Check out the new USENIX Web site.
LISA '02, 16th Systems Administration Conference, November 3-8, 2002, Philadelphia Marriott, Philadelphia, PA
LISA Home  | Register/Hotel  | Tutorials  | Tech Sessions  | Workshops  | Exhibition  | Organizers  | Activities/BoFs  | At a Glance
Register Now!
Tutorials: Overview | By Day (Sunday, Monday, Tuesday) | By Instructor | All in One File

Sunday, November 3, 2002    
Full-Day Tutorials
S1 Advanced Solaris System Administration Topics
Peter Baer Galvin, Corporate Technologies

S2 Topics in UNIX and Linux Administration, Part 1 NEW
Trent Hein and Ned McClain, Applied Trust Engineering; Evi Nemeth, University of Colorado Emeritus

S3 Linux System Administration
Joshua Jensen, Red Hat Inc.

S4 Intrusion Detection: Evaluation, Architecture, and Implementation NEW
Cory Scott, ABN-AMRO North America

S5 Hacking and Securing Web-Based Applications NEW
David Rhoades, Maven Security Consulting

S6 Beyond Shell Scripts: 21st-Century Automation Tools and Techniques NEW
Aeleen Frisch, Exponential Consulting

S7 Blueprints for High Availability: Designing Resilient Distributed Systems
Evan Marcus, VERITAS Software Corp.

Half-Day Tutorials, AM
S8 Administering Veritas NetBackup
W. Curtis Preston, The Storage Group

S9 Perl for System Administration: The Networking Power Hours, Part 1 NEW
David N. Blank-Edelman, Northeastern University

S10 Introduction to Domain Name System Administration
William LeFebvre, CNN Internet Technologies

Half-Day Tutorials, PM
S11 Using SANs and NAS
W. Curtis Preston, The Storage Group

S12 Perl for System Administration: The Networking Power Hours, Part 2 NEW
David N. Blank-Edelman, Northeastern University

S13 Intermediate Topics in Domain Name System Administration
William LeFebvre, CNN Internet Technologies


S1 Advanced Solaris System Administration Topics
Peter Baer Galvin, Corporate Technologies

Who should attend: UNIX administrators who need more knowledge of Solaris administration.

We will discuss the major new features of recent Solaris releases, including which to use (and how) and which to avoid. This in-depth course will provide the information you need to run a Solaris installation effectively. Updated to include Solaris 8 and several other new topics.

Topics include:

  • Installing and upgrading
    • Architecting your facility
    • Choosing appropriate hardware
    • Planning your installation, filesystem layout, post-installation
    • Installing (and removing) patches and packages
  • Advanced features of Solaris
    • File systems and their uses
    • The /proc file system and commands
    • Useful tips and techniques
  • Networking and the kernel
    • Virtual IP: configuration and uses
    • Kernel and performance tuning: new features, adding devices, tuning, debugging commands
    • Devices: naming conventions, drivers, gotchas
  • Enhancing Solaris

galvin_peter Baer Galvin (S1) is the Chief Technologist for Corporate Technologies, and was the systems manager for Brown University's Computer Science Department. He has written articles for Byte and other magazines, is a columnist for SunWorld, and is coauthor of the Operating Systems Concepts and the Applied Operating Systems Concepts textbooks. Peter has taught tutorials on security and system administration and has given talks at many conferences and institutions.


S2 Topics in UNIX and Linux Administration, Part 1 NEW
Trent Hein and Ned McClain, Applied Trust Engineering; Evi Nemeth, University of Colorado Emeritus

Who should attend: System and network administrators who are interested in picking up several new technologies in an accelerated manner. The format consists of six topics.

Topics include:

  • Logical Volume Management for Linux: Logical volume support for Linux has brought storage flexibility and high availability to the masses. By abstracting physical storage devices, logical volumes let you grow and shrink partitions, efficiently back up databases, and much more. We'll talk about Linux LVM, what you need to get it up and running, and how to take advantage of its many features.
  • Security Packet Filtering Primer: What does the word "firewall" really mean, and how do you set up a packet filter list to implement a basic one? We'll teach you the dos and don'ts of creating a tough packet filter, and talk specifically about capabilities of packages available for Linux.
  • What's New in BIND9? BINDv9 includes a long laundry list of features needed for modern architectures, huge zones, machines serving a zillion zones, co-existence with PCs, security, and IPv6­specifically, dynamic update, incremental zone transfers, DNS security via DNSSEC and TSIG, A6, and DNAME records. We'll talk about the gory details of these new features.
  • Network Server Performance Tuning: Instead of throwing expensive hardware at a performance problem, consider that many performance problems are really due to misconfigured networks, systems, and applications. We'll focus on Linux and UNIX performance tuning, with an emphasis on low-cost, high-impact strategies and solutions.
  • Security Crisis Case Studies: Before your very eyes, we'll dissect a set of security incident case studies using many tools available on your system or from the Net. We'll specifically describe how to avoid common security-incident pitfalls.
  • Policy and Politics: Many of the policies and procedures followed at a site are carefully filed in the sysadmin's head. With the worldwide Net invading your local site, these secrets need to be written down, run by lawyers, and followed by your sysadmin staff. We will discuss approaches to these tasks, both good and bad, and illustrate with war stories, sample policy agreements, and procedure checklists.

hein_trent Trent Hein (S2, M2) is co-founder of Applied Trust Engineering. Trent worked on the 4.4 BSD port to the MIPS architecture at Berkeley, is co-author of both the UNIX Systems Administration Handbook and the Linux Administration Handbook, and holds a B.S. in computer science from the University of Colorado.


mcclain_ned Ned McClain (S2, M2), co-founder and CTO of Applied Trust Engineering, lectures around the globe on applying cutting-edge technology in production computing environments. Ned holds a B.S. in computer science from Cornell University and is a contributing author to both the UNIX System Administration Handbook and the Linux Administration Handbook.


nemeth_evi Evi Nemeth (S2, M2) has retired from the computer science faculty at the University of Colorado, where she administered UNIX systems, both from the trenches and from the ivory tower. She is a co-author of the UNIX System Administration Handbook (now in its 3rd edition) and its green cousin, the Linux Administration Handbook. Evi is slowly learning what "retired" is supposed to mean, as she spends more time on her sailboat in the Caribbean and less time on computers, networks, and security.


S3 Linux System Administration
Joshua Jensen, Red Hat Inc.

Who should attend: System administrators who plan to implement a Linux solution in a production environment. Attendees should be familiar with the basics of system administration in a UNIX/Linux environment: user-level commands, administration commands, and TCP/IP networking. Both novice and intermediate administrators should leave the tutorial having learned something.

From a single server to a network of workstations, the Linux environment can be a daunting task for administrators knowledgeable on other platforms. Starting with a single server and finishing with a multi-server, 1000+ user environment, case studies will provide practical information for using Linux in the real world.

Topics include (with an emphasis on security):

  • Installation features
  • Disk partitioning and RAID
  • Networking
  • User accounts
  • Services
  • NFS and NIS
  • Security through packet filtering and SSH
  • New developments (journaling file systems, VPNs, and more)

At the completion of the tutorial, attendees should feel confident in their ability to set up and maintain a secure and useful Linux network. The instructor invites questions during the presentation.

jensen_joshua_b&w Joshua Jensen (S3, T3) was the first Red Hat instructor and examiner, and has been with Red Hat for 4 years. In that time he has written and maintained large parts of the Red Hat curriculum: Networking Services and Security, System Administration, Apache and Secure Web Server Administration, and the Red Hat Certified Engineer course and exam. Joshua has worked with Linux for 7 years, and has been teaching Cisco Internetworking and Linux courses since 1998.


S4 Intrusion Detection: Evaluation, Architecture, and Implementation NEW
Cory Scott, ABN-AMRO North America

Who should attend: System, network, and security administrators who understand the basics of IDS technologies and are interested in the details of deploying IDS in their organization. The class will also be attractive to managers who want to implement IDS.

Topics include:

  • How IDS fits into an IT organization
  • How to measure ROI and provide metrics for an IDS deployment. * How tointegrate incident response and other security initiatives
  • How to evaluate IDS technologies
    • Scoping a pilot project
    • Building a test environment.
  • Risk assessment
  • Threat modeling
  • Architecture review of IDS deployments
  • Data collection issues
    • Bandwidth feasibility for network-based IDS
    • log aggregation for host-based IDS
  • How to deal with the intrusion detection community
  • Overview of future IDS technologies

Whenever possible, the tutorial will cover a range of potential environments, from large networks to smaller deployments. The instructor invites attendees to email him before the conference with particular implementation questions or concerns and he will attempt to cover them during class.

scott_cory_BW Cory Scott (S4) has extensive experience in information systems and security and years of experience in network and systems security architecture, as well as operational experience in several demanding datacenters. Currently he is a manager of systems and security at ABN-AMRO North America. Previously he was a security consultant, performing assessment, penetration testing, and intrusion detection research. He has a CISSP certification, with speaking engagements at Blackhat Briefings and SANS. As a technical editor and writer, he has worked on several security publications, including recent technical reviews of "Know Your Enemy: The Honeynet Project" and NIST's "Special Publication on Intrusion Detection Systems."


S5 Hacking and Securing Web-Based Applications NEW
David Rhoades, Maven Security Consulting

Who should attend: People who are auditing Web application security, developing Web applications, or managing the development of a Web application.

Although numerous commercial and freeware tools assist in locating network-level security vulnerabilities, these tools are incapable of locating application-level issues. This course will demonstrate how to identify security weaknesses for Web-enabled services that could be exploited by remote users.

With numerous real-world examples, this informative and entertaining course is based on fact and experience, not theory. The course material is presented in a step-by-step approach, and will apply to Web portals, e-commerce, online banking, shopping, subscription-based services, and any Web-enabled application.

Topics include:

  • Information-gathering attacks: How hackers read between the lines
  • User sign-on process: Many sites contain serious flaws which expose them to the threat of bad publicity and loss of customer confidence
  • User sign-off process: Are users really signed off?
  • OS & Web server weaknesses: buffer overflows and default material
  • Encryption: Finding the weakest link
  • Session tracking
    • URL rewriting, basic authentication, and cookie: strengths and weaknesses
    • Session cloning, IP hopping, and other subtle dangers
    • A recipe for strong session IDs
  • Authentication: server, session,
    transactional
  • Transaction-level issues
    • Hidden form elements
    • Unexpected user input
    • GET vs. POST
    • JavaScript filters
    • Improper server logic

Rhoades_David_BW David Rhoades (S5) is president of Maven Security Consulting Inc.Since 1996 David has been providing information protection services for various Fortune 500 customers. His work has taken him across the U.S .and to Europe and Asia, where he has lectured and consulted in various areas of information security. David holds a B.S. in computer engineering from the Pennsylvania State University and is an instructor for the SANS Institute, the MIS Training Institute, and Sensecurity (based in Singapore).


S6 Beyond Shell Scripts: 21st-Century Automation Tools and Techniques NEW
Aeleen Frisch, Exponential Consulting

Who should attend: System administrators who want to explore new ways of automating administrative tasks. Shell scripts are appropriate for many jobs, but more complex operations will often benefit from sophisticated tools.

Topics include:

  • Automating installations
    • Vendor-supplied tools
    • Alternative approaches
    • State-of-the-art package control
    • A heterogeneous environment
  • Mark Burgess's cfengine package
    • Installations and beyond
    • "Self-healing" system configurations
    • Other uses
    • cfengine limitations and how to overcome them
  • Don Libes's Expect package for automating interactive procedures
    • What to Expect . . .
    • Using Expect with other tools
    • Security issues
  • Amanda, an enterprise backup management facility
    • Prerequisites
    • Configuration
    • Getting the most from Amanda
  • STEM, a new package for automating network operations
    • Understanding the context and tool capabilities
    • Example applications
    • Performance and scaling

We'll conclude the course with a shell scripts redux covering some shell features you may not have heard of (and a bit of Perl, too).

frisch_aeleenbw Aeleen Frisch (S6, M3, T11) has been a system administrator for over 20 years. She currently looks after a pathologically heterogeneous network of UNIX and Windows systems. She is the author of several books, including Essential System Administration (now in its 3rd edition).


S7 Blueprints for High Availability: Designing Resilient Distributed Systems
Evan Marcus, VERITAS Software Corp.

Who should attend: Beginning and intermediate UNIX system and network administrators, and UNIX developers concerned with building applications that can be deployed and managed in a highly resilient manner. A basic understanding of UNIX system programming, UNIX shell programming, and network environments is required.

This tutorial will explore procedures and techniques for designing, building, and managing predictable, resilient UNIX-based systems in a distributed environment. We will discuss the trade-offs among cost, reliability, and complexity.Topics include:

  • What is high availability? Who needs it?
  • Defining uptime and cost; "big rules" of system design
  • Disk and data redundancy; RAID and SCSI arrays
  • Host redundancy in HA configs
  • Network dependencies
  • Application system programming concerns
  • Anatomy of failovers: applications, systems, management tools
  • Planning disaster recovery sites and data updates
  • Security implications
  • Upgrade and patch strategies
  • Backup systems: off-site storage, redundancy, and disaster recovery
  • Managing the system: managers, processes, verification
marcus_evan Evan Marcus (S7, M10) is a Senior Systems Engineer and High Availability Specialist with VERITAS Software Corporation. Evan has more than 14 years of experience in UNIX system administration. While working at Fusion Systems and OpenVision Software, Evan worked to bring to market the first high-availability software application for SunOS and Solaris. He is the author of several articles and talks on the design of high-availability systems and is the co-author, with Hal Stern, of Blueprints for High Availability: Designing Resilient Distributed Systems (John Wiley & Sons, 2000).


S8 Administering Veritas NetBackup
W. Curtis Preston, The Storage Group

Who should attend: System administrators involved in the design, implementation, and administration of Veritas NetBackup. Participants who are not yet using NetBackup should review NetBackup documentation before attending this session.

Anyone who has implemented a medium-to-large installation of any commercial backup software package understands the challenges that such a project will face. This tutorial focuses on the challenges unique to Veritas NetBackup, with heavy emphasis on configuring NetBackup in such a way that it will be easier to automate, easier to monitor and make reports from, takes full advantage of your storage resources, and, above all, ensures that your data is being protected properly. The tutorial will also answer the questions that all NetBackup administrators find themselves asking and will provide scripts to automate NetBackup.

Topics include (with an emphasis on decisions to be made):

  • NetBackup architecture
  • System design
  • Commonly used (and misunderstood) commands
  • System automation
  • frequently asked questions, including:
    • How do I do offsite tape duplication? Is bpvault worth it?
    • Why can't I delete this tape?
    • Can NetBackup tell me when I'm low on volumes, instead of waiting until I'm out?
    • How do I automate the importing, exporting, and labeling of library volumes?
    • How do I back up NAS systems?
    • Is there any way to manage the exclude lists centrally?

After completing this tutorial, participants will be able to answer all of these questions and will have the tools necessary to better automate their NetBackup installation. They will also be aware of common pitfalls and how to avoid them.

preston_curtis_b&w W. Curtis Preston (S8, S11) is the president of The Storage Group, Inc., a storage consulting firm focused on bridging the gap between customers and storage products. Curtis has ten years' experience designing storage systems for environments both large and small. Curtis has advised the major product vendors regarding product features and implementation methods. He is the administrator of the NetBackup and NetWorker FAQs and answers the "Ask The Experts" backup forum on SearchStorage.com. He is the author of O'Reilly's UNIX Backup & Recovery and Using SANs & NAS, as well as a monthly column in Storage Magazine.


S9 Perl for System Administration: The Networking Power Hours, Part 1 NEW
David N. Blank-Edelman, Northeastern University

Who should attend: System and network administrators with advanced-beginner to intermediate Perl skills (important prerequisite).

Now that we've offered several successful survey courses on using Perl to make system administration easier, it is time to go deeper. In this half-day course we'll take an hour per subject to probe how Perl can be used to work with three different network-related topics. We'll get you jump-started and then dive into the approaches, tools and methods you need to tame these areas with your existing Perl skills.

Topics include:

  • SNMP: How to query and configure SNMP v1- and 3-capable devices
  • Packet Play
    • Sniffing for specific packets
    • Creating packets with Perl
  • Network Monitoring and Mapping: Continuously monitoring a network and displaying the results

This final module will tie together the two previous modules and work toward building simple tools to help. We'll also look at some of the more advanced free tools already available to solve this problem.

blank-edelman David N. Blank-Edelman (S9, S12) is the Director of Technology at the Northeastern University College of Computer Science and the author of the O'Reilly book Perl for System Administration. He has spent the last 16 years as a system/network administrator in large multi-platform environments, including Brandeis University, Cambridge Technology Group, and the MIT Media Laboratory. He has served as Senior Technical Editor for the Perl Journal.


S10 Introduction to Domain Name System Administration
William LeFebvre, CNN Internet Technologies

Who should attend: System or network administrators who have been exposed to the Domain Name System only as users. A basic understanding of the IP protocols, TCP and UDP, data encapsulation, and the seven-layer model will be beneficial.

DNS, the primary method the Internet uses to name and number machines, is used to translate names like "www.usenix.org" into addresses like 131.106.3.253. Any site that is serious about joining the Internet community will need to understand how to configure and administer DNS.

This tutorial will describe the basic operation of DNS and will provide instructions and guidelines for the configuration and operation of DNS on UNIX platforms using the BIND software distribution. This class is designed for the beginner and is intended to provide a foundation for the tutorial on "Intermediate Topics in Domain Name System Administration."

Topics include:

  • DNS and BIND
  • The DNS Name Hierarchy
  • The four components of DNS
  • Iterative vs. recursive querying
  • Essential resource records: SOA, A, PTR, CNAME, NS
  • Zone transfers and secondaries
  • Vendor-specific differences
lefebvre_bill William LeFebvre (S10, S13) is an author, programmer, teacher, and sysadmin expert who has been using UNIX and Internet technologies since 1983. He writes a monthly column for UNIX Review and has taught since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS Training Institute, IT Forum, and Great Circle Associates. He has contributed to several widely used UNIX packages, including Wietse Venema's logdaemon package. He is also the primary programmer for the popular UNIX utility top. William is currently a technology fellow at CNN Internet Technologies, exploring the applicability of new technology to one of the busiest Web farms on the Internet. He received his bachelor's degree in 1983 and his master of science degree in 1988, both from Rice University.


S11 Using SANs and NAS
W. Curtis Preston, The Storage Group

Who should attend: System administrators and system engineers responsible for the design and implementation of storage systems. Attendees should be aware of storage systems concepts; a basic familiarity with SAN and NAS is helpful but not required.

This tutorial will explain the differences and similarities between Storage Area Networks (SAN) and Network Attached Storage (NAS), including an explanation of why NAS is now competing with SAN in certain markets. It will also cover the myriad of backup and recovery options that each brings to the table, and the pros and cons of each of them. It will then offer guidelines on how to decide whether SAN or NAS is right for you.

Topics include:

  • SAN & NAS overview: why and what
  • SAN architecture overview
  • NAS architecture overview
  • Managing SANs
  • Backing up with SANs
  • Managing NAS
  • Backing up NAS

preston_curtis_b&w W. Curtis Preston (S8, S11) is the president of The Storage Group, Inc., a storage consulting firm focused on bridging the gap between customers and storage products. Curtis has ten years' experience designing storage systems for environments both large and small. Curtis has advised the major product vendors regarding product features and implementation methods. He is the administrator of the NetBackup and NetWorker FAQs and answers the "Ask The Experts" backup forum on SearchStorage.com. He is the author of O'Reilly's UNIX Backup & Recovery and Using SANs & NAS, as well as a monthly column in Storage Magazine.


S12 Perl for System Administration: The Networking Power Hours, Part 2 NEW
David N. Blank-Edelman, Northeastern University

Who should attend: System and network administrators with advanced-beginner to intermediate Perl skills (important prerequisite).

Now that we've offered several successful survey courses on using Perl to make system administration easier, it is time to go deeper. In this half-day course we'll take an hour per subject to probe how Perl can be used to work with three different network-related topics. We'll get you jump-started and then dive into the approaches, tools and methods you need to tame these areas with your existing Perl skills.

Part 1 (S9) is not a prerequisite for this class.

Topics include:

  • LDAP: How to use Perl to perform common LDAP operations.
  • Mail
    • Using Perl to send mail with SMTP
    • Using Perl to perform mail operations using POP3 and IMAP
    • Parsing mail
  • Potpourri
    • Parsing logs efficiently and effectively
    • How to roll your own daemons
    • Using encrypted transports from Perl

blank-edelman David N. Blank-Edelman (S9, S12) is the Director of Technology at the Northeastern University College of Computer Science and the author of the O'Reilly book Perl for System Administration. He has spent the last 16 years as a system/network administrator in large multi-platform environments, including Brandeis University, Cambridge Technology Group, and the MIT Media Laboratory. He has served as Senior Technical Editor for the Perl Journal.


S13 Intermediate Topics in Domain Name System Administration
William LeFebvre, CNN Internet Technologies

Who should attend: Network administrators with a basic understanding of DNS and its configuration who need to learn how to create and delegate subdomains, and administrators planning to install BIND8. Attendees are expected either to have prior experience with DNS, including an understanding of basic operation and zone transfers, or to have attended the "Introduction to Domain Name System Administration" tutorial.

Attendees will move beyond the basics into a more thorough understanding of the overall design and implementation of DNS.

Topics include:

  • Subdomains and delegation
  • Resource records: NS, RP, MX, TXT, AAAA
  • Migration to BIND8
  • DNS management tools
  • DNS design
  • DNS and firewalls
lefebvre_bill William LeFebvre (S10, S13) is an author, programmer, teacher, and sysadmin expert who has been using UNIX and Internet technologies since 1983. He writes a monthly column for UNIX Review and has taught since 1989 for such organizations as USENIX, the Sun User Group (SUG), MIS Training Institute, IT Forum, and Great Circle Associates. He has contributed to several widely used UNIX packages, including Wietse Venema's logdaemon package. He is also the primary programmer for the popular UNIX utility top. William is currently a technology fellow at CNN Internet Technologies, exploring the applicability of new technology to one of the busiest Web farms on the Internet. He received his bachelor's degree in 1983 and his master of science degree in 1988, both from Rice University.



?Need help? Use our Contacts page.

Last changed: 27 Sept. 2002 jel
LISA '02 Home
Events calendar
USENIX home