Letter from the Program Chairs

Program at a Glance

What's New At LISA

Advanced Topics Workshop

Program Committee

Tutorial Program

About The Instructors

Technical Program

Student Stipends

Vendor Exhibits

Chicago At A Glance

Registration Form

Every year, systems multiply and networks become more complex. You are expected to be at the forefront of technology and manage this increasing complexity while keeping critical functions operating at peak performance. At the 10th LISA Conference, you can join your community and meet with other system administrators to find new strategies for ongoing and new support issues. This year's program will benefit you whether you are a novice or senior-level guru, network admin, or even the manager of these unique individuals.

No matter what your current issues are, you will be able to find a tutorial, paper, or talk that will address your needs. LISA '96 will include 35 tutorials, almost twice as many as in the past and many of them new; 29 peer-reviewed technical presentations; ten invited talks, and the ever-popular Birds-of-a-Feather and Guru Is In sessions. A Works-in-progress session will present the very latest solutions being developed. If you are very experienced, you may want to attend the Advanced Topics Workshop.

The Vendor Exhibition will include many products that vendors hope will allow you to work more efficiently.

LISA is a conference developed by system administrators for system administrators. We understand your concerns and are positive that this year's conference will be worth your time to attend!

Please join us in Chicago from September 29 to October 4. We hope to see you there.

Sincerely,

Helen E. Harrison, SAS Institute Inc.
Amy K. Kreiling, University of North Carolina
Program Co-Chairs

PS: Remember to sign up early for the tutorials and conference. Besides saving up to $100, you will get your first choice of tutorials--many sell out.

PROGRAM AT A GLANCE AND IMPORTANT DATES TO REMEMBER

		SATURDAY, SEPTEMBER 28
On-Site Registration   	     5:00 pm - 9:00 pm
		SUNDAY, SEPTEMBER 29 
On-Site Registration         7:30 am - 9:00 pm
Tutorial Program             9:00 am - 5:00 pm
Welcome Reception            6:00 pm - 9:00 pm
		MONDAY, SEPTEMBER 30
On-Site Registration         7:30 am - 5:00 pm
Tutorial Program             9:00 am - 5:00 pm
		TUESDAY, OCTOBER 1
On-Site Registration         7:30 am - 5:00 pm
Tutorial Program             9:00 am - 5:00 pm
Advanced Topics Workshop     9:00 am - 5:00 pm   
Birds-of a-Feather Sessions  6:00 pm - 10:00 pm  
		WEDNESDAY, OCTOBER 2
On-Site Registration         7:30 am -  6:00 pm 
Refereed Track               9:00 am -  5:00 pm  
Invited Talks Track         11:00 am -  5:00 pm  
Birds-of-a-Feather Sessions  9:00 pm - 11:00 pm  
Vendor Exhibition           12:00 pm -  7:00 pm  
Conference Reception         7:00 pm  -  9:00 pm 
		THURSDAY, OCTOBER 3
On-Site Registration         7:30 am -  5:00 pm	
Refereed Track               9:00 am -  5:30 pm  
Invited Talks Track          9:00 am -  5:30 pm  
Vendor Exhibition           10:00 am -  4:00 pm  
Birds-of -a-Feather Sessions 6:00 pm - 10:00 pm  
		FRIDAY, OCTOBER 4
Refereed Track               9:00 am -  5:30 pm  
Invited Talks Track          9:00 am -  5:30 pm   

NEW AT LISA '96

PGP KEY SIGNING SERVICE

HORROR STORY CONTEST

• The time a user took a troublesome printer to the firing range and brought it back and called the help desk.
• The time your colleague who was fond of Dvorak key layouts accidentally applied his keymaps to the root account.
• The weekend spent recovering from a carriage return typed in haste.
• The storm during which you discovered that your diesel backup power generator worked just fine, but the pump that kept it from flooding wasn't on the backup power supply.

Bring your stories to the Registration Desk on-site. All entries are cheerfully accepted and will be reviewed by the organizers. Winners to be announced after the closing session on Friday. Fabulous prizes will be awarded to the best stories.

CONFERENCE ORGANIZERS

Program Committee:
Paul Evans, Synopsys, Inc.
David L. Kensiski, Cisco Systems
Bill LeFebvre, Group sys Consulting
E. Scott Menter, Enterprise Systems Management
Pat Parseghian, Transmeta
Pat Wilson, Dartmouth College
Elizabeth Zwicky, Silicon Graphics, Inc

Invited Talks Coordinators:
Rik Farrow, Internet Security Consulting
Kimberly Trudel, Massachusetts Institute of Technology

Guru Is IN Coordinator:
Steve Simmons, Inland Sea

Works-In-Progress Coordinator:
Adam Moskowitz, Interval Research Corporation

TUTORIAL PROGRAM

USENIX has expanded its tutorial program to deliver the critical information you need. Delivered by experts, tutorials are intensive, practical, and essential to your professional development. Tutorial fees include printed and bound materials from the tutorials you have selected, CD-ROM, lunch, and admission to the Vendor Exhibits.

Register now to guarantee your first choice--seating is limited.

TUTORIAL OVERVIEW

SUNDAY - TUESDAY, SEPTEMBER 29-OCTOBER 1, 1996

SUNDAY, SEPTEMBER 29

MONDAY, SEPTEMBER 30

TUESDAY, OCTOBER 1

COMPLETE TUTORIAL DESCRIPTIONS

SUNDAY, SEPTEMBER 29

S1: Joining the Internet Safely Using UNIX and Firewalls (9:00am - 5:00pm)
Tina Darmohray, Consultant

Connecting to the Internet is an exciting event for every organization but the security implications can often bring hesitation. This practical course outlines details and examples of UNIX network security and Internet connectivity issues. Site policies and topologies that implement them will be covered, including packet-filtering, application-level, and circuit-level gateways. Overviews of current, publically-available solutions will be provided, focusing on complete examples for configuring an Internet firewall. Prerequisites for this course are a knowledge of TCP/IP, DNS, and Sendmail.

This course will cover:

• Problem definition and design motivation
  - Identify risks associated with Internet connection including:
  -- Valuable data
  -- Motivation to obtain it
  -- Potential Consequences
  
• Nomenclature and design variations
  -- Defining the common firewall terms and topologies
  -- Compare designs and understand their strengths
  
• Implementing firewalls
  - Routers
  -- Purpose
  -- Router-based firewalls
  -- Packet-filtering configuration
  - Gateway/Bastion host security
  -- Router and bastion-host-based firewalls
  -- Host security configuration
  -- Bastion host software: tcpd, smrsh, and challenge-response passwd software
  - Proxy solutions
  -- Misc. public-domain proxies
  -- SOCKS
  -- TIS firewall toolkit
  - Hiding information with DNS
  -- SOA and MX records to support the firewall
  -- Dual-DNS configuration
  - Sendmail configuration
  -- Configuration to operate with firewall topology
  -- Header re-writing to support the firewall
  

S2: Introduction to UNIX System Administration (9:00am-5:00pm)
Frank Fiamingo, Ohio State University

This course provides an introduction to the basic tools and concepts required to successfully administer a UNIX system. It utilizes a step-by-step approach to teach the commands and techniques required to maintain a well-running system, and to diagnose and solve problems.

Topics include:

• Disk partitioning and maintenance
• Installing software & post-installation chores
• Managing user accounts
• Adding new hardware
• Kernel configuration
• Network administration
• Setting up services
• Disk and network file system administration
• Logging and accounting information
• System configuration files
• Security concerns
• Printing
• Sendmail
• Network Information Services
• Backing up and restoring files

Both BSD (SunOS 4.1.X) and SysV (Solaris 2.X) versions of UNIX will be discussed in detail, along with examples from Irix, Digital UNIX and Ultrix.

S3: System and Network Performance Tuning (9:00am-5:00pm)
Hal Stern, Sun Microsystems

This course will explore procedures and techniques for tuning systems, networks, and application code. Starting from the single system view, it will examine how the virtual memory system, the I/O system and filesystem can be measured and optimized. The single host view will expand to include Network File System tuning and performance strategies.

Detailed treatment of networking performance problems will lead to examples of network capacity planning. Application issues will be addressed. Many examples will be given, along with guidelines for capacity planning and customized monitoring based of your workloads and traffic patterns.

Topics include:

• Performance Tuning Strategies (practical goals, monitoring intervals, useful stats, tools)
• Server Tuning (filesystem and disk running memory consumption and swap space, system resource monitoring
• NFS Performance Tuning (server constraints, client improvements, NFS over WANs automounter)
• Network Performance, Design and Capacity Planning (locating bottlenecks, demand management, media choices and protocols, network topologies, throughput and latency considerations, modeling resource usage)
• Application Tuning (system resource usage, memory allocation, code profiling, job scheduling and queueing, real-time issues, managing response time)

S4: Expect - Automating Interactive Applications (9:00am-5:00pm)
Don Libes, NIST

This course explains how to use Expect to automate interactive programs such as telnet, ftp, passwd, rlogin and hundreds of other applications.

It will cover how to test and connect interactive applications with no changes to the underlying programs or access to the original source - a common problem for legacy applications or sites without source code - but of value even with source code.

The course will demonstrate how to wrap interactive programs with Motif-like front-ends using Tk to control applications by buttons, scrollbars, and other graphic elements. Participants will learn to reuse interactive programs in Web applications without rewriting existing code.

Both total and partial automation will be covered, showing how to automate and move interactive tasks into the background with security and reliability.

S5am: Introduction to HTML (9:00am-12:30pm)
Bryan Buus, XOR Network Engineering

This course is an introduction to HTML focusing on its basic properties, Web page design and creation.

Topics include:

• URLS (Uniform Resource Locators)
• HTML conventions and syntax
• HTML document structure
• Basic formatting tags
• Image Maps
• Editors and conversion tools
• HTML errors
• HTML style considerations
• Netscape extensions (images, fonts, backgrounds, and colors)

Participants will know how to create and maintain Web pages many the tricks of the trade used by experienced HTML authors.

S6am: Secure System Administration with Kerberos (9:00am-12:30pm)
Barry Jaspan, Network Security Consultant

Two of the weakest security links in nearly any network are the network's user accounts and the administration tools used to maintain machines. This course will explain how install and deploy Kerberos to secure common system administration tasks and user access to workstations and time-sharing systems. The nuts-and-bolts details of running the system, rather than the cryptographic theory behind its operation, will be stressed.

Topics include:

• Deploying a Kerberos master server, administration server, and multiple slave servers.
• Performing Kerberos administration tasks such as creating and updating user records.
• Using Kerberos to enforce site security policy, including password quality, account expiration and termination, and audit trails of login and service usage activity.
• Installing and using secure application clients and servers, including telnet/d, rlogin/d, rsh/d, rcp, and ftp/d to provide for authenticated and encrypted communication.

The course will also include a discussion of freely and commercially available Kerberos products.

S7 am: Introduction to DNS and BIND (9:00am-12:30pm)
Paul Vixie, Internet Software Consortium

This course will teach you how to install a new name server or to maintain an existing one.

Topics include:

• Basic DNS overview: nodes, RRs, zones
• Which RR types are actually used
• Delegating (creating) subdomains
• Master and slave servers for a zone
• Creating and registering a new zone
• Tips for editing existing zones
• Tools for automatic zone editing
• Resolver (host) configuration
• DNS without BIND: PC configuration

After completing this course, participants will be qualified to act as "hostmaster" for their sites, to allocate host names and addresses, to determine an appropriate subdomain naming convention, and to design and implement a server topology.

S8pm: Advanced HTML Design (1:30pm-5:00pm)
Bryan Buus, XOR Network Engineering

This course is a continuation of the Introduction to HTML, but stands on its own for those with a basic understanding of HTML. It explores some of the more complex HTML formatting tags and techniques.

Topics include:

• Tables - Table definitions - Using tables in non-table browsers
• Frames - Frame syntax and options - Targeting specific frames
• Forms - Form syntax and submit methods - Form markup tags (INPUT, TEXTAREA, SELECT) - Using hidden variables - Examples

• META tags
• Incorporating Java applets
• Netscape plug-ins
• Real-audio
• GIF animations

After completing this course, participants will understand how to use advanced HTML features to create interesting, well-flowing HTML documents.

S9pm: Your Legal Rights And Liabilities as a System Administrator (1:30pm-5:00pm)
Daniel L. Appelman, Heller, Ehrman, White & McAuliffe

This course will focus solely on legal issues of importance to system administrators.

The law as it applies to the electronic media is not always intuitive or obvious. It is especially confusing and unpredictable as it pertains to computer and network system administration. This course provides invaluable information when you or one of your users is confronted with legal issues.

Topics will include the most recent legal developments:

• Email privacy
• Defamation liability
• Intellectual property rights (including copyrights and patents)
• Export compliance

The course will offer specific recommendations about what you can do to minimize your legal liability and clarify the limits of your responsibilities to your employer and other concerned parties.

A companion course on Obscenity, Indecency and the Communications Decency Act is offered on Monday.

S10pm: Advanced Topics in DNS and BIND (1:30pm-5:00pm)
Paul Vixie, Internet Software Consortium

This course will survey the DNS protocol and describe upcoming extensions to it, as well as implementation considerations in BIND.

Topics will include:

• DNS message format
• DNS resource record format
• Zone file format and zone transfers
• Incremental zone transfer
• Dynamic update and deferred update
• Real time change notification
• DHCP interaction
• BIND current status

After completing this course, participants will know what the IETF has been up to and what to expect in upcoming BIND releases.

MONDAY, SEPTEMBER 30

M1: NIS+ (9:00am-5:00pm)
Marc Staveley, Consultant

This course will examine why and how to set up and administer an NIS+ network. There will also be an overview of what NIS+ is and how it differs from NIS.

The course will cover the benefits of NIS+: its integration with DNS, enhanced security, cross-domain and cross-subnet operability, distributed network information, and dynamic binding. Basic concepts such as NIS+ tables, the namespace, and basic will be explained.

Topics include:

• The nsswitch.conf file
• Setting up an NIS+ domain
• Setting security levels
• Bulk loading data
• Integrating with DNS
• An overview of NIS+ commands
• Trouble shooting

M2: New Topics in System Administration (9:00am-5:00pm)
Trent Hein, XOR Network Engineering
Evi Nemeth, University of Colorado, Boulder

Network crisis case studies provide important insights into real-world network problems. We've chosen network and security crises to dissect and correct in front of your eyes.

IPv6 - What will 128-bit IP addresses mean to your site? What features and motivations should you consider when planning your network for the future? We'll give an overview of the IPv6 standard and explain how it relates to your existing environment.

Advanced Routing Protocols - The days of RIP as a useful routing protocol are numbered. As internetworks scale rapidly, you have to look towards protocols such as BGP and OSPF for reliable connectivity. We'll cover the basics of the protocols and explain their use in real-world environments.

Security Auditing 101 - So, you've done everything the experts recommend and more to secure your site. Now, how do you measure how secure your site really is? We'll take you through the anatomy of a security audit from start to finish.

Network Monitoring - Bigger networks need bigger management tools. Until recently, automated network monitoring was implemented as a mish-mash of home grown tools at most sites. Now there are a number of "production" quality tools available both commercially and from the net. We'll explain what a number of these tools do and compare them.

Server Performance - Years ago, sinking more money into a bigger CPU was often the fix for performance problems. With CPUs outperforming many other aspects of machines today, performance problems most often appear in areas such as network bandwidth, software optimization, memory usage, and system configuration. Learn how to tune your modern UNIX box to get the most bang for your buck.

M3: IP version 6: An Introduction (9:00am-5:00pm)
Richard Stevens, Consultant

The current underlying protocol used by TCP/IP applications and the Internet is called "IP version 4" (IPv4). Over the past few years, proposals have been made to replace it with a new version to overcome the addressing limitations. In July 1994 a successor was chosen, IPv6. Since then, numerous working groups have been completing the specifications for all facets of IPv6 and implementations are starting to appear. It is expected that there will be a gradual transition of the Internet to IPv6.

This course is an overview of all aspects of IPv6. It approaches IPv6 from the perspectives of a system administrator who needs to transition a network from pure-IPv4 hosts and routers to a mixture of IPv4 and IPv6 nodes and a programmer who needs to convert applications from IPv4 to IPv6 .

Topics include:

• DNS support
• New socket address structure
• Address conversion functions
• Transition mechanisms
• Automatic tunneling
• Header fields and extension headers
• Source routing
• Path MTU discovery
• Upper-layer issues
• ICMPv6
• Multicasting
• Neighbor discovery
• CIDR
• Anycasting, and
• Mobility

M4: Beginning Perl Programming for UNIX Programmers (updated for Perl 5) (9:00am-5:00pm)
Tom Christiansen, Consultant

Nearly ten years old now, Perl is a robust tool that is the language of choice for systems administrators and toolsmiths, database managers, software test and support engineers, GUI programmers, and World Wide Web programmers. Running on nearly every conceivable platform, Perl is an extremely powerful scripting language for problems previously solved at great effort in the shell or C. Because it incorporates aspects of more than a dozen well-known UNIX tools, experienced UNIX users will come up to speed on Perl rapidly, and even programmers inexperienced at UNIX will learn UNIX through learning Perl.

Topics include: detailed descriptions and numerous examples of the syntax and semantics of the language, its data types and data structures, operators and control flow, regular expressions, I/O facilities, database access, user-defined functions, writing and using library modules, and an easy intro to Perl's object-oriented programming mechanisms. The course will end with a tour of some of the new Perl5 modules includes examples of full applications for Tk-based graphical programming, CGI programs, and client/server programming.

Note: While this course is based on the current release of Perl, version 5.002, it is not intended to be a detailed discourse on all advanced programming constructs now afforded by that release. It is a jump-start course on Perl for experienced UNIX programmers, not an advanced course for previous Perl programmers.

M5: Setting Up And Administering A Web Server (9:00am-5:00pm)
Bryan Buus, XOR Network Engineering

The World Wide Web is the most widely used Internet service. Companies are quickly discovering that they need to be on the Web to provide information to customers and to keep up with the competition. This course describes how to set up and maintain a World Wide Web server on a UNIX platform. The servers covered in the course include the popular and freely-available Apache and NCSA Web servers.

Setting up the web server is only half of the battle. Understanding exactly how the protocol works, what performance issues are critical, what security implications are and other nuances are just some of the important issues that all webmasters need to thoroughly understand. After completing this course, participants should have an in-depth understanding of their server environment and the critical issues surrounding ongoing maintenance.

Topics include:

• The Architecture of the Web
• The HTTP protocol
• Compiling the server
• Server configuration - Creating "virtual hosts" - Resource configuration - Access configuration - Per-user access
• Analyzing and rotating logs
• Registering and announcing the server
• Web-related security issues
• Electronic commerce issues
• Security and the Web - Operating system, CGI, and software considerations - Setting up and configuring SSL (Secure Sockets Layer)
• Server performance issues
• Using multiple servers
• Detecting server problems

M6: IP Network Administration (9:00am-5:00pm)
William LeFebvre, Group sys Consulting

This course will cover essential IP network adminstration, and background knowledge necessary to carry out such administration.

The course will begin with the Internet Model and some basics such as numerical addresses and the fundamentally important protocols: IP, ICMP, UDP, TCP, ARP, RARP. Packet routing (including subnetting) will be included, along with information about the most common UNIX routing daemons, routed and gated. This course will also take a brief look at the domain name system (DNS). Management of the common UNIX network services (telnet, rlogin, etc.) will be examined, along with the primary network service provider daemon, inet. Management of essential RPC services (NIS, NFS, mountd) will be covered as time permits. The course will finish with a section on troubleshooting and information on Internet resources.

M7am: Obscenity, Indecency and the Net: Your Responsibilities as a System Administrator (9:00am-12:30pm)
Daniel L. Appelman, Heller, Ehrman, White & McAuliffe

This course will bring system administrators up to date on their responsibilities for dealing with adult-oriented content on their systems. If the Supreme Court affirms the lower court's rejection of the Communications Decency Act, this course will focus on the other laws which restrict the transmission of obscene and indecent content. If the Supreme Court overturns the lower court and reinstates the CDA, it will focus on the CDA itself and its implications. In either event, attendees will understand the current status of the law and how it affects them.

This course will include specific recommendations about how system administrators can reduce their exposure to liability, clarify their job responsibilities and be more effective in dealing with questionable content.

M8am: Talking Technical - Breaking the Communication Barrier (9:00am-12:30pm)
Maurita Plouff, Expert Innovations

Communication involves not only the speaker and listener, but also their beliefs, pre-conceptions, and roles within the work environment. The different requirements and contexts in technical work and business/managerial work create barriers to understanding. These barriers can place limits on your personal growth as well as on your company's. If you cannot communicate effectively with your manager or your customers, you may lose their trust and recognition. This course will point out the problems in communicating effectively with non-peers, and help you remedy those problems.

Topics include:

• Communications mechanics: the basics
• Happytalk, marketspeak, and the role of jargon
• Defining content: a 3-step process
• Understanding your audience
• Structuring your message to meet your goals
• When to speak, when to present, and when to write
• Closing the loop: decoding feedback

M9am: Sendmail From The Trenches--New (9:00am-12:30pm)
Tina Darmohray, Consultant

This course will focus on real-world problems and configuring solutions, rather than Sendmail design and programming. It is designed to give network administrators an introduction to configuring Sendmail. It will cover the basics of the sendmail.cf file so you can define macros, use DNS MX records, understand rules and rulesets, and rewrite headers. It will then examine ways to:

• Design and implement a mail topology (e.g, a trusted mail hub outside a firewall)
• Support virtual hosts, handle mail for multiple domains
• Interface to popular PC mail solutions
• Establish a POP server

M10pm: Applied JavaScript (1:30pm-5:00pm)
Shawn Instenes, Internet Presence Consultant

This course provides an introduction to JavaScript.

Topics include:

• Advantages of JavaScript over Java
• How to correctly embed JavaScript into Web pages
• How to use JavaScript to validate form data
• Client-dynamic HTML
• Friendly interfaces with JavaScript and frames
• Marquees, animations, and other tricks
• JavaScript security

While the focus of the course is client JavaScript, much of the information will be applicable to Netscape's LiveWire product. After completing this course, participants will be able to apply JavaScript to enhance the interactivity of their Web pages.

M11pm: Effective Meetings: Get More Done in Less Time (1:30pm-5:00pm)
Maurita Plouff, Expert Innovations

Meetings are a fact of life, and larger, more complex projects often involve larger, more complex meetings. Often we wonder "why was that meeting necessary?" A good meeting is necessary, timely, concise, and purposeful. Learn strategies to improve the quality of your meetings, whether you are hosting or attending them.

Topics include:

• Meeting madness: is this meeting necessary?
• Rule #1: know what you want
• Roping 'em in: 3 steps to get an audience
• Great expectations: agenda dos and don'ts
• When you're the leader: special responsibilities
• Be a better participant: a checklist
• What about minutes?
• Meeting secrets: the post meeting review
• Special situatins - mega-meetings - teleconferencing - videoconferencing - translations

M12pm: What's New in Sendmail 8.8 (1:30pm-5:00pm)
Eric Allman, InReference, Inc.

Sendmail 8.8, the latest release of Berkeley sendmail, has many new features. In many cases mail administrators can just compile the new release of Sendmail and use their old configuration files, but there are many new capabilities that "power users" may wish to utilize. This course discusses the new features in version 8.8 of Sendmail.

Topics include:

• New command line flags allowing direct access to Delivery Status Notification features.
• Features to enhance performance under heavy load and avoid certain classes of denial-of- service attacks.
• New SMTP commands to simplify dial-on-demand sites.
• "Anti-Spam" features to allow immediate rejection of messages from evil domains.

This course will also discuss two important features added in 8.7:

• Using the "system service switch" to control access to resources.
• Delivery Status Notification extensions.

Time permitting, musings on the future direction of sendmail will be indulged in.

TUESDAY, OCTOBER 1

T1: Connecting to the Internet (9:00am-5:00pm)
Barb Dijker, Labyrinth Computer Services

This course probes the issues of establishing a dedicated full-time connection to the Internet. A dedicated Internet connection is essential for a wide-area network (WAN) connection to an external environment. This course will cover the issues in choosing a WAN technology and implementation, choosing an Internet Service Provider (ISP), how your internal network may need to adapt, and how to effect the transition seamlessly. It will provide an overview of future WAN technologies.

Topics include:

• WAN technologies overview (PPP, ISDN, 56K, T1, ATM, etc.)
  
• Deciding on a technology and bandwidth
  
• Security considerations: firewall? proxy? wrapper?
  
• Reliability: redundancy? diversity?
  
• External routing issues
  
• Equipment and wiring you'll need
  
• Selecting an Internet Service Provider
  
• Selecting a telco/line provider
  
• Ordering service so it is installed right
  
• Configuring and testing your connection
  
• Step-by-step transistion
  
• Future technologies
  

T2: Sendmail Inside and Out, updated for Sendmail 8.8 (9:00am-5:00pm)
Eric Allman, InReference, Inc.

Sendmail is arguably the most successful UNIX-based mail transfer agent in the world today. However, it has a reputation for being difficult to configure and manage. After introducing a bit of the philosophy and history underlying sendmail.

Topics will include:

• The syntactic elements of the configuration file: mailers, options, macros, classes, headers, precedences and priorities, trusted users, key file definitions, and rewriting rules and rulesets.
• The flow and semantics of rulesets.
• An introduction to SMTP and how Sendmail operates in an SMTP environment.
• Day-to-day management issues, including alias and forward files, "special" recipients, mailing lists, command line flags, tuning, and security.
• How Sendmail interacts with the DNS.
• How to use the M4 configuration package included with Sendmail 8.

This course describes the latest release of Sendmail from Berkeley, version 8.8. (Version 8 or variants thereon is currently shipped or will shortly be shipped by BSDI, Convex, Hewlett-Packard, Sequent, Silicon Graphics, and Sun.) Version 8 includes many of the popular features of IDA Sendmail.

T3: Internet Security for System and Network Administrators (9:00am-5:00pm)
Ed DeHart, Computer Emergency Response Team

This course teaches practical strategies and techniques to combat the threat of intrusions and improve the security of operating systems connected to the Internet. Participants are mandated to provide trustworthy network services. They need to understand security issues, and how to protect their systems on the Internet.

The course will cover fundamental security practices for UNIX system administration. Participants will learn about the latest information on security problems, defensive and offensive strategies, network security, and establishing appropriate site security policy.

After this course, participants will be able to establish and maintain a secure Internet site while protecting the organization's data. Participants will gain familiarity with security tools.

Topics include:

• Latest information on security problems
• UNIX system security
• Network security
• Site security policies

T4: Selected Topics in System Administration (9:00am-5:00pm)
Trent Hein, XOR Network Engineering
Evi Nemeth, University of Colorado, Boulder

Video Conferencing on the Desktop - Ever participated in a video conference at your desktop? You will, and probably sooner than you think. Exciting new desktop video conferencing tools are available today. Learn how to setup software and hold private conferences, as well as join in to technical sessions at conferences like USENIX and IETF from afar.

System Administration Power Tools - Often, system administrators are caught saying "if only I had time to learn how to use that nifty new program." Unfortunately, system administrators usually do so much firefighting that they don't have time to stop and smell the new administration tools. In this overview of readily-available UNIX system administration power tools, we'll discuss packages that are we'll discuss packages that are likely to save you time and increase your salary.

Intro to expect - Perhaps the greatest sysadmin tool to come along since Perl, expect is a high-powered interpreted dialogue language which can act like your hands on the keyboard to perform tricky tasks while you're away, asleep or at play. We'll talk about the basic contructs of the language and write some sample programs.

The Network Crisis Case Studies: At the request of former students, we've put together a set of network problem case studies that will be dissected and corrected in front of your eyes using many tools available on your UNIX system or from the net.

Policy and Politics - Many of the policies and procedures followed at a site are carefully filed in the sysadmin's head. With the worldwide net invading your local site, this folklore needs to be written down, run past lawyers, and followed by your sysadmin staff. We will discuss approaches to these tasks, both good and bad, and illustrate with war stories, sample policy agreements, and procedure checklists.

T5: Solaris System Administration (9:00am-5:00pm)
Marc Staveley, Consultant

This course will be split between describing new methods in Solaris to accomplish the same task as in SunOS (for example, the new NFS filesystem administration commands) and new features in Solaris (for example, the CacheFS filesystem). The course will concentrate on the Solaris 2.5 release.

Topics will include:

• Installation (packages, jumpstart, etc.)
• Booting and halting
• Kernel enhancements (dynamic loading, multi-threaded, layout on disk, /etc/system)
• Networking (NFS, AutoFS Automounter, PPP)
• CacheFS (including Cache Only Clients)
• NIS+ vs. NIS (YP)
• Volume manager (mounting CDs and floppies without root privileges)
• Service access facility (a getty replacement and much more)
• Printing (lpd vs. lpsched, SunSoft Print Client, Print Protocol Converter)
• Sun's Migration CD (making the move from SunOS to Solaris as painless as possible)

T6: CGI and WWW Programming in Perl (9:00am-5:00pm)
Tom Christiansen, Consultant

This course discusses CGI and other WWW programming using Perl with special attention to system security issues. All aspects of writing and processing fill-out forms are covered using the standard CGI.pm module. Some attention is also given to parsing of HTML documents and writing "spiderbots", automata that navigate the Web on their own.i

Topics include:

• An overview of the CGI protocol
  
• A introduction to Perl's OO class libraries
  
• Comparisons with other programming languages
  
• Setting up your server for CGI and SSI
  
• Setuid execution and taint checking
  
• Avoiding the perils of shell escapes and backquotes
  
• The Oxford Safe CGI Perl environment
  
• Data security; server-side includes
  
• CGI-related environment variables
  
• CGI without forms
  
• Debugging your CGI programs
  
• Remote browser and remote user determination
  
• Generating dynamic forms
  
• Multistage ("shopping cart") forms
  
• Credit-card algorithms; file uploads
  
• Non-parsed headers scripts
  
• Backgrounding long-running CGI programs
  
• Using UNIX-domain sockets to serialize access to daemons
  

T7: Security on the World Wide Web (9:00am-5:00pm)
Daniel Geer, OpenMarket, Inc.
Jon Rochlis, BBN Planet

The World Wide Web is perhaps the most important enabler of electronic commerce. It has grabbed the popular imagination and the engineering and marketing efforts of a generation of on-line entrepreneurs and consumers. But it was initially design with little thought to industrial strength security. Numerous proposals have surfaced to secure the Web. This course will survey them with the goal of understanding the strengths and weaknesses of each.

Topics include:

• Client/server network security
• Brief overview of encryption and its role in all security
• Simple schemes (Basic Auth)
• Prevailing protocols (SSL, S-HTTP, PCT)
• IP Security
• Payment protocols (Cybercash, Digicash, OpenMarket, First Virtual, Visa/Mastercard)
• Secure operation (configuration, containment, interaction with firewalls, replication, proxy servers, logging)

T8am: Administering the Network Information Service: Making NIS Work For You (9:00am-12:30pm)
William LeFebvre, Group sys Consulting

The use of Sun's Network Information Service (formerly yellow pages) has become widespread for providing common configurations across a network of workstations. However, NIS out of the box is very much like a wild tiger: dangerous and unpredictable. This course will teach you how to tame the tiger and adapt NIS for effective use in a UNIX network. It discusses NIS's strengths and mechanisms for working around its weaknesses.

The course starts with the basics of NIS configuration and operation, covers details of the information NIS can provide, effective use of netgroups, adding additional maps, management of slave servers, available utilities for maintenance, security and performance concerns, and interaction with DNS. It ends with a frank discussion of NIS's shortcomings and the implementation of possible alternatives to NIS.

It should be noted that although the successor to NIS, NIS+, provides similar functionality to NIS, the commands and techniques for managing the two systems are completely different and the knowledge and experience is not transferable.

T9am: Introduction to NNTP and INN (9:00am-12:30pm)
James Brister and Paul Vixie, Internet Software Consortium

This course covers the basic installation and management of a netnews server using INN.

Topics include:

• Hardware requirements (CPU, memory, disk, etc.)
• Fetching, building and installing INN
• Transport servers vs. reader servers
• Article transfer vs. article replication
• Innxmit, nntplink, and innfeed
• Expire, multiple spindles
• Reports and monitoring
• Troubleshooting

After completing this course, participants will be able to create and maintain INN server hosts, including reader support, transport ("netnews peering") administration, and installation of source code patches to INN.

T10am: Administration of MS Windows NT Server 3.51 (9:00am-12:30pm)
Joe Angarella, QBD Technical Services, Inc.

This course will cover techniques used to administer security and permissions for a Microsoft Windows NT network. Participants will be given a set of solid techniques that can be immediately applied in a Microsoft networking environment.

Participants given a workbook with step-by-step instructions for all material covered. Using the workbook and the material presented, participants will have the tools to administer new and existing MS Windows NT networks, including:

• Establishing user accounts
  
• Creating local and global groups
  
• Creating and modifying user profiles
  
• Creating and modifying login scripts
  
• Establishing home directories
  
• Mapping default drives
  
• Restricting login hours
  
• Restricting workstation access
  
• Passwords and password restrictions
  
• Granting and revoking user and group permissions
  
• User and group file permission
  
• Securing printers in an NT network
  
• Security auditing
  
• Administering advanced user rights

T11pm: TCP/IP Troubleshooting with UNIX (1:30pm-5:00pm)
Jim Hickstein, The NetMarket Co.

The network is down: how do you fix it? This course focuses on a practical problem-solving method, using a diagnostic decision logic table (DDLT) developed by the instructor, based on many years' experience. The DDLT gives step-by-step instructions on what to look at, what it should look like, and how to fix it. Even if it's not your job to fix it, you can help your network administrator by being able to gather vital statistics about the network.

The course focuses on specific examples of network failures, and introduces and amplifies on TCP/IP and Ethernet concepts along the way. Examples are taken from SunOS 4.x and Solaris 2 UNIX systems, but apply in principle to any TCP/IP network.

After this course, participants will be able to follow the DDLT to isolate, diagnose, and correct common failures inTCP/IP networks.

Topics include:

• Using the DDLT
  
• Discovery: Where to look
  
• Name service (/etc/hosts, ping, DNS, NIS and YP, name service switch)
  
• TCP/IP over Ethernet (interfaces, ARP, ICMP, TELNET)
  
• Network Topology and Routing (host and network addressing, subnets, routing tables)

T12pm: Advanced Topics in NNTP and INN (1:30pm-5:00pm)
James Brister and Paul Vixie, Internet Software Consortium

This course will generally survey the NNTP and NNRP protocols, with special attention to reader vs. transport verbs and to the performance implications of "offline news servers" and Netscape Navigator. Obscure INN performance tuning issues will be covered, as will advanced troubleshooting and debugging techniques.

Topics include:

• Falling behind your provider's feed
• Downstream sites falling behind your feed
• Web browsers vs. nnrpd and "fork"
• NNTP streaming vs. innfeed parallelism
• "Getactive" and what to do about it
• Mail <-> news gateways
• Advanced "expire" topics
• Upcoming INN enhancements

After completing this course, participants will know how to diagnose serious but less obvious configuration or utilization problems, and will be able to make informed decisions about complex enterprise-wide netnews topology.

T13pm: Writing Good Stuff: A Practical Guide for Technical Content (1:30pm-5:00pm)
Maurita Plouff, Expert Innovations

We all need to write in our work, but many find it a burdensome task which takes far too long. Learn simple techniques to be able to write clear, concise, compelling material in less time.

Topics include:

• Goal setting
• Audience analysis: who reads it makes a difference!
• How to manage your writing time
• Start-up strategies: avoiding writer's block
• Organizing the information
• First drafts, second drafts, nth drafts: theory and practice
• Editing: a 5-step checklist
• Writing to influence others: special situations - meeting minutes - when you need a paper trail - getting action
• E-mail as an art form

ABOUT THE INSTRUCTORS

Joe Angarella is a Microsoft-certified systems engineer specializing in the Microsoft Back Office product line and professional trainer in MS SQL server administration and MS Visual Basic programming. He is president of QBD Net. In addition, Joe is the series editor for The Pros Talk PowerBuilder and author of Building Component Applications in PowerBuilder 4.0.

Dan Appelman, an expert on legal issues in on-line and Internet commerce, practices computer and telecommunications law in the Palo Alto office of Heller, Ehrman, White & McAuliffe where he represents many high-tech and Internet-related companies. In addition to his law degree, Dan has a PhD in telecommunications policy.

James Brister is the current maintainer of INN, and the author of the "innfeed" transfer utility. He has been a senior UNIX system programmer and administrator for more than 10 years, and is currently a senior software engineer at Vixie Laboratories.

Bryan Buus is the manager of XOR Network Engineering's Web services group. Prior to joining XOR, Bryan kickstarted O'Reilly's & Associate's online efforts in 1992. He is a co-author of Managing Internet Information Services, and has given seminars on managing Web services for CERFnet, the SANS Conference, and Hewlett Packard.

Tom Christiansen is a consultant specializing in Perl applications, optimizations, and training. He earned an MS degree in computer science from the University of Wisconsin at Madison.

Tina Darmohray is a consultant on Internet firewalls and network connections. She has over a decade of experience managing and networking UNIX systems. Previously, she was the lead for the UNIX System Administration team at a national laboratory responsible for over 1,000 machines. Tina is currently completing a book on Internet firewalls for Prentice Hall.

Ed DeHart is a member of the Computer Emergency Response Team (CERT), which he helped found in 1988 to serve as a focal point for the computer security concerns of Internet users. Ed is actively involved in the day-to-day business of site security and incident handling, and is the CERT's training team leader.

Barb Dijker is a consultant with her own business, Labyrinth Computer Services. She is co-founder and president of the Colorado Internet Cooperative Association as well as NeTrack, a commercial ISP. Barb also serves as treasurer on the SAGE Board and is saver of USENIX faces.

Frank Fiamingo started administering UNIX systems in 1983. For the past eight years he has been a full time system administrator at Ohio State University. He has been teaching UNIX System Administration classes for seven years.

Daniel E. Geer, Jr. is director of engineering at Open Market, Inc. Formerly he was chief scientist, vice president of technology, and managing director of security consulting services for OpenVision Technologies. He holds a Doctor of Science from Harvard.

Trent Hein is chief network architect at XOR Network Engineering. He worked on the 4.4 BSD port to the MIPS architecture at Berkeley, and is co-author of the UNIX Systems Administration Handbook. Trent has a BS in Computer Science from the University of Colorado.

Jim Hickstein started in UNIX systems administration at Teradyne, a company with 5000 hosts and 200 TCP/IP networks. He was hired as a software engineer, but started doing system administration in self-defense. He is now with NetMarket leading its system administration team.

Shawn Instenes is a network connectivity and security consultant, with eight years experience in administration and programming of UNIX-based computers. He has participated in the implementation of numerous firewalls, Internet connections, and "network presences". Shawn currently writes a security column in the USENIX Association's newsletter,;login:.

Barry Jaspan has been active in network security since 1990, and has extensive experience with Kerberos. He is the author of multiple conference articles on cryptographic protocols and secure network software design. He is currently an independent consultant specializing in network security systems and security analysis.

William LeFebvre has been banging on Unix systems for 15 years, and has been studying Internet technology for about as long. He currently operates the firm Group sys Consulting. He is also a special term appointee for Argonne National Laboratory, where he designs and installs local area networks for various organizations in the US Department of Defense and Department of Energy. William has been a regular tutorial instructor at USENIX conferences and other international conferences. William received his Bachelor's degree in 1983 and his Master of Science degree in 1988, both from Rice University. His electronic mail address ins wnl@groupsys.com.

Don Libes is the creator of Expect and the author of its definitive text, Exploring Expect. He has written over 80 computer science papers and articles plus two UNIX classics: Life With UNIX and Obfuscated C and Other Mysteries. Don is a computer scientist at the National Institute of Standards and Technology.

Evi Nemeth, a faculty member in Computer Science at the University of Colorado, has managed UNIX systems for the past 19 years, both from the front lines and from the ivory tower. She is co-author of the best-selling UNIX System Administration Handbook.

Maurita Plouff has been translating between technical and non-technical audiences since her first post as a physics laboratory research assistant. She has held both technical and managerial posts, and is known for her ability to avoid inducing the "glassy-eyed stare" in managers grappling with technical material. Her consultancy assists clients to meet strategic business goals through effective use of technology.

Jon Rochlis is an engineering manager with BBN Planet where he leads groups developing managed connectivity and security services. Previously he was with OpenVision Technologies, responsible for systems and security management products.

Marc Staveley is an independent consultant in UNIX application development and administration. He is working with the Sun Microsystems Developer Support Centre assisting customers in migrating from SunOS to Solaris. He is a frequent speaker on the topics of standards-based development, multi-threaded programming and system administration.

Hal Stern is a Distinguished Systems Engineer with Sun Microsystems where he focuses on high-end server technology, operations management, networking, performance tuning, and information systems architecture. Before joining Sun, he developed molecular modeling software and was on the research staff at Princeton. He is the author of Managing NFS & NIS and the author of several articles on application performance and network design.

W. Richard Stevens is the author of UNIX Network Programming, Advanced Programming in the UNIX Environment, TCP/IP Illustrated, Volume 1: The Protocols, and co-author of TCP/IP Illustrated, Volume 2: The Implementation.

Paul Vixie is the current maintainer of the BIND software system. Paul is a co-author of Sendmail: Theory and Practice and the moderator of the "comp.sources.unix" newsgroup. Besides his work on BIND, Paul is also technical director of the Internet Software Consortium.

TECHNICAL SESSIONS
Wednesday-Friday, October 2-4, 1996

WEDNESDAY, OCTOBER 2

9:00am-10:30am
Opening Remarks

Keynote Address
Information Technology: The Next Ten Years

The tenth anniversary of the LISA Conference highlights the enormous changes that have taken place in the computer industry in the past decade. Revolutionary changes in technology and markets have rapidly moved the information technology industry forward.

This talk will focus on the forces of change which will shape the coming decade, and will present advanced computing and communications technologies under development in Hewlett-Packard's research labs.

Dick Lampman is the director of the Computer Research Center at Hewlett-Packard Laboratories where he directs the activities of five laboratories. The laboratories develop advanced technologies for use by R&D groups throughout Hewlett-Packard's computer business. He has been with Hewlett-Packard since 1971. Mr. Lampman received his BS and MS degrees from Carnegie Mellon University.

REFEREED TRACK

11:00am-12:30pm: SECURITY
Session Chair: Pat Wilson, Dartmouth College

Priv: Secure and Flexible Privileged Access Dissemination
Brian C. Hill, University of California, Davis

The Igor System Administration Tool
Clinton Pierce and John Bell, Ford Systems Integration Center

Centralized Administration of Distributed Firewalls
Mark Miller and Joe Morris, Bell Atlantic

2:00pm-3:30pm: ACCOUNT MANAGEMENT
Session Chair: E. Scott Menter, Enterprise Systems Management

Shuse: Multi-Host Account Administration
Henry Spencer, SP Systems

The Design and Implementation of a Network Account Management System
J. Archer Harris, and Gregory Gingerich, James Madison University

UNIX Host Administration in a Heterogeneous Distributed Computing Environment
Gregory S. Thomas, Desiree C. Johnson, John P. Moore, Merrilee E. Orcutt, James O. Schroeder, and Jeffrey T. Simmelink, Pacific Northwest National Laboratory

4:00pm-5:00pm: VISUALIZATION IN SYSTEMS ADMINISTRATION
Session Chair: Helen E. Harrison, SAS Institute Inc.

Visualizing Huge Tracefiles with Xscal
Alva L. Couch, Tufts University

Using Visualization in System and Network Administration
Doug Hughes, Auburn University

INVITED TALKS TRACK

11:00am-12:30pm: Standards - Are They Worth The Effort?
Moderator: Rik Farrow, Internet Security Consulting
Panelists:
Nick Stoughton, PERT Systems Ltd.
Louis Imersheim, Santa Cruz Operation
Lee Damon, Qualcomm

Three panelists argue the question from three angles: keep formal POSIX-type standards, use proprietary standards, or abolish standards altogether.

2:00pm-3:30pm: Scaling Your Web Server - What to Do With a Million Hits Each Day
Dan Klein, LoneWolf Systems

The Web is the bane and the boon of system administrators. While it is reasonably easy to configure a small web site and maintain it, dealing with a popular one is another story altogether. Sites like Galt, Lycos, and Yahoo regularly receive millions of hits per day, most of which are CGI scripts.

Even if your site isn't a universally-used site like these, a user with a popular set of pages can bring your server to its knees. This talk will address some of the issues of web server scaling from the perspective of a timeline of learning experiences, and will discuss such issues as name service, logging, network loads, system and server configuration, etc.

4:00pm-5:00pm: ATM: Not Just A Type of Bank Machine Anymore
Peter Van Epp, Simon Fraser University

This talk will provide the reasoning and history behind his site's decision to implement our campus backbone network as an ATM fabric. By describing the advantages and disadvantages of the various options (Switched Ethernet, FDDI and ATM) that were considered and the demands for bandwidth both on campus and in the wide area that is foreseen, this presentation will help you decide if ATM is an appropriate technology for your site.

THURSDAY, OCTOBER 3

REFEREED TRACK

9:00am-10:30am: TOOLS
Session Chair: Paul Evans, Synopsys, Inc.

How to Avoid Learning Expect -or- Automating Automating Interactive Programs
Don Libes, NIST

An LPD for the 90s
Mark H. Fletcher, SAS Institute Inc.

RUST: Managing Problem Reports and To-Do Lists
Craig R. Ruefenacht, University of Utah

11:00am -12:30pm: NETWORKING
Session Chair: Pat Parseghian, Transmeta

Renumbering: Threat or Menace?
Eliot Lear, Jeff Coffin, Rod Scott, Jennifer Katinsky, Diane Tharp, and John Parisi, Silicon Graphics, Inc.

OC3MON: Flexible, Affordable, High Performance Statistics Collection
K. Claffy, NLANR/UCSD; Joel Apisdorf, and Rick Wilde, MCI

IP Multiplexing by Transparent Port-Address Translation
Heon Y. Yeom, Jungsoo Ha, and Ilhwan Kim, Seoul National University

2:00pm-3:30pm: SENDMAIL
Session Chair: David L. Kensiski, Cisco Systems

Many Mail Domains, One Machine: The Forwarding Mailer
Hal Pomeranz, NetMarket/CUC International

How to Get There From Here: Scaling the Enterprise-Wide Mail Infrastructure
Michael Grubb, Duke University

Automatic and Reliable Elimination of E-mail Loops Based on Statistical Analysis
Eduardo Solana, V. Baggiolini, M. Ramluckun, and J. Harms, Universite de Geneve

4:00pm-5:30pm: TOASTY COOL MOOSE
Session Chair: Bill LeFebvre, Group Sys Consulting

MajorCool
Bill Houle, NCR Corporation

The PGP Moose -- Implementation and Experience
Greg Rose, Qualcomm International

The Brave Little Toaster Meets Usenet
Karl L. Swartz, Stanford Linear Accelerator Center

INVITED TALKS TRACK

9:00am-10:30am: How to Run a Worldwide Network When You Work in the Center of the Universe
Joel Avery, Nortel

Nortel Ottawa has a fairly large site, 10,000+ nodes, and a rather large worldwide network of 120,000+ nodes. Effectively managing a network like this requires an accurate assessment of what services should be centralized and what tasks should be distributed to local administrators. The goal is to provide enough flexibility such that anarchy and entropy do not take over the network, and to keep services and service levels the same throughout the network. The speaker discusses how that goal was accomplished.

11:00am-12:30pm: What It's Like to Be Your Own Boss
Tina Darmohray, Consultant
Celeste Stokely, Stokely Consulting

Following on the heels of a very successful BOF and BayLISA talk, Stokely and Darmohray present insights and information for people who plan on, or already have, set out on their own. Contracts, taxes, billing, getting work, and much more will be discussed, and a lively question-and-answer session is planned.

2:00pm-3:30pm: Experiences of Running a Large Archive Site
Stuart McRobert, Imperial College, London

This talk will take a fascinating look behind the scenes of one of the Internet's richest and most popular free access archive sites, sunsite.doc.ic.ac.uk. This busy site is powered by an 8-way Gbyte SS1000 with some 70+GB trans (logged) RAID5 disk space, Ethernet and FDDI networking (expect ATM and switching shortly). Efforts to improve network and server performance, along with unburdening the campus network of server-bound traffic, will also be discussed.

4:00pm-5:30pm: Works-In-Progress Reports

FRIDAY, OCTOBER 4

REFEREED TRACK

9:00am-10:30am: SOFTWARE DISTRIBUTION #1
Session Chair: Pat Parseghian, Transmeta

A Simple Caching Filesystem for Application Serving
John D. Bell, Ford Systems Integration Center

Automating the Administration of Heterogeneous LANs
Michael Fisk, New Mexico Institute of Mining and Technology

PC Administration Tools: Using Linux to Manage Personal Computers
Jim Trocki, American Cyanamid Company

11:00am-12:30pm: SOFTWARE DISTRIBUTION #2
Session Chair: Elizabeth Zwicky, Silicon Graphics, Inc.

Abstract Yourself with Modules
John L. Furlani, SunSoft, Inc.; Peter W. Osel, Siemens AG

SLINK: Simple, Effective Filesystem Maintenance Abstractions for Community-Based Administration
Alva L. Couch, Tufts University

Managing and Distributing Application Software
I. Reguero, Ph. Defert, E. Fernandez, M. Goossens, O. Le Moigne, and A. Peyrat, CERN, European Laboratory for Particle Physics

2:00pm-3:30pm: THE FUTURE OF SYSTEMS ADMINISTRATION
Session Chair: Amy K. Kreiling, University of North Carolina

A New Twist on Teaching System Administration
Raven Tompkins, Indiana University

Institute White Pages as a Sys Admin Problem
Jon Finke, Rensselaer Polytechnic Institute

New Fangled Phone Systems Pose New Challenges for System Administrators
Snoopy, iXOS Software GmbH

4:00pm-5:30pm JOINT CLOSING SESSION:
System Administration: The Last Ten Years and the Next
Rob Kolstad, Berkeley Software Designs, Inc.

While the future of any technology or technological aspect of our society is difficult to predict, examining the past can lead to an enlightened view of the future. This talk highlights certain events from the last decade and uses them as a framework to analyze the hype, financial and economic factors, political factors, technical issues, cultural issues, and wildcards that will affect system administration in the future.

5:30pm-6:00pm: Announcement of Winners of Best Horror Story Contest

INVITED TALKS TRACK

9:00am-10:30pm: Manage People, Not Logins
Jon Finke, Rensselaer Polytechnic Institute

Managing large numbers of UNIX userids in an enterprise wide system can be approached as a problem of managing information about people. This talk will look at some of the problems and opportunities encountered in implementing Simon (similar to MIT's Moira). Rather than discussing the gritty technical details, the talk looks at problems and techniques in dealing with multiple data feeds, maintaining information security, understanding (and developing) information policy, and some of the problems encountered in merging and transforming this information. We will also look beyond the maintenance of UNIX userids.

11:00am-12:30pm: Intrusion Detection
Louis Todd Heberlein, University of California, Davis

With stories of computer crime regularly in the news, we are painfully aware that our computer systems are vulnerable. While we would prefer to design and manage our systems to prevent attacks, technical, operational, and practical limitation conspire against us. Intrusion detection detects the attacks which do occur and provides an opportunity to respond to them in a timely fashion. This talk will present both an historical and technical overview of the field of intrusion detection. The history of intrusion detection provides insight into which approaches have and have not worked, reflects the changing threats over the years, and may provide clues as to the future of intrusion detection.

2:00pm-3:30pm: Just Another Convicted Perl Hacker
Randal Schwartz, Stonehenge Consulting Services

This talk will describe how the speaker became a felon in the process of doing his job as a system administrator in the well-publicized Oregon v. Schwartz case (victim: Intel). It will include some points about Oregon's current law and the implications of this case on the computer community. Similarly broad laws appear on the books in other states. There will be a special focus on how to make sure this doesn't happen to you.

LISA'96 Exhibition

Wednesday, October 2, Noon - 7:00 pm
Thursday, October 3, 10:00 am - 4:00 pm
Chicago Ballroom, Marriott Hotel

The Exhibition at LISA '96 offers 80 booths with vendors of innovative systems administration and network management solutions demonstrating their products.

For more information about the LISA '96 Exhibition, please contact:
Cynthia Deno, Exhibition Coordinator:
Phone: 408.335.9445
Email: display@usenix.org

Lisa '96 Exhibitors

GENERAL CONFERENCE INFORMATION

Student Stipends Available

CONFERENCE PUBLICATIONS

BIRDS-OF-A-FEATHER SESSIONS (BoFS)
Tuesday, Wednesday and Thursday evenings

THE GURU IS IN

NUMBER UNITS	TUTORIAL FEE		CEU Surcharge
SELECTED	(before Aug 25)		(optional)	

One Unit	$175.00			$15.00
Two Unit	$320.00			$15.00
Three Units	$455.00			$23.00
Four Units	$590.00			$30.00
Five Units	$725.00			$38.00
Six Units	$860.00			$45.00

	Enter total tutorial fee from schedule above......$__________
	CEU units surcharge from schedule above (optional)$__________

	Late fee if postmarked after Aug. 23, 1996   $50. $_______

	Full-Time Student Fee:  pre-registered or onsite
	(Attach copy of current student I.D. card)

A limited number of tutorial seats at the student rate are available.
Click HERE for instructions on how to obtain these rates.


			CODE NO:______________________$70.00$________
			CODE NO:______________________$70.00$________
			CODE NO:______________________$70.00$________

Member Fee............................................$330.00$_______
   (Applies to current USENIX,EurOpen, JUS and AUUG members)

Non-Member or Renewing Member Fee*....................$425.00$_______
	*Join or renew your USENIX/SAGE membership and
	attend the conference for same low price -check here [ ]

Late fee applies if postmarked after Aug. 23, 1996..Add $50. $_______

Full-Time Student Fee: pre-registered or on-site......$ 75.00 $______
(Students must include photocopy of current student I.D. card)

Full time student, including USENIX membership fee....$100.00 $______

                          TOTAL ENCLOSED...................$_________

[ ]Payment Enclosed - Please make check payable to USENIX Conference

CHARGE TO MY:  ___VISA ___MASTERCARD ___AMERICAN EXPRESS ___DINERS CLUB

ACCOUNT NO.______________________________________ EXP. DATE___________

_______________________________________/___________________________
 Print Cardholder's Name                 Cardholder's Signature