|
| |||||||||||||||||||||||||||
|
Tutorials:
Overview |
By Day (Sunday,
Monday, Tuesday) |
By Instructor | All in One File
S1 Real-World Intrusion Detection: Problems and Solutions Phil Cox and Mark Mellis, SystemExperts Corporation Who should attend: System and network administrators who implement or maintain intrusion detection systems, managers charged with selecting and setting intrusion detection requirements, and anyone who wants to know the details of how to make intrusion detection work. Familiarity with TCP/IP networking is a plus. In today's increasingly networked world, intrusion detection is essential for protecting resources, data, and reputation. It's a rapidly evolving field with several models and deployment methods from which to choose. After taking this tutorial, attendees will understand the fundamental concepts of intrusion detection and will gain practical insights into designing, deploying, and managing intrusion detection systems in the real world. Topics include:
Phil Cox (S1, M6)
S2 Advanced Solaris System Administration Topics
Who should attend: UNIX administrators who need more knowledge of Solaris administration. We will discuss the major new features of recent Solaris releases, including which to use (and how) and which to avoid. This in-depth course will provide the information you need to run a Solaris installation effectively. Updated to include Solaris 8 and several other new topics. Topics include:
Upon completion of the course, attendees will know what the IETF has been up to lately, and what to expect in upcoming BIND releases. This tutorial will not be a rehash of prior material--new subjects will be covered.
Peter Baer Galvin (S2)
Who should attend: Anyone who is designing, implementing, or maintaining a UNIX environment with 2 to 20,000+ hosts. System administrators, architects, and managers who need to maintain multiple hosts with few admins. This tutorial won't propose one "perfect solution." Instead, it will try to raise all the questions you should ask in order to design the right solution for your needs. Topics include:
Lee Damon (S4)
Who should attend: System administrators who plan to implement a Linux solution in a production environment. Attendees should be familiar with the basics of system administration in a UNIX/Linux environment: user-level commands, administration commands, and TCP/IP networking. Both novice and intermediate administrators should leave the tutorial having learned something. From a single server to a network of workstations, the Linux environment can be a daunting task for administrators knowledgeable on other platforms. Starting with a single server and finishing with a multi-server, 1000+ user environment, case studies will provide practical information for using Linux in the real world. Topics include:
At the completion of the tutorial, attendees should feel confident in their ability to set up and maintain a secure and useful Linux network. The tutorial will be conducted in an open manner that allows for question-and-answer interruption.
Joshua Jensen
Who should attend: Network, system, and firewall administrators; security auditors and those who are audited; people involved with responding to intrusions or responsible for network-based applications or systems that might be targets for crackers (determined intruders). Participants should understand the basics of TCP/IP networking. Examples will use actual tools and will also include small amounts of HTML, JavaScript, and Tcl. Network-based host intrusions, whether they come from the Internet, an extranet, or an intranet, typically follow a common methodology: reconnaissance, vulnerability research, and exploitation. This tutorial will review the ways crackers perform these activities, what protocols and tools they use, and a number of current methods and exploits. You'll learn how to generate vulnerability profiles of your systems. Additionally, we'll review some important management policies and issues.
We'll focus primarily on tools that exploit many of the common TCP/IP- Topics include:
Topics not covered:
Brad Johnson (S7, M6)
Who should attend: Beginning and intermediate UNIX system and network administrators, and UNIX developers concerned with building applications that can be deployed and managed in a highly resilient manner. A basic understanding of UNIX system programming, UNIX shell programming, and network environments is required. This tutorial will explore procedures and techniques for designing, building, and managing predictable, resilient UNIX-based systems in a distributed environment. We will discuss the trade-offs among cost, reliability, and complexity. Topics include:
Evan Marcus (S8)
Who should attend: System and network administrators who are interested in picking up several new technologies in an accelerated manner. The format consists of six topics spread throughout the day. Logical Volume Management for Linux: Logical volume support for Linux has brought storage flexibility and high availability to the masses. By abstracting physical storage devices, logical volumes let you grow and shrink partitions, efficiently back up databases, and much more. We'll talk about Linux LVM, what you need to get it up and running, and how to take advantage of its many features. Security Packet Filtering Primer: What does the word "firewall" really mean, and how do you set up a packet filter list to implement a basic one? We'll teach you the dos and don'ts of creating a tough packet filter, and talk specifically about capabilities of packages available for Linux. What's New in BIND9? BINDv9 includes a long laundry list of features needed for modern architectures, huge zones, machines serving a zillion zones, co-existence with PCs, security, and IPv6--specifically, dynamic update, incremental zone transfers, DNS security via DNSSEC and TSIG, A6, and DNAME records. We'll talk about the gory details of these new features. Policy and Politics: Many of the policies and procedures followed at a site are carefully filed in the sysadmin's head. With the worldwide Net invading your local site, these secrets need to be written down, run by lawyers, and followed by your sysadmin staff. We will discuss approaches to these tasks, both good and bad, and illustrate with war stories, sample policy agreements, and procedure checklists. Security Crisis Case Studies: Before your very eyes, we'll dissect a set of security incident case studies using many tools available on your system or from the Net. We'll specifically examine how to avoid common security-incident pitfalls. Network Server Performance Tuning: Instead of throwing expensive hardware at a performance problem, consider that kernel and application tuning can yield a performance improvement of several hundred percent. We'll focus on Linux kernel and system tuning, but most of what we cover applies to other UNIX platforms as well.
Evi Nemeth (S9), a faculty member in computer science
SSH, the Secure Shell program, has matured into a popular and powerful tool for secure system access and securely performing remote functions such as rdist. This tutorial will help you navigate the many SSH features and related software and will show how to use SSH in a large networked environment. Topics include:
Steve Acheson (S10) is currently a Computer Security
Who should attend: System administrators with at least advanced-beginner to intermediate experience with Perl who would like a clear understanding of how to use Perl to make their jobs easier. Perl was originally created to help with system administration, so it is a wonder that there's not more instructional material available. This tutorial aims to remedy this situation by presenting a solid three hours of instruction on using Perl for system administration. You are also likely to deepen your knowledge of Perl. Based on the instructor's just-published O'Reilly book, this tutorial will take a multi-platform approach to the subject. We'll be exploring cutting-edge and old standby system-administration topics as they manifest themselves on both UNIX and Windows NT/2000 platforms. Topics include:
David N. Blank-Edelman (S11, S15) is
the Director of
Who should attend: People with system administration duties, advanced-beginner to intermediate Perl experience, and a desire to make their jobs easier and less stressful in times of sysadmin crisis. Perl is an excellent language for rapid development and prototyping. Thanks to the power of the core language and the large body of additional modules, it is often possible to write programs quickly to solve pressing problems. System administrators have no shortage of pressing problems, so knowing how to wield this "swiss-army chain saw" can be a lifesaver. This tutorial will be centered around a set of "battle stories" and the Perl source code used to deal with them. The code presented in this class will be mostly UNIX-based, though the approaches we'll talk about won't be operating-system-specific. Attendees will leave this class with new ideas for writing small Perl programs to get out of big sysadmin pinches.
David N. Blank-Edelman (S11, S15) is
the Director of
Who should attend: Anyone with networked TCP/IP clients who wants to distribute network information to those clients automatically. Attendees should have a basic knowledge of TCP/IP and typical network setup. Attendees should also understand procedures for installing and working with their operating system. DHCP can be used to distribute IP address, router, DNS, WINS, and other information to network clients, without having to manually configure each machine. Topics include:
Greg Kulosa (S16) has been a Unix Systems Administra
|
||||||
 Need help? Use our Contacts page.
Last changed: 21 November 2001 ml |
|
is a
consultant for SystemExperts
Corporation, a consulting firm that specializes in system security and
management. Phil frequently writes and lectures on issues bridging the gap
between UNIX and Windows NT. He is a featured columnist in ;login;, the
USENIX Association Magazine and has served on numerous USENIX program
committees. Phil holds a B.S. in computer science from the College of
Charleston, South Carolina.
Corporation based in the San Francisco Bay Area. Over the past two years, Mark
has distinguished himself by assisting several of the premier Internet companies
in responding to major network attacks, and in designing and implementing robust
infrastructure to limit future exposure. Mark has established a reputation over
the past seventeen years of achieving the highest level of customer satisfaction
in the areas of Unix, Windows & NT, Macintosh, DNS, Internet and intra-net
connectivity, SMTP email, and WAN technologies. Mark attended the University of
Washington, where he studied Physics.
is the chief technologist for
Corporate Technologies, Inc., and was the systems manager for Brown University's
Computer Science Department. He has written articles for Byte and other
magazines, is systems admnistration columnist for SunWorld, and is
co-author of the Operating Systems Concepts and the Applied Operating
Systems Concepts textbooks. As a consultant and trainer, Peter has taught
tutorials on security and systems administration and has given talks at many
conferences.
holds a B.S. in speech communication
from Oregon State University. He has been a UNIX system administrator since 1985
and has been active in SAGE since its inception. He has been a UNIX system
administrator since 1985 and has been active in SAGE since its inception. He
co-developed departmental and company-wide UNIX environments for IBM, GulfStream
Aerospace and QUALCOMM. He is now working in the EE Department at the University
of Washington, and is helping to develop the Nikola UNIX infrastructure there.
(S5)
and examiner, and has been with Red Hat for 3 years. In that time he has written
and maintained large parts of the Red Hat curriculum: Networking Services and
Security, System Administration, and the Red Hat Certified Engineer course and
exam. Joshua has worked with Linux for six years, and has been teaching Cisco
Internetworking and Linux courses since 1998.
is
a vice president of SystemExperts Corporation, a consulting firm that
specializes in system security and management. He is a well-known authority in
the field of secure distributed systems and has recently served as a technical
advisor to both Dateline NBC and CNN on network security matters. He has
participated in seminal industry initiatives, including the Open Software
Foundation, X/Open, and the IETF, and has often published about open
systems.Brad was one of the original members of the OSF DCE Evaluation Team. He
has a B.A. in computer science from Rutgers University and an M.S. from Lesley
College.
is a senior systems engineer and
high availability specialist with VERITAS Software Corporation. Evan has more
than 12 years of experience in UNIX systems administration. While employed at
Fusion Systems and OpenVision Software, Evan worked to bring the first high
availability software application for SunOS and Solaris to market. Evan is the
author of several articles and talks on the design of high availability systems.
at the University of Colorado, has managed UNIX systems for the past 20 years,
both from the front lines and from the ivory tower. She is co-author of the
UNIX System Administration Handbook.
Engineering. He is currently helping with the 3rd edition of the UNIX System
Administration Handbook (by Nemeth, Snyder, and Hein). He has a degree in
computer science from Cornell University and has done research with both the CS
and Engineering Physics departments at Cornell.
System Administration Handbook, and its Linux-focused counterpart, due in
bookstores late this year. He has been teaching tutorials on system
administration at USENIX conferences since 1989, and lately spends most of his
time pondering security methodology for the corporate environment. Trent is
Cisco CCIE-certified and is often known to obsess over system and network
performance issues.
Analyst at Cisco Systems, Inc. where he is a senior member of the Computer
Information Security Department, responsible for network and system security,
including designing internal security architecture and external/firewall access.
Prior to working for Cisco, Steve managed security for NASA's Numerical
Aerospace Simulations facility at Ames Research Center. He has worked in the
field as a System Administrator, Network Engineer and Security Analyst for over
10 years.
Technology at the Northeastern University College of Computer Science and the
author of the new O'Reilly book Perl for System Administration. He has spent the
last 14 years as a system/network administrator in large multi-platform
environments including Brandeis University, Cambridge Technology Group, and the
MIT Media Laboratory. He has served as Senior Technical Editor for the Perl
Journal and has written many magazine articles on world music.
tor for 10+ years. He is currently a Senior consultant, solving a myriad of host
and networking problems for a variety of clients. He has rolled out DHCP to
networks from 2 to 1500 machines (Windows, Macintosh, Linux, Solaris
2.xclients).
LISA 2001 index