Peter Baer Galvin (T1) is the Chief Technologist for Corporate Technologies, and was the systems manager for Brown University's Computer Science Department. He has written articles for Byte and other magazines, is a columnist for SunWorld, and is coauthor of the Operating Systems Concepts and the Applied Operating Systems Concepts textbooks. Peter has taught tutorials on security and system administration and has given talks at many conferences and institutions.


T2 Managing Samba 2.2 & 3.0 NEW
Gerald Carter, Samba Team/Hewlett-Packard

Who should attend: System administrators who are currently managing Samba servers or are planning to deploy new servers this year. This course will outline the new features of Samba 3.0, including working demonstrations throughout the course session.

Samba is a freely available suite of programs that allows UNIX-based machines to provide file and print services to Microsoft Windows PCs without installing any third-party software on the clients. This allows users to access necessary resources from both PCs and UNIX workstations. As Samba makes its way into more and more network shops all over the world, it is common to see "configuring/managing Samba servers" listed as a desired skill on many job descriptions for network administrators.

Topics include:

• Providing basic file and print services
• Upgrading Samba servers from version 2.2 to 3.0
• Integrating with Windows NT 4.0 and Active Directory authentication services
• Centrally managing printer drivers for Windows clients
• Managing NetBIOS network browsing
• Implementing a Samba primary domain controller along with Samba backup domain controllers
• Migrating from a Windows NT 4.0 domain to a Samba domain
• Utilizing account storage alternatives to smbpasswd (such as LDAP)
• Making use of Samba VFS modules for features such as virus scanning and a network recycle bin

Gerald Carter (M1, T2), a member of the SAMBA Team since 1998, is employed by Hewlett Packard as a Software Engineer, working on SAMBA-based print appliances. He is writing a guide to LDAP for system administrators, to be published by O'Reilly. Jerry holds an M.S. in computer science from Auburn University, where he also served as a network and system administrator. He has published articles with Web-based magazines such as Linuxworld and has authored courses for companies such as Linuxcare. He recently completed the second edition of Teach Yourself SAMBA in 24 Hours (Sams Publishing).



T3 System and Network Monitoring
John Sellens, Certainty Solutions

Who should attend: Network and system administrators interested in real-life, practical, host- and network-based monitoring of their systems and networks. Participants should have an understanding of the fundamentals of networking, basic familiarity with computing and network components, and some familiarity with UNIX and scripting languages.

Participants will leave this tutorial able to immediately start using a number of monitoring systems and techniques that will improve their ability to manage and maintain their systems and networks.

Topics include:

• Monitoring: goals, techniques, reporting
• SNMP: the protocol, reference materials, relevant RFCs
• Introduction to SNMP MIBs (Management Information Bases)
• SNMP tools and libraries
• Other non-SNMP tools
• Security concerns when using SNMP and other tools on the network
• Monitoring applications: introductions, use, benefits and complications, installation and configuration (Big Brother, Nagios, SNIPS, MRTG, Cricket, etc.)
• Special situations: remote locations, firewalls, etc.
• Monitoring implementation roadmap: policies, practices, notifications, escalations, reporting

Who should attend: Intermediate to senior software developers and project managers involved in the building and management of modern software systems.

This tutorial provides practical advice on how to design, build, deploy, and manage Internet-facing systems. We examine the core attributes of Internet systems (scalability, reliability, manageability, maintainability, and security), how to architect and build Internet systems, common mistakes and failures in Internet systems, how to deploy Internet systems, and how to manage Internet systems across their life.

Topics include:

• Building Internet-facing applications
  • Defining attributes of Internet-facing systems
  • System architecture: building to cope with change
  • Operations management: building systems to run
  • Common failures (and how to avoid them) of design, development, process, integration, and deployment
• Deploying Internet applications
  • Thinking about deployment: availability considerations, backend system integration, failure mode analysis, security exposures analysis, production support preparation
  • Business continuity planning
  • Managing Internet applications
  • System availability planning
    • What does the business need?
    • What are the resource implications?
  • Command and control of Internet applications: trust, configuration management, change management, data management
  • The critical elements of managing 24x7 operations
    • Network management (how do we know when something went wrong?)
    • Problem diagnosis (what went wrong?)
    • Disaster recovery procedures (how do we resume service?)
    • Change management (how do we minimize the risk of service disruption?)

Geoff Halprin (T4) has over 25 years of experience in building software systems, from system management tools to network monitoring software and embedded mission-critical billing systems for Internet Service Providers. He has spent more years troubleshooting other peoples programs than he cares to remember. Geoff is also president of SAGE: The System Administrators Guild.



T5 Beyond Shell Scripts: 21st-Century Automation Tools and Techniques NEW
Aeleen Frisch, Exponential Consulting

Who should attend: System administrators who want to explore new ways of automating administrative tasks. Shell scripts are appropriate for many jobs, but more complex operations will often benefit from sophisticated tools.

• Automating installations
  • Vendor-supplied tools
  • Alternative approaches
  • State-of-the-art package control
  • Heterogeneous environments
• Mark Burgess's cfengine package
  • Basic and advanced configurations
  • Uses—installations & beyond; "self-healing" system configurations; data collection; and more
  • When not to use cfengine
• Other tools
  • Expect—automating interactive processes, what to Expect; using it with other tools; security issues
  • Amanda for enterprise backup—prerequisites; configuration; optimizing
  • STEM, a new package for automating network operations—the context and tool capabilities; suggested uses; performance and security issues
  • Nagios to monitor network and device performance—how it works; sample configurations; extending Nagios
  • RRDTool for examining retrospective system data—basic operation; advanced graphing; options for data collection

Aeleen Frisch (T5, W6) has been a system administrator for over 20 years. She currently looks after a pathologically heterogeneous network of UNIX and Windows systems. She is the author of several books, including Essential System Administration (now in its 3rd edition).



T6 Bridges, Routers, Switches, and Internetworking Protocols NEW
Radia Perlman, Sun Microsystems

Who should attend: Anyone who might need to design a protocol, implement a protocol, write network-based applications, or plan or manage a network, or anyone who is just curious about what is really going on under the covers in a network, and how things got the way they are. Anyone with the courage to see things from different angles, and not just parrot orthodoxy. Paradoxically, this tutorial is good as an introduction to people who are incredibly confused by all the terms and don't know where to start, as well as people who have been using this stuff for years, assumed they understood it, and want to see how all the pieces fit.

The concepts of IP addresses, masks, MAC addresses, routing algorithms, domains, switches, bridges, are pervasive when dealing with networks. We all use these terms and configure these things, but what is really going on? What are the implications of choosing a switch vs. a router? What kinds of things can go wrong in a protocol that is misdesigned, misimplemented, or mismanaged? This tutorial describes the major protocols involved in the network infrastructure. It describes conceptually what goes on in the packet switches (both layer 2/bridges and layer 3/routers), as well as the implications on endnodes. It contrasts connection-oriented approaches such as ATM and MPLS with connectionless approaches such as IPv4 and IPv6. It covers the endnode-visible pieces of layer 3, such as neighbor-discovery and address autoconfiguration. It covers intradomain routing algorithms (distance vector such as RIP and link state such as OSPF or IS-IS) and interdomain (BGP). It describes the spanning tree algorithm used by bridges and switches.

Topics include:

• Layer 2 (MAC) addresses
  • Why 6 bytes?
  • Relation to layer 3 addresses (IP)
• Bridges
  • Basic idea
  • Why it's more powerful than a repeater
  • Station address learning and forwarding
  • Spanning tree
• What are switches? "switched Ethernet"
• Connection-oriented networks: ATM, MPLS
• Connectionless protocols: IPv4, IPv6, and comparison with others
• Neighbor discovery (ARP, DHCP)
• Routing (distance vector vs. link state, interdomain vs. intradomain)
• IP Multicast
• NAT

Who should attend: Network, system, and firewall administrators; security auditors and those audited; those responding to intrusions or responsible for applications or systems that might be targets for crackers. Participants should understand the basics of TCP/IP networking. Examples will use actual tools and will also include small amounts of HTML, JavaScript, and Tcl.

This tutorial will review the ways crackers work, what protocols and tools they use, and a number of current methods and exploits. You'll learn how to generate vulnerability profiles of your systems. Additionally, we'll review some important management policies and issues.

• Profiles: what can an intruder determine about your site remotely?
• Review of profiling methodologies: different "viewpoints" generate different types of profiling information
• Techniques: scanning, online research, TCP/IP protocol "mis"uses, denial of service, cracking clubs
• Important intrusion areas: discovery techniques, SSL, SNMP, WWW, DNS
• Tools: scotty, strobe, netcat, ISS, SATAN, SAINT, mscan, sscan, queso, curl, Nmap, SSLeay/upget
• Defining management policies to minimize intrusion risk

Who should attend: Network and security administrators who are charged with implementing network security and looking for Linux-related solutions. Attendees should have a basic understanding of TCP/IP and some experience in configuring network services.

This tutorial will offer extensive configuration examples for Linux-based packet firewalls, common scenarios, and overviews of useful tools that will provide valuable solutions. At the completion of the course, attendees should feel confident in their ability to set up and maintain secure networks with flexible access control. The instructor encourages questions during the presentation.

• Networking overview
• Linux kernel firewall capabilities
• /proc kernel tuning
• Linux 2.4 and Netfilter
  • Table and structure
  • Firewall rules and targets
  • User chains
  • Simple stateful approaches
  • IPChains compatibility
  • Advanced connection tracking
• Performance tuning
• Network address translation
  • Port forwarding
  • Round-robin load balancing
  • SNAT and masquerading
• Sniffers you should fear (and use)
• Traffic monitoring
• Practical solutions to common problems

Joshua Jensen (T8) was the first Red Hat instructor and examiner, and has been with Red Hat for 4 years. In that time he has written and maintained large parts of the Red Hat curriculum: Networking Services and Security, System Administration, Apache and Secure Web Server Administration, and the Red Hat Certified Engineer course and exam. Joshua has worked with Linux for 7 years, and has been teaching Cisco Internetworking and Linux courses since 1998.