(Monday, Tuesday, Wednesday) |
By Instructor | All in One File
M1 Advanced Solaris System Administration Topics
Peter Baer Galvin, Corporate Technologies
Who should attend: UNIX administrators who need more knowledge of Solaris administration.
We will discuss the major new features of recent Solaris releases, including which to use (and how) and which to avoid. This in-depth course will provide the information you need to run a Solaris installation effectively. Updated to include Solaris 8 and several other new topics.
Peter Baer Galvin, (M1) is the chief technologist for
Corporate Technologies, Inc., and was the systems manager for Brown University's
Computer Science Department. He has written articles for Byte and other
magazines, is a columnist for SunWorld, and is co-author of the Operating
Systems Concepts and the Applied Operating Systems Concepts textbooks. Peter has
taught tutorials on security and systems administration and has given talks at
many conferences and institutions.
Who should attend: Anyone with a computer science degree or the equivalent experience who is not an expert in computer security. IT managers who need to understand how to evaluate risk, what the dangers are, and what countermeasures are available. We will emphasize issues of importance to system administrators.
As more and more of our lives move online, we are exposing more of ourselves to often untraceable, malicious, and automated attack: credit card numbers, data, a group of machines that we manage, our time, our privacy. This tutorial seeks to sweep a broad brush across the field of computer security, addressing in particular the practical aspects of the field.
Avi Rubin (M2) is Principal Researcher at AT&T Labs and a member of the
Board of Directors of USENIX. He has been researching issues in computer
security since 1991. Rubin is the author of two books on computer security:
White-Hat Security Arsenal (Addison Wesley, 2001) and Web Security Sourcebook
(with Dan Geer and Marcus Ranum, John Wiley &Sons, 1997). He is the author
of dozens of refereed conference and journal papers, and co-authored two
chapters of Peer-to-Peer (O'Reilly,2001). Rubin is also an Associate Editor of
Electronic Commerce Research Journal. His latest research project, Publius, a
system for circumventing censorship on the Internet, won the Index on
Censorship's Freedom of Expression Award.
Who should attend: Application programmers and kernel developers. You should be reasonably familiar with C programming in the UNIX environment, but no prior experience with the UNIX or Linux kernel code is assumed.
This tutorial will give you an introduction to the structure of the Linux kernel, the basic features it provides, and the most important algorithms it employs.
The Linux kernel aims to achieve conformance with existing standards and compatibility with existing operating systems; however, it is not a reworking of existing UNIX kernel code. The Linux kernel was written from scratch to provide both standard and novel features, and takes advantage of the best practice of existing UNIX kernel designs.
Although the material will focus on the release version of the Linux kernel, it will also address aspects of the development kernel codebase where its substance differs. It will not contain any detailed examination of the source code but will, rather, offer an overview and roadmap of the kernel's design and functionality.
Theodore Ts'o (M3) has been a Linux
kernel developer since almost the very beginnings of Linux--he implemented POSIX
job control in the 0.10 Linux kernel. He is the maintainer and author for the
Linux COM serial port driver and the Comtrol Rocketport driver. He architected
and implemented Linux's tty layer. Outside of the kernel, he is the maintainer
of the e2fsck filesystem consistency checker. Ted is a Senior Technical Staff
Member of IBM's Linux Technology Center.
Who should attend: Network and system administrators interested in real-life, practical, host- and network-based monitoring of their systems and networks. Participants should have an understanding of the fundamentals of networking, basic familiarity with computing and network components, and some familiarity with UNIX and scripting languages.
This tutorial will introduce the concepts and functions of monitoring systems and will describe the Simple Network Management Protocol (SNMP). It will review some of the most popular monitoring tools and will cover the installation and configuration of a number of freely available monitoring packages. The emphasis will be on the practical, and the tutorial will provide examples of easy-to-implement monitoring techniques.
John Sellens (M4) has been involved in system and
network administration since 1986 and is the author of several related USENIX
papers and a number of ;login: articles, including the "On Reliability"series
and SAGE booklet. He has a Master's degree in computer science from the
University of Waterloo and is a chartered accountant. He is currently the
General Manager for Certainty Solutions (formerly known as GNAC) in Toronto.
Prior to joining Certainty, John was the Director of Network Engineering at
UUNET Canada, and he was a staff member in computing and information technology
at the University of Waterloo for 11 years.
Who should attend: System administrators who want to learn more about the sendmail program, particularly details of configuration and operational issues (this tutorial will not cover mail front ends). This intense, fast-paced tutorial is aimed at people who have already been exposed to sendmail. It describes the latest release of sendmail from Berkeley, version 8.12.
M6 Socket Programming NEW
George V. Neville-Neil, Neville-Neil Consulting
Who should attend: Anyone whose responsibility it is to write or maintain code that uses the sockets API. The ability to read C code is required. A basic understanding of computer networks is a plus.
The sockets API is the most widely used and accepted set of interfaces for implementing client/server network applications. It is implemented on all flavors of UNIX, the Windows platform, and many embedded operating systems (VxWorks, PSOS, etc.). Familiarity with this API set is a must for anyone who writes or maintains network applications.
This course uses working examples to teach software engineers and programmers how to use the sockets API to create their own client and server applications. The differences between the TCP and UDP transport protocols for network applications are highlighted throughout so that the student comes away with a clear understanding of when it is appropriate to use which technology.
M7 UNIX Security Threats and Solutions NEW
Matt Bishop, University of California, Davis
Who should attend: Anyone interested in threats to UNIX security and how to deal with them.
This tutorial uses case histories to show what vulnerabilities the attackers exploited, how the system administrators might have closed those loopholes, and how the intruders were discovered. Concepts and mechanisms, as well as publicly available tools, are discussed. This course focuses on non-network problems.
M8 FreeBSD Kernel Internals: Data Structures, Algorithms, and NetworkingPart 1
Marshall Kirk McKusick, Author and Consultant
Who should attend: This two-day course provides a broad overview of how the FreeBSD kernel implements its basic services. It will be most useful to those who need to learn how these services are provided. Individuals involved in technical and sales support can learn the capabilities and limitations of the system; applications developers can learn how to effectively and efficiently interface to the system; systems programmers without direct experience with the FreeBSD kernel can learn how to maintain, tune, and interface to such systems. This course is directed to users who have had at least a year of experience using a UNIX-like system and the C programming language. They should have an understanding of fundamental algorithms (searching, sorting, and hashing) and data structures (lists, queues, and arrays). Students will not need to prove relationship with a source license holder, as source code examples will be taken from the freely distributable FreeBSD system.
This course will provide a firm background in the FreeBSD kernel. The POSIX kernel interfaces will be used as examples where they are defined. Where they are not defined, the FreeBSD interfaces will be described. The course will cover basic kernel services, process structure, virtual and physical memory management, scheduling, paging and swapping. The kernel I/O structure will be described showing how I/O is multiplexed, special devices are handled, character processing is done, and the buffer pool is managed. The implementation of the filesystem and its capabilities including updates will be described. The filesystem interface will then be generalized to show how to support multiple filesystem types such as Sun Microsystem's Network File System (NFS). The course will also cover the FreeBSD socket-based network architecture, layering, and implementation. The socket communications primitives and internal layering will be discussed, with emphasis on the interfaces between the layers; the TCP/IP implementation will be used as an example. A discussion of routing issues will be included. The presentations will emphasize code organization, data structure navigation, and algorithms. It will not cover the machine specific parts of the system such as device drivers.
Marshall Kirk McKusick (M8, T8) writes
articles, consults, and teaches classes on UNIX- and BSD-related subjects. While
at the University of California at Berkeley, he implemented the 4.2BSD fast
filesystem and oversaw the development and release of 4.3BSD and 4.4BSD. His
particular areas of interest are the virtual-memory system and the filesystem.
He earned a B.S. in Electrical Engineering from Cornell University. At the
University of California at Berkeley, he received Master's degrees in computer
science and business administration, and a doctoral degree in computer science.
He is past president and a current member of the USENIX Board of Directors and
is a member of AAAS, ACM, and IEEE.
Secure Software NEW
Who should attend: Developers, architects, and managers charged with developing code for security-critical and mission-critical projects (e.g., code that is intended to live on the Net), and security practitioners who must grapple with software security issues such as code review and risk analysis. Participants should have some familiarity with software development. Code examples include C, Java, and Python. This tutorial is based on material found in the book Building Secure Software, published by Addison-Wesley in their Professional Computing series.
What do wireless devices, cell phones, PDAs, browsers, operating systems, network services, public key infrastructure, and firewalls have in common? The answer is "software." Software is everywhere, and it is not usually built to be secure. This tutorial explains why the key to proactive computer security is making software behave. With software complexity growing alarmingly--the source code base for Windows XP is 40 million lines--we have our work cut out for us. Clearly, the penetrate-and-patch approach is non-optimal. Even worse is bolting security mechanisms on as an afterthought. Building software properly, both at the design and the implementation level, is a much better approach. This tutorial takes an in-depth look at some common software security risks, including buffer overflows, race conditions, and random number generation, and goes on to discuss essential guidelines for building secure software. A risk-driven approach to software security which integrates analysis and risk management throughout the software lifecycle is the key to better computer security.
Gary McGraw (T1) Cigital Inc.'s CTO, researches soft
ware security and sets technical vision in the area of software risk management.
Dr. McGraw is co-author of four popular books: Java Security (Wiley, 1996),
Securing Java (Wiley, 1999), Software Fault Injection (Wiley 1998), and Building
Secure Software (Addison-Wesley, 2001). He consults with major e-commerce
vendors, including Visa, MasterCard, and the Federal Reserve, functions as
principal investigator on several government grants, and serves on commercial
and academic advisory boards. Dr. McGraw holds a dual Ph.D. in cognitive science
and computer science from Indiana University and a B.A. in philosophy from UVa.
Who should attend: Anyone who is designing, implementing, or maintaining a UNIX environment with 2 to 20,000+ hosts. System administrators, architects, and managers who need to maintain multiple hosts with few admins.
This tutorial won't propose one "perfect solution." Instead, it will try to raise all the questions you should ask in order to design the right solution for your needs.
Lee Damon (T2) holds a B.S. in speech communication
from Oregon State University. He has been a UNIX system administrator since 1985
and has been active in SAGE since its inception. He has developed several
large-scale mixed environments. He is a member of the SAGE Ethics Working Group
and was one of the commentators on the SAGE Ethics document. He has championed
awareness of ethics in the system administration community, including writing
ethics concerns into policy documents.
Who should attend: Software engineers, application architects and developers, kernel developers, device driver writers, system administrators, performance analysts, capacity planners, Solaris users who wish to know more about the system they're using and the information available from bundled and unbundled tools, and anyone interested in operating system internals.
The installed base of Solaris systems being used for various commercial data-processing applications across all market segments and scientific computing applications has grown dramatically over the last several years, and it continues to grow. As an operating system, Solaris has evolved considerably, with some significant changes made to the UNIX SVR4 source base on which the early system was built. An understanding of how the system works is required in order to design and develop applications that take maximum advantage of the various features of the operating system, to understand the data made available via bundled system utilities, and to optimally configure and tune a Solaris system for a particular application or load.
Topics include the major subsystems of the Solaris 8 kernel. We review the major features of the release and take a look at how the major subsystems are tied together. We cover in detail the implementation of Solaris services (e.g. system calls) and low-level functions, such as synchronization primitives, clocks and timers, and trap and interrupt handling. We discuss the system's memory architecture; the virtual memory model, process address space and kernel address space, and memory allocation. The Solaris process/thread model is discussed, along with the kernel dispatcher and the various scheduling classes implemented and supported. We cover the Virtual File System (VFS) subsystem, the implementation of the Unix File System (UFS), and file IO-related topics.
All topics are covered with an eye to the practical application of the information, such as for performance tuning or software development. Solaris networking (topics related to TCP/IP and STREAMS) is not covered in this course.
After completing this course, participants will have a solid understanding of the internals of the major areas of the Solaris kernel that they will be able to apply to systems performance analysis, tuning, load/ behavior analysis, and application development.
James Mauro (T3) is a Senior Staff Engineer
in the Performance and Availability Engineering group at Sun Microsystems.
Jim's current projects are focused on quantifying and improving enterprise
platform availability, including minimizing recovery times for data services and
Solaris. He co-developed a framework for system availability measurement and
benchmarking and is working on implementing this framework within Sun. Jim
co-authored Solaris Internals: Architecture Tips and Techniques (Sun
Microsystems Press/Prentice Hall, 2000).
Who should attend: System and network administrators who are interested in picking up several new technologies in an accelerated manner. The format consists of six topics.
Trent Hein (T4, W4) is co-founder
of Applied Trust
Engineering. Previously, he was the CTO at XOR Inc., where he focused on using
UNIX and Linux in production-grade commercial environments.Trent worked on the
4.4 BSD port to the MIPS architecture at Berkeley, is co-author of both the UNIX
Systems Administration Handbook and the Linux Administration Handbook, and holds
a B.S. in computer science from the University of Colorado. Email him at
Who should attend: People with system administration duties, advanced-beginner to intermediate Perl experience, and a desire to make their jobs easier and less stressful in times of sysadmin crises.
Perl was originally created to help with system administration, so it is a wonder that there isn't more instructional material devoted to helping people use Perl for this purpose. This tutorial hopes to begin to remedy this situation by giving you six solid hours of instruction geared towards putting your existing Perl knowledge to practice in the system administration realm.
The morning section will concentrate on the power of Perl in this context. Based on the instructor's O'Reilly book, we'll take a multi-platform look at using Perl in cutting-edge and old-standby system administration domains. This jam-packed survey will include:
At the end of the day, you'll walk away from this class with Perl approaches and techniques that can help you solve your daily system administration problems. You'll have new ideas in hand for writing small Perl programs to get you out of big sysadmin pinches. And on top of all this, you are also likely to deepen your Perl knowledge.
David N. Blank-Edelman (T5) is the Director of
Technology at the Northeastern University College of Computer Science and the
author of Perl for System Administration (O'Reilly). He has spent the last 15
years as a system/network administrator in large multi-platform environments and
has served as Senior Technical Editor for the Perl Journal. He has also written
many magazine articles on world music.
Who should attend: System and network administrators who implement or maintain intrusion detection systems, managers charged with selecting and setting intrusion detection requirements, and anyone who wants to know the details of how to make intrusion detection work. Familiarity with TCP/IP networking is a plus.
In today's increasingly networked world, intrusion detection is essential for protecting resources, data, and reputation. It's a rapidly evolving field with several models and deployment methods from which to choose.
After taking this tutorial, attendees will understand the fundamental concepts of intrusion detection and will gain practical insights into designing, deploying, and managing intrusion detection systems in the real world.
Mark Mellis (T6) is a consultant with SystemExperts Corporation. Over the past two years, Mark has assisted several premier Internet companies in responding to major network attacks and has designed and implemented robust infrastructure to limit future exposure. Mark was the Principal of Mellis and Associates, where he provided network consulting services to various high-tech firms. Mark attended the University of Washington, where he studied physics.
T7 Practical UNIX Cryptography NEW
Craig Hunt, WroteTheBook.com
Who should attend: System administrators interested in using the cryptographic tools that are now available for UNIX. System administrators interested in practical configuration examples will benefit the most. Attendees need basic system administration skills and knowledge of UNIX configuration to reap the greatest benefit from this course.
Export restrictions have eased, and the RSA patent has expired, removing legal barriers to strong encryption. Soon all Linux and UNIX systems will ship with built-in cryptographic capabilities. System administrators need to understand what those tools can and cannot do for them and how to use the tools. This course outlines the current state of cryptographic support in UNIX and shows attendees how to make use of SSL and SASL services. The network protocols that underlie these cryptographic services are described. Practical advice about using strong authentication and encrypted data streams is given. This tutorial provides detailed, practical examples of installing, configuring, and using OpenSSL and SASL to support encryption for applications such as Apache. Installation, configuration and use of encryption tools such as SSH and GPG are also covered.
T8 FreeBSD Kernel Internals: Data Structures, Algorithms, and NetworkingPart 2
Marshall Kirk McKusick, Author and Consultant
Please see the description under M8.
Marshall Kirk McKusick (M8, T8) writes books and articles, consults, and teaches classes on UNIX- and BSD-related subjects. While at the University of California at Berkeley, he implemented the 4.2BSD fast filesystem and oversaw the development and release of 4.3BSD and 4.4BSD. His particular areas of interest are the virtual-memory system and the filesystem. He earned a B.S. in Electrical Engineering from Cornell University. At the University of California at Berkeley, he received Master's degrees in computer science and business administration, and a doctoral degree in computer science. He is past president and a current member of the USENIX Board of Directors and is a member of AAAS, ACM, and IEEE.
W1 Blueprints for High Availability:
Designing Resilient Distributed Systems
Who should attend: Beginning and intermediate UNIX system and network administrators, and UNIX developers concerned with building applications that can be deployed and managed in a highly resilient manner. A basic understanding of UNIX system programming, UNIX shell programming, and network environments is required.
This tutorial will explore procedures and techniques for designing, building, and managing predictable, resilient UNIX-based systems in a distributed environment. We will discuss the trade-offs among cost, reliability, and complexity.
Evan Marcus (W1), who has 14 years of experience in
UNIX systems administration, is now a Senior Systems Engineer and High
Availability Specialist with VERITAS Software Corporation. At Fusion Systems and
OpenVision Software, Evan worked to bring the first high-availability software
application for SunOS and Solaris to market. He is the author of several
articles and talks on the design of high availability systems and is the
co-author, with Hal Stern, of Blueprints for High Availability: Designing
Resilient Distributed Systems (John Wiley & Sons, 2000).
Who should attend: Users, administrators, managers, and others interested in learning about some of the fundamental security and usage issues around wireless IP services. This tutorial assumes some knowledge of TCP/IP networking and client/server computing, the ability or willingness to use administrative GUIs to set up a device, and a general knowledge of common laptop environments.
Whether you like it or not, wireless services are popping up everywhere. And you and your organization will be responsible for understanding and managing the devices you possess. Since the purpose of wireless is to share data when you aren't directly attached to a wired resource, you need to understand the fundamental security and usage options. In this tutorial we will cover a number of topics that affect you in managing and using wireless services. Some of the topics will be demonstrated live using popular wireless devices.
Brad C. Johnson (W2) is vice president of SystemExperts Corporation. He has participated in the Open Software Foundation, X/Open, and the IETF, and has often published about open systems. Brad has served as a security advisor to organizations such as Dateline NBC and CNN. He is a frequent tutorial instructor and conference speaker on network security, penetration analysis, middleware, and distributed systems. He holds a B.A. in computer science from Rutgers University and an M.S. in applied management from Lesley University.
W3 Building Honey Pots for Intrusion Detection NEW
Marcus Ranum, NFR Security, Inc.
Who should attend: System and network managers with administrative skills and a security background. The tutorial examples will be based on UNIX/Linux. While the materials may be of interest to a Windows/NT administrator, attendees will benefit most if they have at least basic UNIX system administration skills.
This class provides a technical introduction to the art of building honey pot systems for intrusion detection and burglar-alarming networks. Students completing this class will come away armed with the knowledge that will enable them to easily assemble their own honey pot, install it, maintain it, keep it secure, and analyze the data from it.
Marcus Ranum (W3) is founder and CTO of NFR
Security, Inc. He has been working in the computer/network security field for
over 14 years and is credited with designing and implementing the first
commercial Internet firewall product. Marcus also designed and implemented other
significant security technologies, including the TIS firewall toolkit and the
TIS Gauntlet firewall. As a researcher for ARPA, Marcus set up and managed the
Whitehouse.gov email server. Widely known as a teacher and industry visionary,
he has been the recipient of both the TISC Clue award and the ISSA lifetime
achievement award. Marcus lives in Woodbine, Maryland, with his wife, Katrina,
and a small herd of cats.
Who should attend: System and network administrators who are interested in picking up several new technologies in an accelerated manner. The format consists of six topics.
Evi Nemeth (T4, W4), a faculty member in computer sci
ence at the University of Colorado, has managed UNIX systems for the past 25
years, both from the front lines and from the ivory tower. She is co-author of
the UNIX System Administration Handbook. Evi is about to get out of the UNIX and
networking worlds and explore the real world on a sailboat.
Who should attend: Administrators and programmers interested in the potential of the Lightweight Directory Access Protocol (LDAP) and in exploring issues related to deploying an LDAP infrastructure. This tutorial is not a how-to for a specific LDAP server, nor is it an LDAP developers' course. Rather, it is an evaluation of the potential of LDAP to allow the consolidation of existing deployed directories. No familiarity with LDAP or other Directory Access Protocols will be assumed.
System administrators today run many directory services, though they may be called by such names as DNS and NIS. LDAP, the up-and-coming successor to the X500 directory, promises to allow administrators to consolidate multiple existing directories into one. Vendors across operating-system platforms are lending support. Topics include:
W6 System and Network Performance Tuning
Marc Staveley, Soma Networks
Who should attend: Novice and advanced UNIX system and network administrators, and UNIX developers concerned about network performance impacts. A basic understanding of UNIX system facilities and network environments is assumed.
We will explore techniques for tuning systems, networks, and application code. Starting from a single-system view, we'll examine how the virtual memory system, the I/O system, and the file system can be measured and optimized. We'll move on to Network File System tuning and performance strategies. Detailed treatment of network performance problems, including network design and media choices, will lead to examples of network capacity planning. Application issues, such as system call optimization, memory usage and monitoring, code profiling, real-time programming, and controlling response time will be covered. Many examples will be given, along with guidelines for capacity planning and customized monitoring based on your workloads and traffic patterns. Analysis periods for particular situations will be provided. Topics include:
W7 Cisco's Security Features: What They Are, Where to Use Them, How to Configure Them NEW
John Stewart, Digital Island, Inc.
Who should attend: Network and system administrators running Cisco networks, and security professionals.
It's common knowledge that over 85% of all Internet traffic crosses a Cisco product at one time or another. Given this fact, it is obvious that improving security on Cisco products can improve the overall security of your site as well as the overall security of the Internet. However, the security features available in Cisco products can be a discipline in themselves. This class takes a nuts-and-bolts approach to deciding which Cisco security features to use, and when and where to use them. A sample network is used as the basis for the class. For each area, sample uses and actual configuration techniques are discussed. Topics include:
W8 PHP: Scripting the Web NEW
Rasmus Lerdorf, Consultant
Who should attend: Web site designers or programmers working on Web-related projects. No programming background is required, but a basic understanding of HTML and HTTP is assumed.
PHP is a popular scripting language used for creating dynamic Web sites. This tutorial, taught by the original developer of the language, will cover all the main features of the language.
Rasmus Lerdorf (W8) has been designing large-scale
UNIX-based solutions since 1989. In the Open Source community, he is known
mostly as the creator of the PHP scripting language. Rasmus has contributed to a
number of Apache-related projects and is a member of the Apache core team. He
currently lives in the San Francisco Bay Area with his wife, Christine. He can
be reached at firstname.lastname@example.org.