leading companies. He is co-writing a book on Windows NT device drivers (O'Reilly and Associates). He also has an extensive background in VMS device drivers and internals. He is co-author of VMS Advanced Driver Techniques, and he received Digital's Instructor of the Year award for his courses in VMS device drivers and internals.




S6 Hacking Exposed: LIVE! NEW
George Kurtz and Eric Schultze, Rampart Security Group

Who should attend: Network and system administrators, security administrators, and technical auditors who want to secure their UNIX/NT—based networks.

Is your UNIX/NT—based network infrastructure up to meeting the challenge of malicious marauders? In this tutorial we'll present the methodologies used by today's hackers to gain access to your networks and critical data. We'll demonstrate a typical attack exploiting both well-known and little-known NT-based vulnerabilities. We'll show how NT attackers can leverage UNIX vulnerabilities to circumvent traditional security mechanisms. And we'll identify opportunities to better secure the host and networks against more esoteric attacks. All examples will be demonstrated on a live network of machines.

Topics include:

  • Footprinting your site
    • Port scanning
    • Banner grabbing
  • Exploiting common configuration and design weaknesses in NT networks
    • Enumerating user and system information from NT 4 and Windows 2000 hosts
    • Exploiting Web services
    • Logging on to NT using only the password hash
    • Routing through IPX and NetBEUI networks
    • Grabbing remote shells on NT
    • Hijacking the GUI
    • Hidden trojans: executing streamed files
  • Bypassing routers and firewall filtering
    • Using source ports
    • Leveraging port redirection
    • 101 uses for Netcat
  • Linking NT and UNIX vulnerabilities for maximum exploitation
  • Securing NT systems to prevent attacks

George Kurtz (S6) has performed hundreds of firewall, kurtz_george network, and e-commerce­related security assessments throughout his security consulting career. He is a regular speaker at many security conferences and is frequently quoted in The Wall Street Journal, InfoWorld, USA Today, and the Associated Press. He is the co-author of the widely acclaimed Hacking Exposed: Network Security Secrets and Solutions.




Eric Schultze (S6) specializes in assessing and securing schultze_eric Microsoft products. He is a contributing author to Hacking Exposed: Network Security Secrets and Solutions and is a frequent speaker at security conferences, including Black Hat, CSI, and MIS. Eric is also a faculty instructor for CSI's education resource center, presenting workshops on NT4 and Windows 2000 security.



S7 Introduction to UNIX Administration
Peter Baer Galvin, Corporate Technologies, Inc.

Who should attend: UNIX or other operating system users wishing to know more about UNIX administration.

This tutorial is designed to teach UNIX administration skills to those who are experienced with computers but new to UNIX administration. The course covers all of the essential system administration topics and stresses professional methods of administration. It uses Solaris as the example operating system when exploring detailed examples, with some Linux tossed in.

Topics include:

  • The role of the system administrator
  • Overview of the UNIX file system
  • User authorization and control
  • The file system
  • System startup and shutdown
  • Boot process and start-up files
  • Installation
    • Installation from a CD
    • Jumpstart
    • Patches
    • Installing layered software
  • Crash recovery
  • File System Backups
  • System tuning and process control
  • Configuration and devices
  • Devices
    • Device naming
    • Device creation
    • Troubleshooting SCSI problems
  • Admintool
    • Admintool overview
    • Printing
    • User management
    • Terminal configuration
  • System administration goals
    • transparency
    • interoperability
  • TCP/IP and RPC
  • Networking
  • NFS
  • File systems
    • Caching file system
    • AutoFS
    • Vold
  • Security
    • Restricted shells
    • Sun security packages
    • Post-installation changes
    • Security tools and ideas
  • Monitoring, managing, and troubleshooting
  • Performance
    • Performance monitoring tools
    • Tuning via cookbook

Peter Baer Galvin (S7, M2) is the chief technologist for galvin_peter Corporate Technologies, a systems integrator and VAR. Previously, he was the systems manager for Brown University's Computer Science Department. He has written articles for Byte and other magazines and is a regular columnist for SunWorld. He is co-author of the Operating Systems Concepts and the Applied Operating Systems Concepts textbooks. As a consultant and trainer, Peter has taught tutorials on security and system administration and has given talks at many conferences.


S8 Cryptographic Algorithms Revealed NEW
Greg Rose, QUALCOMM Australia

Who should attend: Anyone interested in a fairly detailed overview of what makes cryptographic algorithms work, and, when they don't work, how they are broken. The tutorial will be as up-to-the-minute as possible with respect to the development of the Advanced Encryption Standard.

Some mathematical background is required--at the very least, familiarity with common mathematical notation and polynomials, and some elementary statistical knowledge. You've been warned.

Topics include (unless time runs out):

  • Brief history
    • substitution and transposition
    • development of DES
    • public-key cryptography
  • Symmetric block ciphers
    • Feistel ciphers in general
    • DES
    • SKIPJACK
    • Current AES candidates (Rijndael, Twofish, MARS, RC6, Serpent)
    • Block-cipher modes of operation
  • Symmetric stream ciphers
    • Panama
    • A5, SOBER and other LFSR-based constructions
  • Cryptanalysis
    • Differential & linear cryptanalysis
    • Attack assumptions and threat models
    • Attacks on stream ciphers
  • Public-key systems
    • Group and finite field theory
    • Discrete log systems (El Gamal, Diffie-Hellman, DSS)
    • RSA
    • Elliptic curves
  • Other stuff
    • Hash functions, SHA-1

Greg Rose (M4) graduated from the University of New rose_greg South Wales with a B.Sc. (honours) in computer science and was awarded the University Medal in 1977. A member of the Board of Directors of the USENIX Association, he served as program chair of the 1996 USENIX Security Symposium. As Principal Engineer at QUALCOMM, he focuses on cryptographic security and authentication for wireless communications, and on setting up the office of QUALCOMM Australia. He has written a number of public tools using cryptography, and he holds generic cryptographic export licenses for two countries.



MONDAY, JUNE 19, 2000    

M1 Intrusion Detection and Network Forensics
Marcus J. Ranum, Network Flight Recorder, Inc.

Who should attend: Network and system managers, security managers, and auditors. This tutorial assumes some knowledge of TCP/IP networking and client/server computing.

What can intrusion detection do for you? Intrusion detection systems are designed to alert network managers to unusual or possibly hostile events within the network. Once you've found traces of a hacker, what should you do? What kinds of tools can you deploy to determine what happened, how they got in, and how to keep them out? This tutorial provides a highly technical overview of the state of intrusion detection software and the types of products that are available, as well as basic principles to apply to building your own intrusion detection alarms. Methods of recording events during an intrusion are also covered.

Topics include:

  • What is IDS?
    • Principles
    • Prior art
  • Can IDS help?
    • What IDS can and can't do
    • IDS and the WWW
    • IDS and firewalls
    • IDS and VPNs
  • Types and trends in IDS design
    • Anomaly detection
    • Misuse detection
    • Traps
    • Future avenues of research
  • Concepts for building your IDS
    • What you need to know first
    • Performance issues
  • Tools for building your IDS
    • Sniffers and suckers
    • Host logging tools
    • Log recorders
  • Reporting and recording
    • Managing alerts
    • What to throw away
    • What to keep
  • Network forensics
    • So you've been hacked . . .
    • Forensic tools
    • Brief overview of evidence handling
    • Who can help you
  • Resources and references

Marcus J. Ranum (M1) is CEO and founder of Network ranum_marcus Flight Recorder, Inc. He is the principal author of several major Internet firewall products, including the DEC SEAL, the TIS Gauntlet, and the TIS Internet Firewall Toolkit. Marcus has been managing UNIX systems and network security for over 13 years, including configuring and managing whitehouse.gov. Marcus is a frequent lecturer and conference speaker.



M2 Advanced Solaris Systems Administration Topics
Peter Baer Galvin, Corporate Technologies, Inc.

Who should attend: UNIX administrators who need more knowledge of Solaris administration.

This course covers a variety of topics that matter to Solaris system administrators. We will discuss the major new features of recent Solaris releases, including which to use and how to use them, and which to avoid. This in-depth course will provide the information a system manager/administrator needs to run a Solaris installation effectively.

Topics include:

  • Installing and upgrading
    • Architecting an appropriate
      facility
    • Choosing the best hardware for your needs
    • Planning your installation, filesystem layout, post-installation steps
    • Installing (and removing) patches and packages
  • Advanced features of Solaris 2
    • CacheFS: configuring and using AutoFS
    • The /proc file system and commands
    • Useful tips and techniques
  • Networking and the kernel
    • Virtual IP: configuration and uses
    • Kernel and performance tuning: new features, adding devices, tuning, debugging commands
    • Devices: naming conventions, drivers, gotchas
  • Enhancing Solaris
    • High-availability essentials: disk failures and recovery, RAID levels, uses and performance, H-A technology and implementation
    • Performance: how to track down and break up bottlenecks
    • Tools: useful free tools, tool use strategies
    • Security: locking down Solaris, system modifications, tools
    • Resources and references

Peter Baer Galvin (S7, M2) is the chief technologist for galvin_peter Corporate Technologies, a systems integrator and VAR. Previously, he was the systems manager for Brown University's Computer Science Department. He has written articles for Byte and other magazines and is a regular columnist for SunWorld. He is co-author of the Operating Systems Concepts and the Applied Operating Systems Concepts textbooks. As a consultant and trainer, Peter has taught tutorials on security and system administration and has given talks at many conferences.



M3 Linux Systems Administration
Bryan C. Andregg, Red Hat, Inc.

Who should attend: This tutorial is directed at system administrators who are planning on implementing a Linux solution in a production environment. Course attendees should be familiar with the basics of systems administration in a UNIX/Linux environment: user-level commands, administration commands, and TCP/IP networking. The novice administrator and the guru should both leave the tutorial having learned something.

Topics include (with special emphasis on security):

  • Installation features
  • Disk partitioning and RAID
  • Networking
  • User accounts
  • Services
  • NFS and NIS
  • High-availability environments
  • The workplace
  • Up and coming in the Linux world (CODA, LVM, etc.)

Upon completion of the course, attendees should feel confident in their ability to set up and maintain a secure and useful Linux network. The tutorial will be conducted in an open manner that allows for questions at all times.

Bryan C. Andregg (M3, T6) is the Director of Networks andregg_bryan at Red Hat Inc. He has been with the company for three years and in that time has moved from being the only systems administrator through almost every job in IS. Bryan's next round of business cards will give his job title as "firefighter."




M4 Windows NT and UNIX Integration: Problems and Solutions
Phil Cox, SystemExperts Corporation;
Gerald Carter, Auburn University

Who should attend: System administrators who are responsible for heterogeneous Windows NT­ and UNIX­based systems. Attendees should have user-level knowledge of both UNIX and Windows NT, and it's recommended they have systems administration experience in at least one of these OSes.

Today's organizations choose computing solutions from a variety of vendors. Often, integrating the solutions into a seamless, manageable enterprise is an afterthought, left up to system administrators. This course covers specific problem areas in administering a mixture of UNIX and Windows NT systems. The focus will be on practical solutions that can be applied today to real-world administration problems.

Topics include:

  • Overview of NT and UNIX
    • Basic homogeneous setups
    • Services: what's offered, and how
    • Similarities
    • Differences
    • Potential sticking points
  • Areas of interest
    • Electronic mail
    • Web servers
    • User authentication
    • File serving
    • Printing
    • Faxes and modems
    • Host-to-host connectivity
    • Remote administration
    • Backup and restore

For each of the areas of interest we will cover:

  • Current uses in homogeneous environments
  • Available answers--where integration can happen
  • Integration solutions, how to choose one, some useful tools
  • Security considerations

Phil Cox (M4, T5) is a consultant for SystemExperts Corporation. Phil cox_philfrequently writes and lectures on issues bridging the gap between UNIX and Windows NT. He is a featured columnist in ;login;, the magazine of USENIX & SAGE, and has served on numerous USENIX program committees. Phil holds a B.S. in computer science from the College of Charleston, South Carolina.



Gerald Carter (M4, T4) has been a member of the carter_gerald SAMBA Team since 1998 andhas been maintaining SAMBA servers for the past four years. As a network manager at Auburn University, Gerald maintains approximately 700 PCs and 30 Solaris 2.x servers. He is the lead author of Teach Yourself SAMBA in 24 Hours (Sams Publishing) and has worked as an instructor or technical reviewer for major publishers.



M5 Security from the Inside Out: System Engineering for Security Systems NEW
Char Sample, L-3 Network Security;
Ian Poynter, Jerboa Inc.

Who should attend: Consultants, systems architects, information security professionals, system administrators, and anyone responsible for planning, implementing, or evaluating security systems.

There are many different point solutions that address various security issues. Firewalls, IDS, VPNs, authentication devices, and various servers provide tactical point solutions. How do we pull all of these together to form a security system? How do we properly engineer this system and avoid the pitfalls of over-engineering?

You will learn how to quantify values in your networked environment, giving you the information to determine how much security is needed and where.

Topics include the following systems engineering areas as they relate to network security:

  • Needs
  • Operations, stated and unstated
  • Requirements: how to derive and quantify them
  • Architecture
  • Design
  • Implementation and integration
  • Testing and evaluation (or reevaluation) of the security system

While these steps may seem obvious to most of us, when we implement security systems we rarely, if ever, follow this process. We will discuss the vision of a security architecture and how to handle all phases of this process, how to engineer the multiple layers of security, and how to navigate politically and technically to create the best solution for your environment.

Char Sample (M5), a senior systems engineer at L-3 sample_char Network Security, has over fourteen years of experience in the industry. One of the original five engineers on the Gauntlet project at Trusted Information Systems, Char has installed and integrated over 200 firewalls and has experience deploying e-commerce solutions. She has developed and delivered training for a number of organizations and has been an invited speaker for various industry security conferences.


Ian Poynter (M5) is president of Jerboa Inc., a strategic poynter_ian Internet security consultancy he founded in 1994. He has over 14 years in the technology industry, focusing on networking and human/computer interfaces. He has delivered firewall and Internet security training to key IS personnel and has appeared as an expert speaker at professional meetings and industry conferences. Mr. Poynter holds a B.Sc. First Class in computer science from University College, London.


M6 Topics in Systems Administration I NEW
Barb Dijker, NeTrack;
Evi Nemeth, University of Colorado

Who should attend: System and network administrators who want to learn real-life solutions to everyday problems.

Overwhelmed by the rapid change in the systems administration field? This tutorial is a potpourri of learning about UNIX topics that will make you more effective in your role as a system administrator.

Topics include:

  • LDAP: We'll tell you what it is and how to use it in real life. We'll cover integration of LDAP with an organization directory, sendmail, and firewalls. The major focus will be on choosing a UNIX server that's right for your organization.
  • RRDtool: This data management tool (from the author of MRTG) is ideal for site statistics monitoring. The class will explain how to use available front ends to monitor network and host performance.
  • Y2K reflections: The year change came and went with very few issues. We'll discuss what did go wrong, and what the UNIX community learned from all the energy that was spent in preparation.
  • DHCP: Short on address space? Sick of configuring each and every one of your users' machines? We'll talk about making DHCP work for your organization. We will cover servers and clients, on both UNIX and NT and hosts.
  • Disaster planning: In planning for disasters, whether they are physical incidents, security incidents, or just sysadmin errors, hindsight and good backups are invaluable. We will provide some guidelines and a checklist of some of the documentation that you need to maintain to make disasters more recoverable.
  • Security tools: A new generation's worth of security management tools are on the loose, and we'll help you understand how to use them to your advantage. We'll examine new scanning tools such as Nessus and nmap, as well as looking at new tools to facilitate security forensics.

Barb Dijker (M6) is currently the owner of and lead everything at NeTrack, a Colorado ISP. She's also the Executive Director of the Colorado Internet Cooperative Association and the president of SAGE. Barb has been a system administrator for 12 years.

Evi Nemeth (M6) is a faculty member in computer sci nemeth_evi ence at the University of Colorado and has managed UNIX systems for the past 20 years, both from the front lines and from the ivory tower. She is co-author of the UNIX System Administration Handbook.




M7 Administering Windows 2000: A Course for UNIX People UPDATED
Aeleen Frisch, Exponential Consulting

Who should attend: UNIX system administrators who are also responsible for Windows 2000 systems (or who may become responsible for them). Attendees should be comfortable with general systems administration concepts (file systems, processes, user accounts, backups, and the like), as well as the major tools and procedures used to manage them on UNIX systems. As was true with Windows NT 4.0, a sense of humor will be beneficial when initially approaching Windows 2000.

The primary goal of this course is to help you apply what you already know about systems administration under UNIX to the tasks and challenges of the Windows 2000 environment, in an effort to make that transition as easy and painless as possible. The course will include a variety of real-world examples and will focus on practical techniques and strategies for Windows 2000 systems administration. You can expect a very fast-paced, information-rich course.

Note: People who are familiar with Windows NT 4.0 will find some/much of the material in this course to be a review. Differences between Windows NT 4.0 and Windows 2000 will be discussed.

Topics include:

  • Windows 2000 overview
  • Upgrading Windows NT 4.0 systems
  • Booting under Windows NT
  • Managing user accounts under Active Directory
  • Disks and file systems
  • Networking: connecting to UNIX and other systems
  • Printing on and from Windows 2000 systems
  • Overview of Windows 2000 security
  • Integration with UNIX systems

Aeleen Frisch (M7) has been a system administrator for frisch_aeleen over 15 years. She currently looks after a very heterogeneous network of UNIX and Windows NT systems. She is the author of several books, including Essential Windows NT System Administration.




M8 Advanced CGI Techniques Using Perl NEW
Tom Christiansen, Consultant

Who should attend: Experienced Perl programmers and Webmasters interested in learning more about CGI techniques than would be learned in a class on how to write a CGI program in Perl. Attendees are assumed to know the fundamentals of HTML and CGI programming, as well as using (but not writing) Perl modules.

CGI programming is fundamentally an easy thing. The Common Gateway Interface merely defines that a CGI program be able to read stdin and environment variables, and to write stderr. But writing efficient CGI programs of any degree of complexity is a difficult process.

Topics include:

  • Multi-stage forms
    • Sequential
    • cart" systems
    • Undirected "jump page" systems
    • Techniques for recording selections across pages
  • Cookies
    • For authentication and authorization
    • For user tracking
    • For data validation
    • For data hiding and indirection
    • Data exchange and efficiency
    • File uploading
    • Redirection and temporary aliasing
  • CGI Security
    • Taint checking
    • Denial-of-Service attacks
    • Data security
    • Daemonization of processes
    • Fast CGI and mod_perl
    • Front-end/back-end solutions
    • Backgrounding
    • Invocation and response techniques
    • Statelessness and statefulness
    • PATH_INFO vs. cookies vs. CGI parameters
    • Static vs. dynamic vs. locally cached responses
  • Web automation from CGI scripts
    • Fetching remote pages
    • Parsing HTML and extracting data
    • Determining and setting image sizes

In all examples, we will show which Perl modules make these tasks easier. Numerous code examples will be provided, as well as pointers to Web pages containing fully functioning examples for later examination.

Tom Christiansen (S4, M8) has been involved with Perl christiansen_tom since day zero of its initial public release in 1987. Lead author of The Perl Cookbook, co-author of Programming Perl, Learning Perl, and Learning Perl on Win32 Systems, Tom is also the major caretaker of Perl's online documentation. He holds undergraduate degrees in computer science and Spanish and a Master's in computer science. He now lives in Boulder, Colorado.



M9 Modern Security Systems for Intranets, Extranets, and the Internet
Daniel E. Geer, Jr., @Stake;
Jon Rochlis, SystemExperts Corporation

In today's fast-moving Internet and client-server world, security is a critical component of most systems. But security systems are complex and confusing. Different systems provide overlapping functionality, and what's popular today may
be gone tomorrow. This course describes many of today's most popular network security systems. We describe how the various security protocols work, what value they provide, and how difficult they are to implement. The goal: attendees should become well equipped to understand which protocols are applicable to their environments and systems, which to pursue in more detail, and which are likely to be just a flash in the pan.

Topics include:

  • Internet/intranet security: confidentiality, authentication, integrity, authorization
  • Fundamental technology: encryption, public key, private key, certification
  • Low-security systems: basic WWW/HTTP, cookies, classic remote login (telnet/rlogin/rsh), file transfer
  • Secure Socket Layer (SSL) for securing HTTP
  • Kerberos-based systems: intranet cross-application private key, including MS-DCE and Microsoft NT5
  • Secure Shell (SSH): remote login and lots more
  • Email: PGP & S/Mime
  • VPNs: IPSec, remote access
  • Payment protocols: Digicash, SET (Visa/Mastercard), and more

Daniel E. Geer, Jr. (M9), is CTO of @Stake. Dr. Geer geer_dan has a long history in network security and distributed computing management as an entrepreneur, consultant, teacher, and architect. He holds a B.S. in electrical engineering and computer science from MIT, and an Sc.D. in biostatistics from Harvard University. In USENIX he has participated in virtually every activity, including serving as technical program chair for the San Diego, California, 1993 Winter Technical Conference, as well as conference chair for both the First Symposium on Mobile and Location Independent Computing and the First USENIX Workshop on Electronic Commerce. He was elected to the Board of Directors in June 1994 and began an elected two-year term as vice-president in June 1996. He is the co-author of Wiley's Web Security Sourcebook (June 1997).

Jon Rochlis (M9) is a senior consultant for System rochlis_jon_a Experts Corp. He and his colleagues provide high-level advice to businesses large and small in the areas of network security, distributed systems design and management, high availability, and electronic commerce. Before joining SystemExperts, Mr. Rochlis was engineering manager with BBN Planet, a major national Internet service provider.



M10 Secure Networking: An Introduction to VPN Architecture and Implementation NEW
Tina Bird, Counterpane Internet Security

Who should attend: System administrators and network managers responsible for remote access and wide-area networks within their organization. Participants should be familiar with TCP/IP networking and fundamental network security, although some review is provided. The purpose of this tutorial is to provide a step-by-step guide to evaluating an organization's VPN requirements, selecting the appropriate VPN architecture, and implementing it within a preexisting security infrastructure.

Virtual private networking technology provides a flexible mechanism for addressing connectivity needs within many organizations. This class focuses on assessing business and technical requirements for remote access and extranet connections; evaluating VPN technology; integrating VPNs within an existing network infrastructure; common implementation difficulties; and VPN security issues.

Topics include:

  • VPN security features (encryption, access control, NAT) and how they protect against common Internet threats
  • Assessing your organization's needs for remote access
  • IPSec, PPTP, application-layer VPNs, and where they fit
  • A brief review of commercial VPN products
  • Implementing VPN technology within your organization's network
  • Common VPN difficulties
  • VPN security issues

After completing this course, attendees should be ready to evaluate their requirements for remote access and begin testing commercial VPN implementations.

Tina Bird (M10) is a senior security analyst at Counter bird_tina pane Internet Security. She has implemented and managed a variety of wide-area-network security technologies and has developed, implemented, and enforced corporate IS security policies. She is the moderator of the VPN mailing list and the owner of "VPN Resources on the World Wide Web," a vendor-neutral source of information about VPN technology. Tina has a B.S. in physics from Notre Dame and an M.S. and Ph.D. in astrophysics from the University of Minnesota.



TUESDAY, JUNE 20, 2000    

T1 Designing Resilient Distributed Systems-- High Availability
Evan Marcus, VERITAS Software Corporation

Who should attend: Beginning and intermediate UNIX system and network administrators, and UNIX developers concerned with building applications that can be deployed and managed in a highly resilient manner. A basic understanding of UNIX system programming, UNIX shell programming, and network environments is required.

This course will explore procedures and techniques for designing, building, and managing predictable, resilient UNIX-based systems in a distributed environment. Hardware redundancy, system redundancy, monitoring and verification techniques, network implications, and system and application programming issues will all be addressed. We will discuss the trade-offs among cost, reliability, and complexity.

Topics include:

  • What is high availability? Who needs it?
  • Defining uptime and cost; "big rules" of system design
  • Disk and data redundancy; RAID and SCSI arrays
  • Host redundancy in HA configurations
  • Network dependencies
  • Application system programming concerns
  • Anatomy of failovers: applications, systems, management tools
  • Planning disaster recovery sites and data updates
  • Security implications
  • Upgrade and patch strategies
  • Backup systems: off-site storage, redundancy, and disaster recovery issues
  • Managing the system: managers, processes, verification

Evan Marcus (T1) is a senior systems engineer and high marcus_evan_l availability specialist with VERITAS Software Corporation. Evan has more than 12 years of experience in UNIX systems administration. While employed at Fusion Systems and OpenVision Software, Evan worked to bring the first high availability software application for SunOS and Solaris to market. Evan is the author of several articles and talks on the design of high availability systems.



T2 Solaris Internals: Architecture, Tips, and Tidbits
Richard McDougall and James Mauro, Sun Microsystems, Inc.

Who should attend: Software engineers, application architects and developers, kernel developers, device driver writers, system administrators, performance analysts, capacity planners, Solaris users who wish to know more about the system they're using and the information available from bundled and unbundled tools, and anyone interested in operating system internals.

The installed base of Solaris systems being used for various commercial data-processing applications across all market segments and scientific computing applications has grown dramatically over the last several years, and it continues to grow. As an operating system, Solaris has evolved considerably, with some significant changes made to the UNIX SVR4 source base on which the early system was built. An understanding of how the system works is required in order to design and develop applications that take maximum advantage of the various features of the operating system, to understand the data made available via bundled system utilities, and to optimally configure and tune a Solaris system for a particular application or load.

Topics include the major components of the Solaris operating system, including the process/thread/dispatcher subsystem, virtual memory, file systems, and I/O interfaces. The kernel data structures and algorithms are discussed for all the major subsystems, with descriptions of the data extraction points used by the bundled (e.g., sar(1M), vmstat(1M), mpstat(1M)) and several unbundled tools and utilities (e.g., ProcTool, MemTool). Additional topics of discussion include the implementation of the kernel-locking primitives (e.g., mutexes, condition variables), system clocks (hardware and software), the 64-bit kernel, linkers and libraries, system calls, interprocess communication, and kernel tunable parameters. Solaris versions 2.6 and 7 are covered, with an update section covering the major features of Solaris 8.

After completing this course, participants will have a solid understanding of the internals of the major areas of the Solaris kernel that they will be able to apply to systems performance analysis, tuning, load/
behavior analysis, and application development.

Richard McDougall (T2), an established engineer in mcdougall_richard the Performance Application Engineering Group at Sun Microsystems, focuses on large systems performance and architecture. He has over 12 years of experience in UNIX performance tuning, application/kernel development, and capacity planning. Richard is the author of many papers and tools for measurement, monitoring, tracing and sizing UNIX systems, including the memory-sizing methodology for Sun, the MemTool set for Solaris, the recent Priority Paging memory algorithms in Solaris, and many unbundled tools for Solaris, and is co-author of Solaris Internals: Architecture Tips and Techniques (Sun Microsystems Press/Prentice Hall, forthcoming).

James Mauro (T2) is an enterprise IT architect for Sun Microsystems, focusing on multi-tier and distributed application platforms, with an eye to availability and scalable growth. He works extensively with Solaris application development, performance tuning, capacity planning, and general systems behavior analysis. Jim, who has 20 years of UNIX industry experience, writes a monthly column on Solaris internals for SunWorld and is co-author of Solaris Internals: Architecture Tips and Techniques (Sun Microsystems Press/Prentice Hall, forthcoming).

T3 Inside the Linux Kernel
Stephen C. Tweedie, Red Hat, Inc.; Theodore Ts'o, VA Linux Systems

Who should attend: Application programmers and kernel developers. You should be reasonably familiar with C programming in the UNIX environment, but no prior experience with the UNIX or Linux kernel code is assumed.

This tutorial will give you an introduction to the structure of the Linux kernel, the basic features it provides, and the most important algorithms it employs.

The Linux kernel aims to achieve conformance with existing standards and compatibility with existing operating systems; however, it is not a reworking of existing UNIX kernel code. The Linux kernel was written from scratch to provide both standard and novel features, while taking advantage of the best practice of existing UNIX kernel designs.

Although the material will focus on the release version of the Linux kernel (v. 2.2), it will also address aspects of the development kernel codebase (v. 2.3), where its substance differs from 2.2. It will not examine the source code in detail but will, rather, offer an overview and roadmap of the kernel's design and functionality.

Topics include:

  • Linux kernel organization: scheduler, virtual memory system, filesystem layers, device driver layers, networking stacks
    • The interface between each module and the rest of the kernel, and its functionality
    • Common kernel support functions and algorithms used by each module
    • How modules provide for multiple implementations of similar functionality: network protocols, filesystem types, device drivers, architecture-specific machine interfaces
  • Basic ground rules of kernel programming, such as races and deadlock conditions
  • Implementation of the most important kernel algorithms and their general properties (aspects of portability, performance, and functionality)
  • The main similarities and differences between Linux and traditional UNIX kernels, with special attention to significantly different algorithms in Linux
  • Details of the Linux scheduler, its VM system, and the ext2fs filesystem
  • The strict requirements for ensuring that kernel code is portable among the many architectures Linux supports

Stephen C. Tweedie (T3) works on Linux kernel inter tweedie_stephen nals and high availability for Red Hat, Inc. Before that, he worked on VMS filesystem internals for Digital's Operating Systems Software Group. He has been contributing to Linux for a number of years, in particular designing some of the high-performance algorithms central to the ext2fs file system and the virtual memory code.



Theodore Ts'o (T3) has been a Linux kernel developer ts'o_theodore since almost the very beginnings of Linux--he implemented POSIX job control in the 0.10 Linux kernel. He is the maintainer and author for the Linux COM serial port driver and the Comtrol Rocketport driver. He architected and implemented Linux's tty layer. Outside of the kernel, he is the maintainer of the e2fsck filesystem consistency checker. Ted is currently employed by VA Linux Systems.



T4 Configuring and Administering Samba Servers NEW
Gerald Carter, Auburn University

Who should attend: System and network administrators who wish to integrate Samba running on a UNIX-based machine with Microsoft Windows clients. No familiarity with Windows networking concepts will be assumed.

Samba is a freely available suite of programs that allows UNIX-based machines to provide file and print services to Microsoft Windows PCs without installing any third-party software on the clients. This allows users to access necessary resources from both PCs and UNIX workstations. As Samba makes its way into more and more network shops all over the world, it is common to see "configuring Samba servers" listed as a desired skill on many job descriptions for network administrators.

This tutorial will use real-world examples taken from daily administrative tasks.

Topics include:

  • Installing Samba from the ground up
  • Understanding the basic Microsoft networking protocols and concepts, such as NetBIOS, CIFS, and Windows NT domains (including Windows 2000)
  • Configuring a UNIX box to provide remote access to local files and printers from Microsoft Windows clients
  • Utilizing client tools to access files on Windows servers from a UNIX host
  • Configuring Samba as a member of a Windows NT domain in order to utilize the domain's PDC for user authentication
  • Using Samba as a domain controller
  • Configuring Samba to participate in network browsing
  • Automating the daily tasks of managing Samba

Gerald Carter (M4, T4) has been a member of the carter_gerald SAMBA Team since 1998 andhas been maintaining SAMBA servers for the past four years. As a network manager at Auburn University, Gerald maintains approximately 700 PCs and 30 Solaris 2.x servers. He is the lead author of Teach Yourself SAMBA in 24 Hours (Sams Publishing) and has worked as an instructor or technical reviewer for major publishers.



T5 Computer Attacks: Trends and Countermeasures
Tina Darmohray, Consultant; Phil Cox, SystemExperts Corporation

Who should attend: System and network administrators who implement or maintain networks, and site managers charged with selecting and setting site security requirements. Familiarity with TCP/IP networking is a plus.

Many classic security problems, such as perimeter and host security, have become well defined and are routinely addressed by a wide range of product offerings. However, computer and network attacks are still on the rise. How to combat these attacks effectively is a network and security management discipline with emerging strategies and solutions. This tutorial will cover the latest trends in computer attacks and the security precautions you can take against them, including defensive penetration analysis, host auditing, network logging solutions, and intrusion detection.

After taking this tutorial, attendees will understand the important areas of security management. They will be able to defensively assess their system and network security. Additionally, they will have an appreciation for auditing and monitoring hosts and networks for intrusions, and for storing critical information required for network forensics.

Topics include:

  • Trends in computer attacks
  • Defensive penetration analysis
  • Host and network auditing tools
  • Intrusion detection
  • Network forensics
  • Ethics, policies, and legal concerns of auditing computer communications

Tina Darmohray (T5) is a network and security consultant with over a darmohray_tinadecade of experience in administration and programming UNIX/TCP-based computers. She specializes in firewalls, Internet connections, sendmail/DNS configurations, and defensive intrusion management. Previously Tina was the lead for the UNIX support team at Lawrence Livermore National Laboratory. Tina was a founding board member of SAGE, the System Administrators Guild. She is the author of the popular SAGE jobs booklet Job Descriptions for System Administrators, she's co-editor of ;login:, the magazine of USENIX & SAGE, and she co-chaired the USENIX LISA IX conference. Tina holds a B.S. and an M.S. from the University of California, Berkeley.

Phil Cox (M4, T5) is a consultant for SystemExperts Corporation. Phil cox_philfrequently writes and lectures on issues bridging the gap between UNIX and Windows NT. He is a featured columnist in ;login;, the magazine of USENIX & SAGE, and has served on numerous USENIX program committees. Phil holds a B.S. in computer science from the College of Charleston, South Carolina.





T6 Network Administration NEW
Bryan C. Andregg, Red Hat, Inc.

Who should attend: This tutorial is directed at system administrators who are implementing network services and are looking for a background in the configuration of those services, and for the basics of the protocols and performance tuning. Attendees should have used or been the client of an IP network and have a basic knowledge of systems administration, but do not need to be experienced network administrators. Both new network administrators and gurus will leave the tutorial having learned something.

System administrators are increasingly being tasked with bringing their office environments on-line, with "on-line" ranging from a stand-alone client attached to the Internet to a distributed network of Web servers. The prospect of the network services to be configured can be daunting to administrators who aren't familiar with the applications. Configuration examples, discussed with brief overviews of the underlying protocols, can be taken away for direct application after the conference.

Topics include (with a special emphasis on security):

  • Networking overview
  • Client networking
  • Serving networked clients
  • Network services
    • SSH
    • FTP
    • HTTP
    • SMTP
    • NFS
    • DHCP
  • Network troubleshooting
  • Neat network tricks
  • Up-and-coming topics
    • VPN
    • IPv6

Attendees should leave the course feeling confident in their ability to set up and maintain secure network services. The tutorial will be conducted in an open manner that allows for questions at all times.

Bryan C. Andregg (M3, T6) is the Director of Networks andregg_bryan at Red Hat Inc. He has been with the company for three years and in that time has moved from being the only systems administrator through almost every job in IS. Bryan's next round of business cards will give his job title as "firefighter."





T7 Practical Web Site Development and Maintenance with Perl--A Cookbook Approach NEW
Mark-Jason Dominus, Consultant

Who should attend: Programmers moderately experienced in Perl and CGI/HTML who would like to automate their Web sites so that they can get more done with less work. This is not a class for non-programmers--we will be doing a lot of Perl code-reading.

With the proliferation of Web sites, the problem of maintenance has become almost unmanageable. Every Web site needs a person to update databases, send and answer mail, and handle membership sign-ups and account expiration, password protection, and a host of other tasks. Or do they? This tutorial will show, with numerous real-life examples, how a Web site can be largely automated, leaving the site maintainer free to handle only the exceptional cases.

Topics include:

  • Dynamically creating and expiring user accounts
  • Checking for password sharing
  • Sending out membership newsletters
  • Responding to "remove" requests
  • Automatic site updates (images and text)
  • Automatic newsgroup posting (e.g., monthly FAQ posting)
  • Daily/weekly/monthly reporting
  • Referral tracking/reporting
  • Link exchanges (and checking for dead links)
  • Database synchronization, searching, and updating

We'll use Web-based modules from CPAN and explain their interfaces. We will also pay special attention to file locking, synchronization, error checking, reporting, and recovery, and to the special needs of the asynchronous environment the Web provides. For each example we will present a problem, discuss the conceptual overview, and delve into the code to solve it. Using these examples, attendees will easily be able to implement solutions on their own sites. In all cases, issues of scalability will be discussed. The instructor's wide range of experience will give the students the perspective they need to plan for their needs.

Mark-Jason Dominus (T7) has been using Perl for Web application dominus_mark-jasondevelopment and site management since 1994, for large organizations such as Estee Lauder, the University of Pennsylvania, and Time-Warner. He is a regular contributor to the Perl Journal and is the managing editor of www.perl.com.




T8 Managing and Being Managed NEW
Steve Johnson, Transmeta; Dusty White, Consultant

Technical people develop and communicate facts. Facts tend to be discussed in terms of "black or white" or "right or wrong." As a manager, there is a need to develop and communicate in a way that addresses less objective issues such as intentions, visions, plans, and processes. Managers find themselves concerned with issues such as trust, support, and compromise, which are difficult to quantify.

People who get asked to manage others typically have strong technical and leadership skills. Perhaps you know such a person who, shortly after becoming a manager, seemingly became "a different person," even felt like a failure as a manager. And you know it wasn't for lack of trying to do a good job. They appeared not to know what to expect, seemed unprepared to deal with the issues that confronted them daily, apparently didn't get the bigger picture, and showed no sign of understanding how to use the power and influence that (apparently) went with the job.

We believe that becoming an effective technical manager requires:

  • Understanding the differences between management and technical work, even technical leadership.
  • Realizing that management skills can be learned and developed.
  • Accepting responsibility for your own growth as a manager--focusing on communication, being open to feedback, always trying and evaluating new ways of managing.

We give an overview of the management process, concentrating on techniques that can be applied immediately. These should help managers manage better. Non-managers will learn to understand and relate better to managers and will get a feeling for what a managerial job might be like for them in the future.

Topics include:

  • Communication
    • How to communicate better
    • How to know when you have been heard
    • Reaching agreement through negotiation
    • Giving and receiving feedback
    • Dealing with difficult people
  • The difference between leadership and management
  • Technical people managing other technical people: common mistakes and how to avoid them
  • Trust: how to build it and keep it
  • Power: what it is, and its role in management
  • How to make decisions gracefully
  • Meetings: why they are deadly, and how to improve them
  • Getting everyone "on the same page"
  • The war between process and content

Steve Johnson (T8) has been a technical manager for johnson_steve_BW nearly two decades, in both large and small companies. At AT&T, he is best known for writing Yacc, Lint, and the Portable C Compiler. He served as the head of the UNIX Languages Department at AT&T's Summit Labs and has been involved in a number of Silicon Valley startup companies. He served for ten years on the USENIX Board of Directors, four of them as president. He presented an invited talk on management at LISA '97, he has taught USENIX tutorials on technical subjects, and he has led management training seminars at Transmeta.

Dusty White (T8) was an early employee of Adobe, dusty_white where she served in a variety of managerial positions. She now works as a management consultant in Silicon Valley, where she acts as a trainer, coach, and troubleshooter for technical companies.




T9 Network Security Profiles: A Collection (Hodgepodge) of Stuff Hackers Know About You
Brad Johnson, SystemExperts Corporation

Who should attend: Network, system, and firewall administrators; security auditors and those who are audited; people involved with responding to intrusions or responsible for network-based applications or systems that might be targets for hackers. Participants should understand the basics of TCP/IP networking. Examples will use actual tools and will also include small amounts of HTML, JavaScript, and Tcl.

This course will be useful for anyone with any TCP/IP-based system--a UNIX, Windows NT, or mainframe operating system, or a router, firewall, or gateway network host.

Whether network-based host intrusions come from the Internet, an extranet, or an intranet, they typically follow a common methodology: reconnaissance, vulnerability research, and exploitation. This tutorial will review the tools and techniques hackers (determined intruders) use to perform these activities. You will learn what types of protocols and tools they use, and you will become familiar with a number of current methods and exploits. The course will show how you can generate vulnerability profiles of your own systems. Additionally, it will review some of the important management policies and issues related to these network-based probes.

The course will focus primarily on tools that exploit many of the common TCP/IP-based protocols, such as WWW, SSL, DNS, ICMP, and SNMP, that underlie virtually all Internet applications, including Web technologies, network management, and remote file systems. Some topics will be addressed at a detailed technical level. This course will concentrate on examples drawn from public domain tools, because these tools are widely available and commonly used by hackers (and are free for you to use).

Topics include:

  • Profiles: what can an intruder determine about your site remotely?
  • Review of profiling methodologies: different "viewpoints" generate different types of profiling information
  • Techniques: scanning, on-line research, TCP/IP protocol "mis"uses, denial of service, hacking clubs
  • Important intrusion areas: discovery techniques, SSL, SNMP, WWW, DNS
  •  
  • Tools: scotty, strobe, netcat, SATAN, SAINT, ISS, mscan, sscan, queso, curl, Nmap, SSLeay/upget
  • Management issues: defining policies and requirements to minimize intrusion risk

Topics not covered:

  • Social engineering
  • Buffer overflow exploits
  • Browser (frame) exploits
  • Shell privilege escalation

Brad Johnson (T9) johnson_bradC is Vice President of Consulting of SystemExperts Corporation. He has participated in seminal industry initiatives like the Open Software Foundation, X/Open, and the IETF, and has published often about open systems. Brad has served as a technical advisor to organizations such as Dateline NBC and CNN on security matters.

Prior to joining SystemExperts, Brad was one of the original members of the DCE Evaluation Team, the group that identified, evaluated and selected technology to become the industry's first true interoperable middleware. Brad was also the engineering project manager to complete the integration of those technologies and the project leader for the first three major releases. Prior to OSF, Brad was a principal software engineer/project leader for Digital Equipment Corporation, a technical staff member at Data General Corporation and before that, a technical staff member at Bell Telephone Laboratories.

Brad holds a Bachelor of Arts degree in Computer Science from Rutgers University and a Master of Science degree in Applied Management from Lesley College.

T10 Special Topics in Sendmail: Sendmail 8.10 and Sendmail Security NEW
Eric Allman and Gregory Neil Shapiro, Sendmail, Inc.

Who should attend: UNIX system and network administrators familiar with or responsible for sendmail. This tutorial is targeted at those who want to learn how to convert their sites to sendmail 8.10, and at those who want to better understand sendmail security, particularly on firewalls and other similar systems. This two-part tutorial is not an introduction to sendmail.

Sendmail 8.10, the latest release of Open Source sendmail from Sendmail, Inc., has many new features. In many cases mail administrators can just compile the new release of sendmail and use their old configuration files, but "power users" may wish to utilize the many new capabilities. This tutorial discusses the new features in version 8.10 of sendmail.

Topics include:

  • SMTP Authentication, allowing cryptographic authentication in SMTP to gain additional privileges, such as ability to relay
  •  
  • Performance improvements, including multiple queues, memory-buffered pseudo-files, and more control over resolver timeouts
  • The new "message submission agent" port, as defined by RFC 2476
  • Ability to connect to servers running on named sockets
  • Changes to support IPv6
  • Better LDAP integration and support for LDAP-based routing
  • Improved support for virtual hosting
  • Several new map classes, including ph, arith, and macro

Time permitting, musings on the future direction of sendmail will be indulged in.

Sendmail is a powerful Mail Transport Agent that can be configured for many different environments, from firewalls through workstation mail servers. These environments have different security requirements; in particular, in a pure relay configuration (with no local user accounts or delivery) sendmail can be configured to relinquish root permissions. This is a fast-paced tutorial intended for system and network administrators who are already familiar with configuring and administering sendmail.

Topics include:

  • Principles of sendmail security
  • How to configure sendmail on systems that have special security requirements, such as firewalls
    • Configuring sendmail to run as a non-root user
    • Running sendmail in a "chroot"ed jail
  • How to (and when to) relax sendmail's file security checks

Eric Allman (S2, T10) Eric Allman wrote sendmail, leads allman_eric sendmail.org, and is CTO of Sendmail, Inc. Eric was the lead programmer for the INGRES database management and the Mammoth infrastructure projects and authored syslog, tset, the -me troff macros, and trek, developed a commercial client/server implementation, helped develop a first-generation window system, and contributed to the Ring Array Processor Project. He has been a member of the Board of Directors of the USENIX Association. Eric received his M.S. in Computer Science from U.C. Berkeley. He collects wines, which he stashes in the cellar of the house he shares with Kirk McKusick, his partner of 20-and-some-odd years.


Gregory Neil Shapiro (T10) began his professional shapiro_gregory career as a systems administrator for Worcester Polytechnic Institute (WPI). There he became involved with beta-testing the BIND name-server, the sendmail mail-transfer agent, and other UNIX utilities such as emacs and screen. He contributed the secure zones functionality included in BIND 4.9.X. His involvement with sendmail grew into assisting in supporting sendmail by joining the Sendmail Consortium and later increased to include code maintenance and release assistance. As Lead Engineer at Sendmail, Inc., he has continued to support the open source version while working on Sendmail Pro, the commercial version.



?Need help? Use our Contacts page.
Last changed: 1 June 2000 jr
Conference index
Events Calendar
USENIX home