All Technical Sessions will be held in the New Orleans Marriott Hotel.

Dr. Felten Goes to Washington: A Personal View of the Microsoft Case
Edward Felten, Princeton University

Edward Felten recently served as an expert witness in the Microsoft antitrust case and as a consultant to the Department of Justice. He will talk about his experiences in working on this high-profile case, and what he learned about the law, economics, computer science, and connections among them.

To Be Announced

The Toolshed
Session Chair: Phil Scarr, Certainty Solutions

xps--Dynamic Process Tree Watching
Under X
Rocky Bernstein, Breakaway Solutions

Extending UNIX System Logging with SHARP
Matthew Bing and Carl Erickson, Grand Valley State University

Peep (The Network Auralizer): Monitoring Your Network with Sound
Michael Gilfix and Alva Couch, Tufts University

Experiences with Incident Response at The Ohio State University
Steve Romig, The Ohio State University

Steve will talk about his experiences with incident response at OSU. He'll talk briefly about the formation and current structure of the OSU incident response team, the services they provide, and how they approach incident response. The majority of the talk will cover real-life successes and failures (and amusing anecdotes) from a large and long-running investigation of two local cracking groups.

Broadband Changes Everything
Brent Chapman, Great Circle Associates, Inc.

End users today are connecting to the Internet at speeds that, a couple of years ago, were available at only the best-connected sites and were shared by hundreds or even thousands of users. And the "always on" nature of broadband is likely to have even more fundamental and far-reaching consequences. This talk will give you an introduction to end-user broadband services and an idea of how they'll change your life both as a user and as a network manager.

1984
Session Chair: Jeff Allen

Thresh--A Data-Directed SNMP Threshold Poller
John Sellens, Certainty Solutions

eEMU: A Practical Tool and Language for System Monitoring and Event Management
Jarra Voleynik, eEMUconcept Pty Ltd

Aberrant Behavior Detection in Time Series for Network Service Monitoring
Jake D. Brutlag, Microsoft WebTV

Integrating LDAP in a Heterogeneous Environment
Leif Hedstrom, Netscape

This talk discusses the intricacies and obstacles, as well as the joy, in integrating LDAP into a heterogeneous environment at Netscape. The audience will learn from our experiences, as well as find out what is available today. Not just a beginner's guide to LDAP, the presentation emphasizes a primarily UNIX environment but of course covers Windows NT and 2000 integration.

Cops are from Mars, Gurus are from Pluto: Dealing with "the Feds" and Other Cops
Tom Perrine, Pacific Institute of Computer Security

Every system administrator will have to deal with law enforcement at some time, usually in connection with a security incident. This talk is about how to interact with them effectively. It covers cultural differences and language barriers, differing goals, ways to build bridges, and how to spot a "fake Fed." Jurisdictional issues, preserving evidence, and guidelines for testifying in court are also covered.

The Sorcerer's Apprentice
Session Chair: Josh Simon, Collective Technologies

PIKT, "Problem Informant/Killer Tool"
Robert Osterlund, University of Chicago

Relieving the Burden of System Administration Through Support Automation
Allan Miller and Alex Donnini, HandsFree Networks

FTP Mirror Tracker: First Steps Towards URN
Alexei Novikov, ITEP, and Martin Hamilton, Loughborough University, UK,

Mapping Corporate Intranets and Internets
Bill Cheswick, Lumeta Corporation

Bill will talk about what the researchers at Bell Labs and Lumeta have learned about mapping corporate intranets. As intranets grow they become more difficult to track. By mapping corporate networks they have been able to find security problems, gain a better understanding of what's out there, and provide pretty pictures of the network which management finds useful.

Does It Take the Same Skill Set to Secure a System as to Break into It?
Panelists: Peter Shipley, Lab OneSecure Inc.; Mark Hardy, Guardent, Inc.; and Elias Levy, securityfocus.com

With myriad companies bidding for the contract to secure your Internet services, two questions arise: (1) "What does it take to do the job?" (2) "If this company hires 'reformed hackers,' is that good or bad?" Are these people competent? Should you contract with a company that employs reformed hackers or convicted felons? Conversely, why should you trust a company that doesn't have people who know security from both sides? This panel includes representatives from the cracking community, corporate and professional services, and law enforcement.