By Day (Sunday,
Monday, Tuesday) |
By Instructor | All in One File
Resilient Distributed Systems--
Who should attend: Beginning and intermediate UNIX system and network administrators, and UNIX developers concerned with building applications that can be deployed and managed in a highly resilient manner. A basic understanding of UNIX system programming, UNIX shell programming, and network environments is required.
This course will explore procedures and techniques for designing, building, and managing predictable, resilient UNIX-based systems in a distributed environment. Hardware redundancy, system redundancy, monitoring and verification techniques, network implications, and system and application programming issues will all be addressed. We will discuss the trade-offs among cost, reliability, and complexity.
Evan Marcus (T1) is a senior systems engineer and high
availability specialist with VERITAS Software Corporation. Evan has more than 12
years of experience in UNIX systems administration. While employed at Fusion
Systems and OpenVision Software, Evan worked to bring the first high
availability software application for SunOS and Solaris to market. Evan is the
author of several articles and talks on the design of high availability systems.
Who should attend: Software engineers, application architects and developers, kernel developers, device driver writers, system administrators, performance analysts, capacity planners, Solaris users who wish to know more about the system they're using and the information available from bundled and unbundled tools, and anyone interested in operating system internals.
The installed base of Solaris systems being used for various commercial data-processing applications across all market segments and scientific computing applications has grown dramatically over the last several years, and it continues to grow. As an operating system, Solaris has evolved considerably, with some significant changes made to the UNIX SVR4 source base on which the early system was built. An understanding of how the system works is required in order to design and develop applications that take maximum advantage of the various features of the operating system, to understand the data made available via bundled system utilities, and to optimally configure and tune a Solaris system for a particular application or load.
Topics include the major components of the Solaris operating system, including the process/thread/dispatcher subsystem, virtual memory, file systems, and I/O interfaces. The kernel data structures and algorithms are discussed for all the major subsystems, with descriptions of the data extraction points used by the bundled (e.g., sar(1M), vmstat(1M), mpstat(1M)) and several unbundled tools and utilities (e.g., ProcTool, MemTool). Additional topics of discussion include the implementation of the kernel-locking primitives (e.g., mutexes, condition variables), system clocks (hardware and software), the 64-bit kernel, linkers and libraries, system calls, interprocess communication, and kernel tunable parameters. Solaris versions 2.6 and 7 are covered, with an update section covering the major features of Solaris 8.
After completing this course, participants will have a solid understanding of
the internals of the major areas of the Solaris kernel that they will be able to
apply to systems performance analysis, tuning, load/
Richard McDougall (T2), an established engineer in the Performance Application Engineering Group at Sun Microsystems, focuses on large systems performance and architecture. He has over 12 years of experience in UNIX performance tuning, application/kernel development, and capacity planning. Richard is the author of many papers and tools for measurement, monitoring, tracing and sizing UNIX systems, including the memory-sizing methodology for Sun, the MemTool set for Solaris, the recent Priority Paging memory algorithms in Solaris, and many unbundled tools for Solaris, and is co-author of Solaris Internals: Architecture Tips and Techniques (Sun Microsystems Press/Prentice Hall, forthcoming).
James Mauro (T2) is an enterprise IT architect for Sun Microsystems, focusing on multi-tier and distributed application platforms, with an eye to availability and scalable growth. He works extensively with Solaris application development, performance tuning, capacity planning, and general systems behavior analysis. Jim, who has 20 years of UNIX industry experience, writes a monthly column on Solaris internals for SunWorld and is co-author of Solaris Internals: Architecture Tips and Techniques (Sun Microsystems Press/Prentice Hall, forthcoming).
T3 Inside the
Who should attend: Application programmers and kernel developers. You should be reasonably familiar with C programming in the UNIX environment, but no prior experience with the UNIX or Linux kernel code is assumed.
This tutorial will give you an introduction to the structure of the Linux kernel, the basic features it provides, and the most important algorithms it employs.
The Linux kernel aims to achieve conformance with existing standards and compatibility with existing operating systems; however, it is not a reworking of existing UNIX kernel code. The Linux kernel was written from scratch to provide both standard and novel features, while taking advantage of the best practice of existing UNIX kernel designs.
Although the material will focus on the release version of the Linux kernel (v. 2.2), it will also address aspects of the development kernel codebase (v. 2.3), where its substance differs from 2.2. It will not examine the source code in detail but will, rather, offer an overview and roadmap of the kernel's design and functionality.
Stephen C. Tweedie (T3) works on Linux kernel inter
nals and high availability for Red Hat, Inc. Before that, he worked on VMS
filesystem internals for Digital's Operating Systems Software Group. He has been
contributing to Linux for a number of years, in particular designing some of the
high-performance algorithms central to the ext2fs file system and the virtual
Who should attend: System and network administrators who wish to integrate Samba running on a UNIX-based machine with Microsoft Windows clients. No familiarity with Windows networking concepts will be assumed.
Samba is a freely available suite of programs that allows UNIX-based machines to provide file and print services to Microsoft Windows PCs without installing any third-party software on the clients. This allows users to access necessary resources from both PCs and UNIX workstations. As Samba makes its way into more and more network shops all over the world, it is common to see "configuring Samba servers" listed as a desired skill on many job descriptions for network administrators.
This tutorial will use real-world examples taken from daily administrative tasks.
Gerald Carter (M4, T4) has been a member of the
SAMBA Team since 1998 andhas been maintaining SAMBA servers for the past four
years. As a network manager at Auburn University, Gerald maintains approximately
700 PCs and 30 Solaris 2.x servers. He is the lead author of Teach
Yourself SAMBA in 24 Hours (Sams Publishing) and has worked as an instructor
or technical reviewer for major publishers.
Who should attend: System and network administrators who implement or maintain networks, and site managers charged with selecting and setting site security requirements. Familiarity with TCP/IP networking is a plus.
Many classic security problems, such as perimeter and host security, have become well defined and are routinely addressed by a wide range of product offerings. However, computer and network attacks are still on the rise. How to combat these attacks effectively is a network and security management discipline with emerging strategies and solutions. This tutorial will cover the latest trends in computer attacks and the security precautions you can take against them, including defensive penetration analysis, host auditing, network logging solutions, and intrusion detection.
After taking this tutorial, attendees will understand the important areas of security management. They will be able to defensively assess their system and network security. Additionally, they will have an appreciation for auditing and monitoring hosts and networks for intrusions, and for storing critical information required for network forensics.
Tina Darmohray (T5) is a network and security consultant with over a decade of experience in administration and programming UNIX/TCP-based computers. She specializes in firewalls, Internet connections, sendmail/DNS configurations, and defensive intrusion management. Previously Tina was the lead for the UNIX support team at Lawrence Livermore National Laboratory. Tina was a founding board member of SAGE, the System Administrators Guild. She is the author of the popular SAGE jobs booklet Job Descriptions for System Administrators, she's co-editor of ;login:, the magazine of USENIX & SAGE, and she co-chaired the USENIX LISA IX conference. Tina holds a B.S. and an M.S. from the University of California, Berkeley.
Phil Cox (M4, T5) is a consultant for SystemExperts Corporation. Phil
writes and lectures on issues bridging the gap between UNIX and
Windows NT. He is a featured columnist in ;login;, the magazine of USENIX
& SAGE, and has served on numerous USENIX program committees. Phil holds a
in computer science from the College of Charleston, South Carolina.
Who should attend: This tutorial is directed at system administrators who are implementing network services and are looking for a background in the configuration of those services, and for the basics of the protocols and performance tuning. Attendees should have used or been the client of an IP network and have a basic knowledge of systems administration, but do not need to be experienced network administrators. Both new network administrators and gurus will leave the tutorial having learned something.
System administrators are increasingly being tasked with bringing their office environments on-line, with "on-line" ranging from a stand-alone client attached to the Internet to a distributed network of Web servers. The prospect of the network services to be configured can be daunting to administrators who aren't familiar with the applications. Configuration examples, discussed with brief overviews of the underlying protocols, can be taken away for direct application after the conference.
Topics include (with a special emphasis on security):
Attendees should leave the course feeling confident in their ability to set up and maintain secure network services. The tutorial will be conducted in an open manner that allows for questions at all times.
Bryan C. Andregg (M3, T6) is the Director of Networks
at Red Hat Inc. He has been with the company for three years and in that time
has moved from being the only systems administrator through almost every job in
IS. Bryan's next round of business cards will give his job title as
Who should attend: Programmers moderately experienced in Perl and CGI/HTML who would like to automate their Web sites so that they can get more done with less work. This is not a class for non-programmers--we will be doing a lot of Perl code-reading.
With the proliferation of Web sites, the problem of maintenance has become almost unmanageable. Every Web site needs a person to update databases, send and answer mail, and handle membership sign-ups and account expiration, password protection, and a host of other tasks. Or do they? This tutorial will show, with numerous real-life examples, how a Web site can be largely automated, leaving the site maintainer free to handle only the exceptional cases.
We'll use Web-based modules from CPAN and explain their interfaces. We will also pay special attention to file locking, synchronization, error checking, reporting, and recovery, and to the special needs of the asynchronous environment the Web provides. For each example we will present a problem, discuss the conceptual overview, and delve into the code to solve it. Using these examples, attendees will easily be able to implement solutions on their own sites. In all cases, issues of scalability will be discussed. The instructor's wide range of experience will give the students the perspective they need to plan for their needs.
Mark-Jason Dominus (T7) has been using Perl for Web application
development and site management since 1994, for large organizations such as
Estee Lauder, the University of Pennsylvania, and Time-Warner. He is a regular
contributor to the Perl Journal and is the managing editor of
Technical people develop and communicate facts. Facts tend to be discussed in terms of "black or white" or "right or wrong." As a manager, there is a need to develop and communicate in a way that addresses less objective issues such as intentions, visions, plans, and processes. Managers find themselves concerned with issues such as trust, support, and compromise, which are difficult to quantify.
People who get asked to manage others typically have strong technical and leadership skills. Perhaps you know such a person who, shortly after becoming a manager, seemingly became "a different person," even felt like a failure as a manager. And you know it wasn't for lack of trying to do a good job. They appeared not to know what to expect, seemed unprepared to deal with the issues that confronted them daily, apparently didn't get the bigger picture, and showed no sign of understanding how to use the power and influence that (apparently) went with the job.
We believe that becoming an effective technical manager requires:
We give an overview of the management process, concentrating on techniques that can be applied immediately. These should help managers manage better. Non-managers will learn to understand and relate better to managers and will get a feeling for what a managerial job might be like for them in the future.
Steve Johnson (T8) has been a technical manager for nearly two decades, in both large and small companies. At AT&T, he is best known for writing Yacc, Lint, and the Portable C Compiler. He served as the head of the UNIX Languages Department at AT&T's Summit Labs and has been involved in a number of Silicon Valley startup companies. He served for ten years on the USENIX Board of Directors, four of them as president. He presented an invited talk on management at LISA '97, he has taught USENIX tutorials on technical subjects, and he has led management training seminars at Transmeta.
Dusty White (T8) was an early employee of Adobe,
where she served in a variety of managerial positions. She now works as a
management consultant in Silicon Valley, where she acts as a trainer, coach, and
troubleshooter for technical companies.
This course will be useful for anyone with any TCP/IP-based system--a UNIX, Windows NT, or mainframe operating system, or a router, firewall, or gateway network host.
Whether network-based host intrusions come from the Internet, an extranet, or an intranet, they typically follow a common methodology: reconnaissance, vulnerability research, and exploitation. This tutorial will review the tools and techniques hackers (determined intruders) use to perform these activities. You will learn what types of protocols and tools they use, and you will become familiar with a number of current methods and exploits. The course will show how you can generate vulnerability profiles of your own systems. Additionally, it will review some of the important management policies and issues related to these network-based probes.
The course will focus primarily on tools that exploit many of the common TCP/IP-based protocols, such as WWW, SSL, DNS, ICMP, and SNMP, that underlie virtually all Internet applications, including Web technologies, network management, and remote file systems. Some topics will be addressed at a detailed technical level. This course will concentrate on examples drawn from public domain tools, because these tools are widely available and commonly used by hackers (and are free for you to use).
Topics not covered:
Brad Johnson (T9) is Vice President of Consulting of SystemExperts Corporation. He has participated in seminal industry initiatives like the Open Software Foundation, X/Open, and the IETF, and has published often about open systems. Brad has served as a technical advisor to organizations such as Dateline NBC and CNN on security matters.
Prior to joining SystemExperts, Brad was one of the original members of the DCE Evaluation Team, the group that identified, evaluated and selected technology to become the industry's first true interoperable middleware. Brad was also the engineering project manager to complete the integration of those technologies and the project leader for the first three major releases. Prior to OSF, Brad was a principal software engineer/project leader for Digital Equipment Corporation, a technical staff member at Data General Corporation and before that, a technical staff member at Bell Telephone Laboratories.
Brad holds a Bachelor of Arts degree in Computer Science from Rutgers University and a Master of Science degree in Applied Management from Lesley College.
T10 Special Topics in
Sendmail: Sendmail 8.10 and Sendmail Security NEW
Who should attend: UNIX system and network administrators familiar with or responsible for sendmail. This tutorial is targeted at those who want to learn how to convert their sites to sendmail 8.10, and at those who want to better understand sendmail security, particularly on firewalls and other similar systems. This two-part tutorial is not an introduction to sendmail.
Sendmail 8.10, the latest release of Open Source sendmail from Sendmail, Inc., has many new features. In many cases mail administrators can just compile the new release of sendmail and use their old configuration files, but "power users" may wish to utilize the many new capabilities. This tutorial discusses the new features in version 8.10 of sendmail.
Time permitting, musings on the future direction of sendmail will be indulged in.
Sendmail is a powerful Mail Transport Agent that can be configured for many different environments, from firewalls through workstation mail servers. These environments have different security requirements; in particular, in a pure relay configuration (with no local user accounts or delivery) sendmail can be configured to relinquish root permissions. This is a fast-paced tutorial intended for system and network administrators who are already familiar with configuring and administering sendmail.
Eric Allman (S2, T10) Eric Allman wrote sendmail, leads
sendmail.org, and is CTO of Sendmail, Inc. Eric was the lead programmer for the
INGRES database management and the Mammoth infrastructure projects and authored
syslog, tset, the -me troff macros, and trek, developed a commercial
client/server implementation, helped develop a first-generation window system,
and contributed to the Ring Array Processor Project. He has been a member of the
Board of Directors of the USENIX Association. Eric received his M.S. in Computer
Science from U.C. Berkeley. He collects wines, which he stashes in the cellar of
the house he shares with Kirk McKusick, his partner of 20-and-some-odd years.