Wednesday, October 29, 2003
8:45 a.m.–10:30 a.m.
Opening Remarks, Awards, Keynote Town & Country Room Keynote Address Inside eBay.com: The System Administrator's Perspective Paul Kilmartin, Director, Availability and Performance Engineering eBay, Inc. Hugely successful internet startup eBay runs a 24x7 auction and retail site with over a billion items for sale annually. Its 75 million registered users keep the servers and networks jumping. Join eBay's director of availability and performance engineering as he reveals some of the behind-the-scenes action that enables eBay to stay at the top of its game.
10:30 a.m.–11:00 a.m.   Break (Grand Foyer)
11:00 a.m.–12:30 p.m.
PAPERS California Room Administering Essential Services Session Chair: Douglas P. Kingston, Deutsche Bank, London Radmind: The Integration of Filesystem Integrity Checking with Filesystem Management Wesley D. Craig and Patrick M. McNeal, The University of Michigan Further Torture: More Testing of Backup and Archive Programs Elizabeth D. Zwicky, Great Circle Associates An Analysis of Database-Driven Mail Servers Nick Elprin and Bryan Parno, Harvard University	INVITED TALKS 1 San Diego Room Outsourcing: Common Problems and Current Trends in the Outsourcing Industry Speaker: John Nicholson, Shaw Pittman LLP Session Chair: Mario Obejas, Raytheon Outsourcing is one of the big cost-saving trends in business today. This talk looks at some of the common, fundamental problems in outsourcing relationships (e.g., unrealistic expectations, unworkable scope definitions) and suggests ways of structuring the relationship to increase its likelihood of success. It also seeks to clarify some of the trends driving the outsourcing industry right now, including vendors going public, offshore outsourcing, and agreement renegotiation.	INVITED TALKS 2 Golden West Room A Case Study in Internet Pathology: Flawed Routers Flood University's Network Speaker: Dave Plonka, University of Wisconsin, Madison Session Chair: Joshua S. Simon, Consultant Consumer electronics manufacturers are producing millions of low-cost Internet hosts, such as routers, switches, and firewalls, which exhibit unique and sometimes unexpected behaviors. I will present a case study in which our University currently finds itself the recipient of spontaneous floods of Network Time Protocol traffic which attain aggregate rates of hundreds of megabits per second from hundreds of thousands of real Internet hosts. The root cause of these floods is actually a serious flaw in the design of one vendor's routers.	GURU SESSIONS Royal Palm Salon 1/2 IPsec Hugh Daniel, Linux FreeS/WAN Project Hugh is responsible for "Systems Testing & Project Mis-Management" for the Linux FreeS/WAN project. He has been active with the IETF IPsec work group for over five years. He has presented talks, papers, and tutorials on IPsec, FreeS/WAN, and Opportunistic Encryption at several conferences, including SANE, APRICOT, USENIX, CCC, HAL, HIP, and many other security and insecurity events. Once upon a time he also was involved with M-Net, The Well, Project Xanadu, and the Cypherpunks, plus numerous consulting tasks.
12:00 noon–7:00 p.m.   Exhibit Hall Open (Golden Ballroom)
12:30 p.m.–2:00 p.m.   Lunch (on your own)
2:00 p.m.–3:30 p.m.
PAPERS California Room Information and Content Management Session Chair: Alva Couch, Tufts University A Secure and Transparent Firewall Web Proxy Roger Crandell, James Clifford, and Alexander Kent, Los Alamos National Laboratory Designing, Developing, and Implementing a Document Repository Joshua S. Simon, Consultant; Liza Weissler, METI DryDock: A Document Firewall Deepak Giridharagopal, The University of Texas at Austin	INVITED TALKS 1 San Diego Room Organizational Maturity Models: Achieving Success and Happiness in Modern IT Environments Speaker: Geoff Halprin, The SysAdmin Group Session Chair: David Williamson, Certainty Solutions With the increasing complexity and workload of IT operations environments, staff are having to do more with less and finding it more difficult than ever to obtain the resources necessary (money, staff, time) to move from a reactive fire-fighting mode to one of control and predictability. In this talk, we look at the problems facing IT organizations and present a structured approach to assessing and maturing local system management practices and walking the Zen path to complete happiness.	INVITED TALKS 2 Golden West Room Network Telescopes: Tracking Denial-of-Service Attacks and Internet Worms Around the Globe Speaker: David Moore, CAIDA (Cooperative Association for Internet Data Analysis) Session Chair: David Parter, University of Wisconsin, Madison Network telescopes provide the unique ability to see large-scale globally dispersed network security events, such as denial-of-service attacks and the spread of Internet worms. A network telescope is a portion of routed IP address space with little or no legitimate traffic. By monitoring unexpected traffic arriving at a telescope, we can determine remote victims of DoS or hosts infected by a worm. This talk covers trends in DoS attacks and victims over the past 2 years, as well as the Code-Red, CodeRed II, and SQL Slammer/Sapphire worms.	GURU SESSIONS Royal Palm Salon 1/2 AFS Esther Filderman, The OpenAFS Project; Garry Zacheiss, MIT Having worked for Carnegie Mellon University since 1988, Esther has been working with AFS since its toddlerhood and is currently a Senior Systems Mangler and AFS administrator for the Pittsburgh Supercomputing Center. Esther has been helping to bring AFS content to LISA conferences since 1997. Garry Zacheiss has spent four years working for MIT Information Systems doing both development and system administration. As a member of the Athena Server Operations team, he works on maintaining and expanding the AFS cells used by Athena, MIT's Academic Computing Environment, as well as enhancing Moira, MIT's host and user account management system.
3:30 p.m.–4:00 p.m.   Break in the Exhibit Hall (Golden Ballroom)
4:00 p.m.–5:30 p.m.
PAPERS California Room System and Network Monitoring Session Chair: Michael Gilfix, IBM Run-time Detection of Heap-based Overflows William Robertson, Christopher Kruegel, Darren Mutz, and Fredrik Valeur, University of California, Santa Barbara Designing a Configuration Monitoring and Reporting Environment Xev Gittler and Ken Beer, Deutsche Bank New NFS Tracing Tools and Techniques for System Analysis Daniel Ellard and Margo Seltzer, Harvard University	INVITED TALKS 1 San Diego Room Internet Governance Reloaded Speaker: Paul Vixie, Internet Software Consortium Session Chair: Deeann Mikula, Consultant Second in an uncertain series, this presentation will bring you up to date on all the recent happenings in the wonderful world of Internet governance. icann, iana, doc, dnrc, secsac, rssac, arin, lacnic, ripe, apnic, itu, aso, dnso, and lions, and tigers, and bears, oh my! NOTE: Due to transportation difficulties caused by the southern California fires, this talk will be presented by kc claffy.	INVITED TALKS 2 Golden West Room High Risk Information: Safe Handling for System Administrators Speaker: Lance Hayden, Advanced Services for Network Security (ASNS) Session Chair: Lynda True, Northrop Grumman Sysadmins face more complex responsibilities than ever, not only for systems themselves, but also challenges from the information resident on those systems. Pornography, private or copyrighted data, and system vulnerabilities are just a few examples of information that threaten organizations and even individual administrators. This talk will help sysadmins understand high-risk information and will recommend ways for sysadmins to meet these challenges and protect their systems.	GURU SESSIONS Royal Palm Salon 1/2 MBAs for Sys Admins Brent Chapman, Great Circle Associates Brent Chapman has nearly 20 years of information technology experience as a Silicon Valley system administrator, network architect, consultant, and IT manager for everything from startups to multi-national corporations. He is the co-author of the highly regarded O'Reilly & Associates book Building Internet Firewalls. He has recently returned to Silicon Valley after taking a couple of years off to earn an MBA at the Melbourne Business School in Australia.
Thursday, October 30, 2003   Back to top
9:00 a.m.–10:30 a.m.
PAPERS California Room Difficult Tasks Made Easier Session Chair: Elizabeth D. Zwicky, Great Circle Associates EasyVPN: IPsec Remote Access Made Easy Mark C. Benvenuto and Angelos D. Keromytis, Columbia University The Yearly Review, or How to Evaluate Your Sys Admin Carrie Gates and Jason Rouse, Dalhousie University Peer Certification: Techniques and Tools for Reducing System Admin Support Burdens While Improving Customer Service Stacy Purcell, Sally Hambridge, David Armstrong, Tod Oace, Matt Baker, and Jeff Sedayao, Intel Corp.	INVITED TALKS 1 San Diego Room Panel: Myth or Reality? Studies of System Administrators Moderators: Jeff R. Allen, Tellme Networks, Inc.; Eser Kandogan, IBM Research Panelists: Nancy Mann, Sun Microsystems, has specialized in solving complex user interface design problems for system management, such as patch installation and user management. Paul Maglio, IBM Research, a researcher and manager of the Human-Systems Research Group, studies how people think about and use information. Kristyn Greenwood, Oracle, has conducted usability evaluations and ethnographic studies to gain insight into what DBAs do and has also participated in the design of a variety of thin client interfaces for managing large-scale enterprise systems. Cynthia DuVal, IBM Software, performs ethnographic research to support integration design and the design of collaboration tools, currently focusing on application administration work practices, interaction design, and emerging technology.	INVITED TALKS 2 Golden West Room Spam Mini Symposium, Part 1 Chairs: Dan Klein, USENIX, assisted by Deeann Mikula, Consultant Unsolicited email has reached epidemic proportions, and some say that it threatens the very concept of email. This symposium will consider the "Spam Problem" and provide insights into the spam explosion, as well as the latest practical techniques for dealing with it. The first part of this mini-symposium will consist of two presentations covering general principles and recent research, presented by independent spam experts. Emerging Spam-Fighting Techniques Robert Haskins, Computer Net Works, Inc.; Rob Kolstad, SAGE New techniques for fighting spam have been developed recently and have been paid increasing attention this year. This talk will discuss new developments in spam detection and suppression, focusing on the promising approach dubbed Bayesian filtering. Adaptive Filtering: One Year On John Graham-Cumming, ActiveState Is adaptive filtering just a toy for tech-savvy desktop users? With over a year since Bayesian spam filters became popular, this talk looks at how well Bayesian spam filtering is working and the challenges in applying it to corporate/enterprise environments (rather than just to individual users). In addition, the talk will summarize some of the ways spammers have attempted to circumvent these new adaptive filters.	GURU SESSIONS Royal Palm Salon 1/2 PKI/Cryptography Greg Rose, QUALCOMM, Inc. Greg Rose is a VP of Technology for QUALCOMM International, based in Australia, where he works on cryptographic security and authentication for third-generation mobile phones and other technologies. He holds a number of patents for cryptographic methods and has successfully cryptanalyzed widely deployed ciphers. Some of his papers and free software are available at https://www.qualcomm.com.au.
10:00 a.m.–4:00 p.m.   Exhibit Hall Open (Golden Ballroom)
10:30 a.m.–11:00 a.m.   Break in the Exhibit Hall (Golden Ballroom)
11:00 a.m.–12:30 p.m.
PAPERS California Room Emerging Theories of System Administration Session Chair: Æleen Frisch, Exponential Consulting ISconf: Theory, Practice, and Beyond Luke Kanies, Reductive Consulting, LLC Seeking Closure in an Open World: A Behavioral Agent Approach to Configuration Management Alva Couch, John Hart, Elizabeth G. Idhaw, and Dominic Kallas, Tufts University Archipelago: A Network Security Analysis Tool Tuva Stang, Fahimeh Pourbayat, Mark Burgess, Geoffrey Canright, Kenth Engø, and Åsmund Weltzien, Oslo University College	INVITED TALKS 1 San Diego Room Coping with the Disappearance of Network Boundaries Speaker: Peyton Engel, Berbee Session Chair: Lynda True, Northrop Grumman It's getting more and more difficult for administrators of networks, servers, and applications to tell where their duties begin and end. Technologies such as wireless networking, VPNs, distributed computing, and load-balancing gear are eroding the boundaries that have defined some traditional I/T roles. As organizations begin to incorporate these new technologies, security is frequently a casualty, simply because these tools can undermine the familiar conceptual frameworks we use for evaluating risk. This talk will demonstrate that the techniques needed to cope with the present family of emerging threats have existed for some time, and will offer insight into the kind of networked services that will be best positioned to prosper in an atmosphere where familiar defenses continue to erode.	INVITED TALKS 2 Golden West Room Spam Mini Symposium, Part 2 Panel Discussion: Current Best Practices and Forthcoming Advances Laura Atkins, SpamCon Foundation John Graham-Cumming, ActiveState Robert Haskins, Computer Net Works, Inc. Rob Kolstad, SAGE Daniel Quinlan, Spam Assassin Ken Schneider, Brightmail This session has two parts. First, representatives from three anti-spam software projects will briefly highlight the latest innovations in their products. After these short presentations, the speakers from the first session will join them for a question-and-answer panel about the best methods for dealing with spam, both now and in the near future.	GURU SESSIONS Royal Palm Salon 1/2 Linux Bdale Garbee, HP Linux and Open Source Lab/Debian Bdale is the former Debian Project Leader and currently works at HP helping to make sure Linux will work well on future HP systems. His background includes many years of both UNIX internals and embedded systems work. He helped jump-start ports of Debian GNU/Linux to 5 architectures other than i386. When Bdale isn't busy keeping his basement computer farm, full of oddball systems running Linux, working, he's busy with amateur radio, mostly likely building amateur satellites.
12:30 p.m.–2:00 p.m.   Lunch (on your own)
2:00 p.m.–3:30 p.m.
PAPERS California Room Practicum: Unusual Techniques from the Front Lines Session Chair: Mario Obejas, Raytheon Three Practical Ways to Improve Your Network Kevin Miller, Carnegie Mellon University Tossing Packets Over the Wall Using Transmit-Only Ethernet Cables Jon Meek and Frank Colosimo, Wyeth The Realities of Deploying Desktop Linux Bevis King, Roger Webb, and Graeme Wilford, University of Surrey	INVITED TALKS 1 San Diego Room Security vs. Science: Changing the Security Culture of a National Lab Speaker: Rémy Evard, Argonne National Laboratory Session Chair: Elizabeth Zwicky, Great Circle Associates Two years ago, Argonne National Laboratory had continual security problems and was rated very poorly in several federal security audits, with potentially devastating consequences. Today, the Laboratory has a strong security environment that passed its most recent audit with flying colors. And, despite many fears, Argonne scientists are still able to collaborate with colleagues around the world. This talk will tell the story of the Laboratory's about-face. It will cover tools, practical techniques, policies, lessons learned, and mistakes to avoid.	INVITED TALKS 2 Golden West Room Talking to the Walls (Again) Speaker: Mark Burgess, Oslo University College Session Chair: David Blank-Edelman, Northeastern University Within a decade the dream of pervasive computing will be a reality. Computers will be built into almost every device. Houses will be designed like computing ecologies, wired throughout. Surfaces will be interactive, and wireless communication will bind us to this infra-structure. What scientific and technological principles will be required to remain in control of this scenario, and what are its security implications? This kind of highly distributed environment has not only technological but social implications as we see technology increasingly being used to bolster established social structures, as well as create new ones.	GURU SESSIONS Royal Palm Salon 1/2 Automated System Administration/Infrastructure Paul Anderson, Univ. of Edinburgh; Steve Traugott, Infrastructures.Org Paul Anderson is a Principal Computing Officer with the School of Informatics at Edinburgh University in Scotland. He has been interested in large-scale system configuration issues for many years and is the primary author of the LCFG configuration system. He is currently involved in several research projects, attempting to bring together rigorous computer science techniques and practical configuration tools. Steve helped pioneer the term "Infrastructure Architecture" and has worked toward industry acceptance of this "SysAdmin++" career track for the last several years. He is a consulting Infrastructure Architect and publishes tools and techniques for automated system administration. His deployments have ranged from financial trading floors and NASA supercomputers to Web farms and growing startups.
3:30 p.m.–4:00 p.m.   Break in the Exhibit Hall (Golden Ballroom)
4:00 p.m.–5:30 p.m.
PLENARY SESSION (Town & Country Room) The Top Problems in the Internet and What Researchers and Sysadmins Can Do to Help kc claffy, CAIDA (Cooperative Association for Internet Data Analysis)
Friday, October 31, 2003   Back to top
9:00 a.m.–10:30 a.m.
PAPERS California Room Configuration Management: Tools and Techniques Session Chair: Michael Gilfix, IBM Awarded Best Paper! STRIDER: A Black-box, State-based Approach to Change and Configuration Management and Support Yi-Min Wang, Chad Verbowski, John Dunagan, Yu Chen, Helen J. Wang, Chun Yuan, and Zheng Zhang, Microsoft Research CDSS: Secure Distribution of Software Installation Media Images in a Heterogeneous Environment Ted Cabeen, Impulse Internet Services; Job Bogan, Consultant Virtual Appliances for Deploying and Maintaining Software Constantine Sapuntzakis, David Brumley, Ramesh Chandra, Nickolai Zeldovich, Jim Chow, Monica S. Lam, and Mendel Rosenblum, Stanford University	INVITED TALKS 1 San Diego Room Through the Lens Geekly: How Sysadmins Are Portrayed in Pop Culture Speaker: David N. Blank-Edelman, Northeastern University Session Chair: Pat Wilson, University of California, San Diego People outside our profession think they know who we are and what we do for a living. They've formed assumptions about us and how we work even before they've met us, which in turn color their perceptions and shape their interactions with us. To be effective we need to understand this context and its origins. A good portion of it comes from popular culture: movies, television, and other mass media. Movie clips and other source material will entertain you, and more important, give you new insight into just what ways much of the world views our profession.	INVITED TALKS 2 Golden West Room How to Get Your Papers Accepted at LISA (PDF) (Combined with the concurrent Guru-Is-In Session) Speakers: Tom Limoncelli, Lumeta Corporation, Adam Moskowitz, Menlo Computing Session Chair: Lee Damon, University of Washington This presentation will help you write a successful proposal for a LISA paper. We'll help you identify good paper topics, teach you how to present your ideas, and explain the submission process so there will be no surprises. We will present time-saving techniques and other advice that we've learned from being authors as well as from sitting on the program committee itself. We'll also discuss the many pitfalls that potential authors can fall into before the first word is ever written. View presentation as QuickTime video	GURU SESSIONS   See the "INVITED TALKS 2" session scheduled at this time.
10:30 a.m.–11:00 a.m.   Break (Grand Foyer)
11:00 a.m.–12:30 p.m.
PAPERS California Room Configuration Management: Analysis and Theory Session Chair: Michael Gilfix, IBM Generating Configuration Files: The Director's Cut Jon Finke, Rensselaer Polytechnic Institute Preventing Wheel Reinvention: The psgconf System Configuration Framework Mark D. Roth, University of Illinois at Urbana–Champaign SmartFrog Meets LCFG: Autonomous Reconfiguration with Central Policy Control Paul Anderson, University of Edinburgh; Patrick Goldsack, HP Research Laboratories; Jim Paterson, University of Edinburgh	INVITED TALKS 1 San Diego Room Security Lessons from "Best in Class" Organizations Speaker: Gene Kim, Tripwire, Inc. Session Chair: Deeann Mikula, Consultant A few organizations have somehow figured out how to get Operations, Security, Audit, and Management to work together to meet common objectives, resulting in the highest service levels (e.g., lowest MTBF), earliest integration of security into the ops lifecycle, and the highest spans of controls (best automation allows assigning more servers per sysadmin). What makes these "best in class" organizations so different from the rest of the herd, quantitatively, qualitatively, and behaviorally? In this talk, I will present some of my research results and their surprising conclusions. I'll also talk about the passions I've developed as a result of this work, including repeatable and verifiable processes and process improvement.	INVITED TALKS 2 Golden West Room What Washington Still Doesn't Get Speaker: Declan McCullagh, CNET News.com Session Chair: Esther Filderman, The OpenAFS Project A realistic firsthand view of today's legislative attempts to outlaw unsolicited email, ban piracy, restrict politically unpopular technology, and generally make the Internet a much less interesting place. Declan McCullagh is a longtime Washington denizen who has been running UNIX on the desktop since 1988 and maintains a Red Hat server for Politech, his technology and politics mailing list. For his day job as a correspondent for CNET News.com, he chronicles how Congress, the White House, and the judiciary wrestle with technology—and rarely end up on top.	GURU SESSIONS Royal Palm Salon 1/2 Professional Growth and Development David Parter, University of Wisconsin, Madison David has been a system administrator at the University of Wisconsin Computer Science Department since 1991, serving as Associate Director of the Computer Systems Lab since 1995. David has been the senior system administrator, guiding a staff of 8 full-time sysadmins and supervising up to 12 student sysadmins at a time. His experiences in this capacity include working with other groups on campus; providing technical leadership to the group; managing the budget; dealing with vendors; dealing with faculty; and training students. As a consultant, he has dealt with a variety of technical and management challenges. He has sat on the SAGE executive committee since December 1999, serving as SAGE President in 2001-2002.
12:30 p.m.–2:00 p.m.   Lunch (on your own)
2:00 p.m.–3:30 p.m.
PAPERS California Room Network Administration Session Chair: David Williamson, Certainty Solutions Awarded Best Paper! Distributed Tarpitting: Impeding Spam Across Multiple Servers Tim Hunter, Paul Terry, and Alan Judge, eircom.net Using Service Grammar to Diagnose BGP Configuration Errors Xiaohu Qie, Princeton University; Sanjai Narain, Telcordia Technologies Splat: A Network Switch/Port Configuration Management Tool Cary Abrahamson, Michael Blodgett, Adam Kunen, Nathan Mueller, and David Parter, University of Wisconsin, Madison	INVITED TALKS 1 San Diego Room Stick, Rudder, and Keyboard: How Flying My Airplane Makes Me a Better Sysadmin Speaker: Ross Oliver, Tech Mavens, Inc. Session Chair: David Blank-Edelman, Northeastern University The airport may seem a long way from the machine room, but sysadmins can still benefit from aviators. Ross Oliver, a licensed pilot and 15-year sysadmin veteran, will describe how his sysadmin abilities have been enhanced by aviation skills and techniques, and how you can apply them without actually taking to the air.	INVITED TALKS 2 Golden West Room Security Without Firewalls Speaker: Abe Singer, San Diego Supercomputer Center Session Chair: Alva Couch, Tufts University SDSC does not use firewalls, yet we have managed to go almost 4 years without an intrusion. Our success raises to the issue that there are no good empirical data to show us which protection methods are effective and which are not. SDSC's approach defies some common beliefs, but we suggest that our approach may be more successful. This talk will touch on our experiences, our threat/risk model, our implementation, some of the mistakes we've made, and why we need better data for effective risk quantification and analysis.	WORK-IN-PROGRESS REPORTS Town & Country Room Chair: David Hoffman, Stanford University Short, pithy, and fun, Work-in-Progress reports introduce interesting new or ongoing work. If you have work you would like to share or a cool idea that's not quite ready for publication, send a one- or two-paragraph summary to lisa03wips@usenix.org. We are particularly interested in presenting students' work. A schedule of presentations will be posted at the conference, and the speakers will be notified in advance. Work-in-Progress reports are five-minute presentations; the time limit will be strictly enforced.
3:30 p.m.–4:00 p.m.   Break (Grand Foyer)
4:00 p.m.–5:30 p.m.
The LISA Game Show (Town & Country Room) Closing out this year's conference, the LISA Game Show will once again pit attendees against each other in a test of technical knowledge and cultural trivia. Host Rob Kolstad and sidekick Dan Klein will provide the questions and color commentary for this always memorable event.