Monterey Conference Center Monday–Saturday Spanning over 25 years of experience and expertise, USENIX ’02 offers unparalleled opportunities to explore the most influential emerging technical issues and get trained by master practitioners in cutting- June 10–15, 2002 edge technologies. Don’t miss this opportunity to join leading developers, researchers, system adminis- trators, and engineers at the core conference for the advanced computing community. Register today! FREE Vendor Exhibition Conference Highlights June 13–14 TECHNICAL TUTORIALS KERNELS DISCOUNT DATE! FreeBSD by Marshall Kirk McKusick Early Bird Registration & Linux by Ted Ts’o Hotel Discount Solaris by James Mauro & Richard McDougall Deadline: SYSADMIN FRIDAY, MAY 17, 2002 Topics in UNIX and Linux Administration by Trent Hein, Ned McClain, & Evi Nemeth System & Network Performance Tuning by Marc Staveley Contents Practical Wireless IP by Phil Cox & Brad Johnson Advanced Solaris Sysadmin by Peter Galvin 3 Letter from the Program Chairs SECURITY 4 Conference at a Glance Building Honey Pots by Marcus Ranum 5 Vendor Exhibition Cisco’s Security Features by John Stewart 6–15 Tutorial Program Introduction to Computer Security by Avi Rubin 15–17 Tutorial Instructors 17 SAGE Certification Program INVITED TALKS 18–22 Technical Sessions Eric Allman, Sendmail, Inc., on Taking an Open Source Project 23 AFS Workshop

to Market 24 The Guru Is In Sessions Steve Bellovin, AT&T Labs—Research, on Internet Standards 25 Special Conference Features Alan Davidson, Center for Democracy and Technology, on Technology, 26 Registration Information Liberty, and Washington 26 Student Discounts and Bruce Schneier, Counterpane Internet Security, on Fixing Network Security by Stipends Hacking the Business Climate 26 Hotel and Travel Information BIRDS-OF-A-FEATHER SESSIONS 27 Registration Form Linux BoF Led by Linus Torvalds and Ted Ts’o BSD Groups (NetBSD, OpenBSD, Darwin, FreeBSD, BSD/OS)

RECEPTION AT THE MONTEREY BAY AQUARIUM

USENIX is a registered trademark of the USENIX Association. USENIX acknowledges all trademarks herein.

2 REGISTER TODAY: www.usenix.org/events/usenix02/ An Invitation from the Program Chairs

Dear Colleague, Technical progress in the computer field has not stood still during this eventful year. The USENIX Annual Tech ’02 program reflects the needs of this dynamic community, covering a wealth of emerging technical issues and exploring the

CARLA ELLIS CHRIS DEMETRIOU influence they will have on our field. This conference is the place to meet peers, learn from the experts, and share solutions. Featuring expert instructors and a wide range of topics, our technical tutorials offer practical techniques that you can put to immediate use. Security is a major Conference Organizers theme this year, with tutorials addressing all levels, from a basic introduction, to Program Chair using system-specific security features, to practical cryptography. Other tutorials Carla Ellis, Duke University include system administration for various environments, kernal internals, Program Committee performance tuning, networking, and much more. Darrell Anderson, Duke University High-quality refereed papers are the cornerstone of this conference’s reputation Mary Baker, Stanford University for ground-breaking research. Presentations will include new work on file and Frank Bellosa, University of Erlangen-Nuernberg storage systems, networking, programming models, network services, and mobile Greg Ganger, Carnegie Mellon University computing. It is always exciting to meet the bright young student researchers who Mike Jones, Microsoft Research have contributed to so many of the papers. Patrick McDaniel, AT&T Labs—Research The FREENIX refereed track is the best place to hear about the latest develop- Jason Nieh, Columbia University ments from the freely-redistributable software community. Whether you're interested Vern Paxson, ACIRI Elizabeth Shriver, Bell Labs in hearing about Linux, *BSD, or X11-based graphical environments, or you just want Christopher Small, Sun Microsystems a look at some of the hot new work being made available to the public, the FREENIX Mirjana Spasojevic, Hewlett Packard track has something for you. Mike Spreitzer, IBM Our Keynote address features Professor Lawrence Lessig from Stanford Amin Vahdat, Duke University University who’s talk “The Internet’s Coming Silent Spring” will show how the Invited Talks Coordinators Internet, originally built to enable neutral and unrestrained innovation, is now being Matt Blaze, AT&T Labs—Research undermined by those who were threatened by it’s original network architecture. Ted Faber, USC Information Sciences Institute Our Guru Is In sessions give you the opportunity to ask experts for answers on FREENIX Program Chair a range of topics from Linux on handhelds to legacy systems. Work-in-Progress Chris Demetriou, Broadcom Corp. Reports will give previews to research that is just on the horizon. Plus, you can FREENIX Program Committee organize your own Birds-of-a-Feather session to gather attendees with similar inter- Chuck Cranor, AT&T Labs–Research ests. Jim McGinness, Consultant Newcomers and past attendees will find that our Annual Technical Conference Craig Metz, Extreme Networks offers a wealth of knowledge and insight. Join us in Monterey on June 10–15, 2002, Toon Moene , GNU Fortran Team to learn, to connect with people in your field, and to party! Keith Packard, XFree86 Core Team & SuSE, Inc. Niels Provos, University of Michigan For the USENIX 2002 Program Committees, Robert Watson, NAI Labs & The FreeBSD Project Carla Ellis, Duke University Erez Zadok, SUNY at Stony Brook Chris Demetriou, Broadcom Corp. “The Guru Is In” Coordinator Program Chairs Lee Damon, University of Washington

FOR MORE INFORMATION: Call 1.510.528.8649 3 Conference at a Glance

Sunday, June 9 5:00 p.m.–9:00 p.m. On-Site Registration 6:00 p.m.–7:00 p.m. Welcome Get-Together 7:00 p.m.–8:00 p.m. Conference Orientation Monday, June 10 7:30 a.m.–5:00 p.m. On-Site Registration 9:00 a.m.–5:00 p.m. Tutorial Program Tuesday, June 11 7:30 a.m.–5:00 p.m. On-Site Registration 9:00 a.m.–5:00 p.m. Tutorial Program 9:00 a.m.–5:00 p.m. AFS Workshop Wednesday, June 12 7:30 a.m.–5:00 p.m. On-Site Registration 9:00 a.m.–5:00 p.m. Tutorial Program 9:00 a.m.–5:00 p.m. AFS Workshop 6:00 p.m.–10:00 p.m. Birds-of-a-Feather Sessions Thursday, June 13 7:30 a.m.–5:00 p.m. On-Site Registration 8:45 a.m.–10:30 a.m. Keynote Address 11:00 a.m.–5:30 p.m. Technical Program 12:00 p.m.–7:00 p.m. Vendor Exhibition 5:30 p.m.–7:00 p.m. Exhibit Happy Hour 6:00 p.m.–10:00 p.m. Birds-of-a-Feather Sessions Friday, June 14 7:30 a.m.–5:00 p.m. On-Site Registration 9:00 a.m.–5:30 p.m. Technical Program 10:00 a.m.–4:00 p.m. Vendor Exhibition 12:30 p.m.–2:00 p.m. Lunch in the Exhibition Hall 8:00 p.m.–10:00 p.m. Dessert Reception at the Aquarium 10:00 p.m.–midnight Birds-of-a-Feather Sessions Saturday, June 15 9:00 a.m.–3:30 p.m. Technical Program 4:00 p.m.–5:30 p.m. Joint Closing Session

4 CONFERENCE AT A GLANCE USENIX 2002 Vendor Exhibition

DOUBLETREE HOTEL MONTEREY THURSDAY, JUNE 13, 12 NOON–7:00 P.M. FRIDAY, JUNE 14, 10:00 A.M.–4:00 P.M.

Preview innovative products and services Get the details from well-informed vendor representatives Compare solutions quickly on the floor, saving hours of research

EXHIBITORS (AS OF 2/13/02)

AC&NC Compaq Computer Resilience Corp. www.acnc.com www.compaq.com www.resilience.com Addison-Wesley Enlighten Software Sleepycat Software www.aw.com www.enlightendsm.com www.sleepycat.com Apple Computer Inc. ESM Services Soft Tech www.apple.com www.esm.com www.stsolutions.com Aptitune Corp. John Wiley & Sons Symark Software www.aptitune.com www.wiley.com www.symark.com Cambridge Computer Linux International TeraSolutions, Inc. www.camcom.com www.li.org www.terasolutions.com CERT O'Reilly & Associates Vita Nuova Holdings www.cert.org www.oreilly.com www.vitanuova.com CMP Media Overland Data Zzyzx Peripherals www.cmp.com www.overlanddata.com www.zzyzx.com

For exhibit and sponsorship opportunities, contact Shelley Gottlieb, [email protected].

FREE EXHIBIT ADMISSION PASS at www.usenix.org/events/usenix02/

About USENIX About SAGE http://www.usenix.org/ http://www.sage.org/ USENIX is the Advanced Computing Systems Association. SAGE, the System Administrators Guild, is a special technical Since 1975, USENIX has brought together the community of group within USENIX. SAGE is dedicated to the recognition system administrators, engineers, scientists, and technicians and advancement of the system administration profession. working on the cutting edge of the computing world. USENIX and its members are engaged in problem-solving, in innovation, and in research that works.

THE ADVANCED COMPUTING SYSTEMS ASSOCIATION

QUESTIONS? Ask [email protected] 5 Tutorials Mon.–Wed., June 10–12

o meet your needs, the Tutorial Program at the USENIX Annual Technical Conference provides in-depth, immediately useful instruction in the latest techniques, effective tools, and best strategies. TUSENIX tutorials survey the topic, then dive right into the specifics of what to do and how to do it. Instructors are well- known experts in their fields, selected for their ability to teach complex subjects. Attend USENIX tutorials at Annual Tech ’02 and take valuable skills back to your company or organization. Register now to guarantee your first choice—seating is limited.

MONDAY TUESDAY

M1 Advanced Solaris System Administration Topics T1 Building Secure Software NEW

M2 An Introduction to Computer Security NEW T2 Issues in UNIX Infrastructure Design

M3 Inside the Linux Kernel T3 Solaris Internals: Architecture, Tips, and Tidbits

M4 System and Network Monitoring NEW T4 Topics in UNIX and Linux Administration, Part 1 NEW

M5 Sendmail Configuration and Operation (Updated for Sendmail 8.12) T5 Perl for System Administration: The Power and the Praxis

M6 Socket Programming NEW T6 Real-World Intrusion Detection: Problems and Solutions M7 UNIX Security Threats and Solutions NEW

T7 Practical UNIX Cryptography NEW M8 FreeBSD Kernel Internals: Data Structures, Algorithms, and Networking—Part 1 T8 FreeBSD Kernel Internals: Data Structures, Algorithms, and Networking—Part 2

6 QUESTIONS? Call 1.510.528.8649 Mon.–Wed., June 10–12 Tutorials

Our guarantee: If you’re not happy, we’re TUTORIAL FEES INCLUDE: ADMISSION TO THE TUTORIALS YOU not happy. If you feel a tutorial does not meet MONDAY, SELECT the high standards you have come to expect JUNE 10, 2002 LUNCH TUTORIAL CD-ROM from USENIX, let us know by the first break and PRINTED AND BOUND TUTORIAL Advanced Solaris System we will change you to any other available tuto- MATERIALS FROM YOUR SESSIONS Administration Topics ADMISSION TO THE VENDOR EXHIBIT M1 rial immediately. Peter Baer Galvin, Corporate Technologies Who should attend: UNIX administra- tors who need more knowledge of Solaris administration. CONTINUING We will discuss the major new features WEDNESDAY EDUCATION of recent Solaris releases, including which UNITS (CEUs) to use (and how) and which to avoid. This USENIX provides in-depth course will provide the informa- W1 Blueprints for High Availability: Designing Continuing Educa- tion you need to run a Solaris installation Resilient Distrbuted Systems tion Units for a effectively. Updated to include Solaris 8 and small additional ad- several other new topics. ministrative fee. Topics include: The CEU is a Installing and upgrading W2 Practical Wireless IP: Concepts, Administration, nationally recog- Architecting your facility and Security nized standard unit Choosing appropriate hardware of measure for con- Planning your installation, file- tinuing education system layout, post-installation and training, and is W3 Building Honey Pots for Intrusion Detection NEW Installing (and removing) patches used by thousands and packages of organizations. Advanced features of Solaris Each full-day tuto- File systems and their uses W4 Topics in UNIX and Linux Administration, rial qualifies for 0.6 The /proc file system and commands Part 2 NEW CEUs. You can re- Useful tips and techniques quest CEU credit by Networking and the kernel completing the CEU Virtual IP: configuration and uses section on the reg- Kernel and performance tuning: W5 Exploring the Potential of LDAP istration form. new features, adding devices, tun- USENIX provides a ing, debugging commands certificate for each Devices: naming conventions, W6 System and Network Performance Tuning attendee taking a drivers, gotchas tutorial for CEU Enhancing Solaris credit and main- tains transcripts for W7 Cisco’s Security Features: What They Are, Where all CEU students. An Introduction to to Use Them, and How to Configure Them NEW CEUs are not the M2 Computer Security NEW same as college credits. Consult Avi Rubin, AT&T Labs–Research your employer or Who should attend: Anyone with a W8 PHP—Scripting the Web NEW school to determine computer science degree or the equivalent their applicability. experience who is not an expert in computer security. IT managers who need to understand how to evaluate risk, what the dangers are, and what countermeasures are available. We will emphasize issues of importance to system administrators. As more and more of our lives move online, we are exposing more of ourselves

SAVE $$: Register for 3 Days of Tutorials 7 Tutorials Mon.–Wed., June 10–12

to often untraceable, malicious, and Topics include: available monitoring packages. The empha- automated attack: credit card numbers, How the Linux kernel is organized: sis will be on the practical, and the tutorial data, a group of machines that we manage, scheduler, virtual memory system, will provide examples of easy-to-implement our time, our privacy. This tutorial seeks to filesystem layers, device driver layers, monitoring techniques. sweep a broad brush across the field of and networking stacks Topics include: computer security, addressing in particular The interface between each module Monitoring—goals, techniques, the practical aspects of the field. and the rest of the kernel, and the reporting Topics include: functionality provided by that inter- SNMP—the protocol, reference Assessing risk face materials, relevant RFCs Viruses and worms The common kernel support Introduction to SNMP MIBs Cryptography functions and algorithms used by (Management Information Bases) Secure data storage and backup that module SNMP tools and libraries Secure data transfer, including SSL How modules provide for multiple Other non-SNMP tools and IPsec implementations of similar function- Security concerns when using SNMP Public Key Infrastructure (PKI) ality (network protocols, filesystem and other tools on the network Firewalls types, device drivers, and Monitoring applications—introduc- Intrusion detection architecture-specific machine tions, use, benefits and Network sniffing and sniff detection interfaces) complications, installation and con- Denial-of-service attacks Basic ground rules of kernel program- figuration (Big Brother, NetSaint, E-commerce and privacy ming (dealing with issues such as SNIPS, MRTG, Cricket, etc.) Attendees should leave with a general races and deadlock conditions) Special situations—remote locations, understanding of the field and a direction Implementation of the most impor- firewalls, etc. for learning more about each topic covered. tant kernel algorithms and their gen- Monitoring implementation eral properties (aspects of portability, roadmap—policies, practices, notifi- Inside the performance, and functionality) cations, escalations, reporting The main similarities and differences Participants should expect to leave the M3 Linux Kernel between Linux and traditional UNIX tutorial with the information needed to kernels, with attention to places Ted Ts’o, IBM Linux Technology Center immediately start using a number of moni- where Linux implements significantly toring systems and techniques to improve Who should attend: Application different algorithms their ability to manage and maintain their programmers and kernel developers. You Details of the Linux scheduler, its systems and networks. should be reasonably familiar with C VM system, and the ext2fs file system programming in the UNIX environment, The strict requirements for ensuring but no prior experience with the UNIX or that kernel code is portable Sendmail Configuration Linux kernel code is assumed. M5 and Operation (Updated This tutorial will give you an introduc- System and Network for Sendmail 8.12) tion to the structure of the Linux kernel, the basic features it provides, and the most M4 Monitoring NEW Eric Allman, Sendmail, Inc. important algorithms it employs. John Sellens, Certainty Solutions Who should attend: System administra- The Linux kernel aims to achieve tors who want to learn more about the Network and sys- conformance with existing standards and Who should attend: sendmail program, particularly details of tem administrators interested in real-life, compatibility with existing operating configuration and operational issues (this practical, host- and network-based monitor- systems; however, it is not a reworking of tutorial will not cover mail front ends). ing of their systems and networks. existing UNIX kernel code. The Linux ker- This intense, fast-paced tutorial is aimed at Participants should have an understanding nel was written from scratch to provide people who have already been exposed to of the fundamentals of networking, basic both standard and novel features, and takes sendmail. It describes the latest release of familiarity with computing and network advantage of the best practice of existing sendmail from Berkeley, version 8.12. components, and some familiarity with UNIX kernel designs. Topics include: UNIX and scripting languages. Although the material will focus on the The basic concepts of configuration: release version of the Linux kernel, it will This tutorial will introduce the concepts mailers, options, macros, classes, also address aspects of the development ker- and functions of monitoring systems and keyed files (databases), and rewriting nel codebase where its substance differs. It will describe the Simple Network rules and rulesets will not contain any detailed examination Management Protocol (SNMP). It will Configuring sendmail using the M4 of the source code but will, rather, offer an review some of the most popular monitor- macro package overview and roadmap of the kernel’s ing tools and will cover the installation and Day-to-day management issues, design and functionality. configuration of a number of freely including alias and forward files,

8 REGISTER EARLY FOR TUTORIALS: Get Your First Choice! Mon.–Wed., June 10–12 Tutorials

“special” recipients (files, programs, UNIX Security Threats programming language. They should have and include files), mailing lists, com- an understanding of fundamental mand line flags, tuning, and security and Solutions NEW algorithms (searching, sorting, and hashing) M7 How sendmail interacts with DNS Matt Bishop, University of California, Davis and data structures (lists, queues, and arrays). Students will not need to prove Who should attend: Anyone interested relationship with a source license holder, as Socket in threats to UNIX security and how to source code examples will be taken from Programming NEW deal with them. the freely distributable FreeBSD system. M6 This tutorial uses case histories to show George V. Neville-Neil, Neville-Neil This course will provide a firm what vulnerabilities the attackers exploited, background in the FreeBSD kernel. The Consulting how the system administrators might have POSIX kernel interfaces will be used as Who should attend: Anyone whose closed those loopholes, and how the intrud- examples where they are defined. Where responsibility it is to write or maintain ers were discovered. Concepts and mecha- they are not defined, the FreeBSD inter- code that uses the sockets API. The ability nisms, as well as publicly available tools, are faces will be described. The course will to read C code is required. A basic discussed. This course focuses on non-net- cover basic kernel services, process struc- understanding of computer networks is work problems. ture, virtual and physical memory manage- a plus. Topics include: ment, scheduling, paging and swapping. The sockets API is the most widely used Security policies vs. security The kernel I/O structure will be described and accepted set of interfaces for mechanisms showing how I/O is multiplexed, special implementing client/server network appli- Password security and cracking devices are handled, character processing is cations. It is implemented on all flavors of Files and auditing done, and the buffer pool is managed. The UNIX, the Windows platform, and many Access control mechanisms implementation of the filesystem and its embedded operating systems (VxWorks, Management of privileges capabilities including updates will be de- PSOS, etc.). Familiarity with this API set is Malicious logic and the UNIX scribed. The filesystem interface will then a must for anyone who writes or maintains system be generalized to show how to support network applications. Basic vulnerabilities analysis multiple filesystem types such as Sun This course uses working examples to Basic incident management Microsystem’s Network File System (NFS). teach software engineers and programmers Security holes past and current The course will also cover the FreeBSD how to use the sockets API to create their Managing the humans socket-based network architecture, layering, own client and server applications. The dif- Where to get help and implementation. The socket communi- ferences between the TCP and UDP trans- cations primitives and internal layering will port protocols for network applications are FreeBSD Kernel Internals: be discussed, with emphasis on the inter- highlighted throughout so that the student Data Structures, faces between the layers; the TCP/IP imple- comes away with a clear understanding of M8 mentation will be used as an example. A when it is appropriate to use which Algorithms, and discussion of routing issues will be in- technology. Networking—Part 1 cluded. The presentations will emphasize Topics include: code organization, data structure naviga- Overview of the TCP/IP protocols Marshall Kirk McKusick, Author and tion, and algorithms. It will not cover the Implementing a network client Consultant machine specific parts of the system such as Implementing a network server device drivers. Debugging network applications Who should attend: This two-day Topics include: Common pitfalls in network applica- course provides a broad overview of how Day 1 morning: Kernel Resource tion programming the FreeBSD kernel implements its basic Management services. It will be most useful to those TCP/IP internals are not covered in this Basic kernel services who need to learn how these services are course. After taking this tutorial, students Process structure provided. Individuals involved in technical will be able to create and maintain Scheduling and sales support can learn the capabilities networking applications which use the Signals and limitations of the system; applications sockets API. Virtual memory management developers can learn how to effectively and Day 1 afternoon: Kernel I/O structure efficiently interface to the system; systems Special files programmers without direct experience Terminal handling with the FreeBSD kernel can learn how to Multiplexing I/O maintain, tune, and interface to such Autoconfiguration strategy systems. This course is directed to users Structure of a disk device driver who have had at least a year of experience Day 2 morning: Filesystems using a UNIX-like system and the C Filesystem services

REGISTER ON-LINE: www.usenix.org/events/usenix02 9 Tutorials Mon.–Wed., June 10–12

Block I/O system (buffer cache) on as an afterthought. Building software Free vs. purchased solutions: Do you Filesystem implementation properly, both at the design and the imple- write your own, or do you outsource? Soft Updates and Snapshots mentation level, is a much better approach. Homogeneous vs. heterogeneous Support for multiple filesystems This tutorial takes an in-depth look at some Master database: What do you need Network File System (NFS) common software security risks, including to track, and how? Day 2 afternoon: Networking buffer overflows, race conditions, and ran- Policies to make your life easier Implementation dom number generation, and goes on to Push vs. pull: Do you force data to Concepts and terminology discuss essential guidelines for building each host, or wait for a client request? Basic IPC services secure software. A risk-driven approach to Quick replacement techniques: How System layers and interfaces software security which integrates analysis to get the user back up in 5 minutes Routing issues and risk management throughout the soft- Remote install/upgrade/patching: Internet protocols (TCP/IP) ware lifecycle is the key to better computer How can you implement lights-out Course text: Marshall Kirk McKusick, security. operation? Handle remote user sites? Keith Bostic, Michael J Karels, and John S. Topics include: Keep up with vendor patches? Quarterman, The Design and Aligning security goals and software Scaling and sizing: How do you plan? Implementation of the 4.4BSD Operating project goals Security vs. sharing System (Addison-Wesley, 1996). Software risk management Single sign-on: Can one-password Performing risk analysis access to multiple services be secure? Integrating securing into the software Single system images: Should each TUESDAY, lifecycle user see everything the same way, or Code-scanning technology should each user’s access to each serv- JUNE 11, 2002 Common software security risks ice be consistent with his/her own Design versus implementation risks environment? Building Building software security capability Tools: What’s free? What should you Open source and security buy? What can you write yourself? T1 Secure Software NEW Guidelines for building secure Gary McGraw, Cigital software Solaris Internals: Upon completion of this tutorial, partic- Architecture, Tips, and Who should attend: Developers, archi- ipants will understand why software T3 tects, and managers charged with develop- security is essential to any organization Tidbits ing code for security-critical and building Net-enabled software, how to mission-critical projects (e.g., code that is avoid common security problems, and how James Mauro and Richard McDougall, intended to live on the Net), and security to design more secure software. Sun Microsystems, Inc. practitioners who must grapple with Who should attend: Software engi- software security issues such as code review Issues in UNIX neers, application architects and developers, and risk analysis. Participants should have kernel developers, device driver writers, sys- some familiarity with software devel- T2 Infrastructure Design tem administrators, performance analysts, opment. Code examples include C, Java, Lee Damon, University of Washington capacity planners, Solaris users who wish to and Python. This tutorial is based on mate- know more about the system they’re using rial found in the book Building Secure Who should attend: Anyone who is and the information available from bundled Software, published by Addison-Wesley in designing, implementing, or maintaining a and unbundled tools, and anyone interested their Professional Computing series. UNIX environment with 2 to 20,000+ in operating system internals. What do wireless devices, cell phones, hosts. System administrators, architects, The installed base of Solaris systems PDAs, browsers, operating systems, and managers who need to maintain multi- being used for various commercial data- network services, public key infrastructure, ple hosts with few admins. processing applications across all market and firewalls have in common? The answer This tutorial won’t propose one “perfect segments and scientific computing applica- is “software.” Software is everywhere, and solution.” Instead, it will try to raise all the tions has grown dramatically over the last it is not usually built to be secure. This questions you should ask in order to design several years, and it continues to grow. As tutorial explains why the key to proactive the right solution for your needs. an operating system, Solaris has evolved computer security is making software Topics include: considerably, with some significant changes behave. With software complexity growing Administrative domains: Who is made to the UNIX SVR4 source base on alarmingly—the source code base for responsible for what? What can users which the early system was built. An under- Windows XP is 40 million lines—we have do for themselves? standing of how the system works is our work cut out for us. Clearly, the pene- Desktop services vs. farming required in order to design and develop trate-and-patch approach is non-optimal. Disk layout applications that take maximum advantage Even worse is bolting security mechanisms of the various features of the operating sys-

10 QUESTIONS? Call 1.510.528.8649 Mon.–Wed., June 10–12 Tutorials tem, to understand the data made available let you grow and shrink partitions, effi- Perl for System via bundled system utilities, and to opti- ciently back up databases, and much mally configure and tune a Solaris system more. We’ll talk about Linux LVM, T5 Administration—The for a particular application or load. what you need to get it up and running, Power and the Praxis Topics include the major subsystems of and how to take advantage of its many the Solaris 8 kernel. We review the major features. David N. Blank-Edelman, Northeastern features of the release and take a look at Security Packet Filtering Primer: What University CCS how the major subsystems are tied together. does the word “firewall” really mean, We cover in detail the implementation of and how do you set up a packet filter Who should attend: People with system Solaris services (e.g. system calls) and low- list to implement a basic one? We’ll administration duties, advanced-beginner to level functions, such as synchronization teach you the dos and don’ts of creating intermediate Perl experience, and a desire to primitives, clocks and timers, and trap and a tough packet filter, and talk make their jobs easier and less stressful in interrupt handling. We discuss the system’s specifically about capabilities of times of sysadmin crises. memory architecture; the virtual memory packages available for Linux. Perl was originally created to help with model, process address space and kernel What’s New in BIND9? BINDv9 system administration, so it is a wonder address space, and memory allocation. The includes a long laundry list of features that there isn’t more instructional material Solaris process/thread model is discussed, needed for modern architectures, huge devoted to helping people use Perl for this along with the kernel dispatcher and the zones, machines serving a zillion zones, purpose. This tutorial hopes to begin to various scheduling classes implemented and co-existence with PCs, security, and remedy this situation by giving you six solid supported. We cover the Virtual File IPv6—specifically, dynamic update, hours of instruction geared towards putting System (VFS) subsystem, the implementa- incremental zone transfers, DNS secu- your existing Perl knowledge to practice in tion of the Unix File System (UFS), and file rity via DNSSEC and TSIG, A6, and the system administration realm. IO-related topics. DNAME records. We’ll talk about the The morning section will concentrate on All topics are covered with an eye to the gory details of these new features. the power of Perl in this context. Based on practical application of the information, Network Server Performance Tuning: the instructor’s O’Reilly book, we’ll take a such as for performance tuning or software Instead of throwing expensive hardware multi-platform look at using Perl in development. Solaris networking (topics at a performance problem, consider that cutting-edge and old-standby system related to TCP/IP and STREAMS) is not many performance problems are really administration domains. This jam-packed covered in this course. due to misconfigured networks, survey will include: After completing this course, partici- systems, and applications. We’ll focus Secure Perl scripting pants will have a solid understanding of the on Linux and UNIX performance tun- Dealing with files and file systems internals of the major areas of the Solaris ing, with an emphasis on low-cost, (including source control, XML, kernel that they will be able to apply to high-impact strategies and solutions. databases, and log files) systems performance analysis, tuning, load/ Security Crisis Case Studies: Before Dealing with SQL databases via DBI behavior analysis, and application develop- your very eyes, we’ll dissect a set of secu- and ODBC ment. rity incident case studies using many Email as a system administration tool tools available on your system or from (including spam analysis) the Net. We’ll specifically describe how Network directory services (including Topics in UNIX and Linux to avoid common security-incident pit- NIS, DNS, LDAP, and ADSI) Administration, Part 1 falls. Network management (including T4 NEW Policy and Politics: Many of the policies SNMP and WBEM) and procedures followed at a site are In the afternoon, we will look at putting Trent Hein and Ned McClain, Applied Trust; carefully filed in the sysadmin’s head. our Perl knowledge to work for us to solve Evi Nemeth, University of Colorado With the worldwide Net invading your time-critical system administration local site, these secrets need to be writ- Who should attend: System and problems using short Perl programs. ten down, run by lawyers, and followed network administrators who are interested Centered around a set of “battle stories” by your sysadmin staff. We will discuss in picking up several new technologies in and the Perl source code used to deal with approaches to these tasks, both good an accelerated manner. The format consists them, we’ll discuss different approaches to and bad, and illustrate with war stories, of six topics. dealing with crises using Perl. sample policy agreements, and T At the end of the day, you’ll walk away opics include: procedure checklists. Logical Volume Management for Linux: from this class with Perl approaches and Logical volume support for Linux has techniques that can help you solve your brought storage flexibility and high daily system administration problems. availability to the masses. By abstracting You’ll have new ideas in hand for writing physical storage devices, logical volumes small Perl programs to get you out of big sysadmin pinches. And on top of all this,

FOR PROGRAM UPDATES: www.usenix.org/events/usenix02 11 Tutorials Mon.–Wed., June 10–12

you are also likely to deepen your Perl figuration to reap the greatest benefit from knowledge. this course. FreeBSD Kernel Internals: Export restrictions have eased, and the T8 Data Structures, RSA patent has expired, removing legal bar- Algorithms, and Real-World Intrusion riers to strong encryption. Soon all Linux T6 Detection: Problems and and UNIX systems will ship with built-in Networking—Part 2 Solutions cryptographic capabilities. System adminis- Marshall Kirk McKusick, Author and trators need to understand what those tools Phil Cox and Mark Mellis, SystemExperts can and cannot do for them and how to use Consultant Corporation the tools. This course outlines the current Please see the description under M8. state of cryptographic support in UNIX Note: Attendees of Tuesday’s session will Who should attend: System and and shows attendees how to make use of be expected to possess familiarity with the network administrators who implement or SSL and SASL services. The network proto- concepts covered on Monday. maintain intrusion detection systems, man- cols that underlie these cryptographic serv- agers charged with selecting and setting ices are described. Practical advice about intrusion detection requirements, and any- using strong authentication and encrypted one who wants to know the details of how WEDNESDAY, data streams is given. This tutorial provides to make intrusion detection work. Famil- detailed, practical examples of installing, JUNE 12, 2002 iarity with TCP/IP networking is a plus. configuring, and using OpenSSL and SASL In today’s increasingly networked world, to support encryption for applications such intrusion detection is essential for protect- Blueprints for High as Apache. Installation, configuration and ing resources, data, and reputation. It’s a use of encryption tools such as SSH and Availability: Designing rapidly evolving field with several models W1 GPG are also covered. and deployment methods from which to Resilient Distributed choose. Topics include: Systems After taking this tutorial, attendees will The basics understand the fundamental concepts of Threats to data Evan Marcus, VERITAS Software intrusion detection and will gain practical Types of encryption and their Corporation insights into designing, deploying, and roles Simple Authentication and Security Who should attend: Beginning and managing intrusion detection systems in intermediate UNIX system and network the real world. Layer (SASL) administrators, and UNIX developers con- Topics include: The role of SASL cerned with building applications that can Why intrusion detection? Terminology be deployed and managed in a highly Supported authentication ID and the organization resilient manner. A basic understanding of Intrusion detection basics techniques UNIX system programming, UNIX shell Terms and definitions Installation, configuration, and use programming, and network environments Host-based systems GNU Privacy Guard (GPG) is required. Network-based systems The role of GPG This tutorial will explore procedures and Hybrid systems Obtaining and installing GPG techniques for designing, building, and How attackers attempt to bypass IDS Encrypting and protecting email managing predictable, resilient UNIX-based systems Secure Shell (SSH) systems in a distributed environment. We Case studies for small, medium, and The role of SSH will discuss the trade-offs among cost, relia- large deployments SSH protocol Obtaining and installing SSH bility, and complexity. Client and server configuration Topics include: Practical UNIX Key distribution issues What is high availability? Who needs it? Cryptography NEW Secure Sockets Layer (SSL) Defining uptime and cost; “big rules” T7 The role of SSL of system design Craig Hunt, WroteTheBook.com TLS protocol Disk and data redundancy; RAID Certificates and SCSI arrays Who should attend: System administra- Obtaining, configuring, and using Host redundancy in HA configs tors interested in using the cryptographic OpenSSL Network dependencies tools that are now available for UNIX. Using OpenSSL with Apache Application system programming System administrators interested in practi- Securing services with stunnel concerns cal configuration examples will benefit the Anatomy of failovers: applications, most. Attendees need basic system adminis- systems, management tools tration skills and knowledge of UNIX con-

12 SAVE $$: Register for 3 Days of Tutorials Mon.–Wed., June 10–12 Tutorials

Planning disaster recovery sites and General issues to the honey pot building toolkit. data updates Sniffers Attendees may also wish to review The Security implications Building your own access point Honeynet Project, eds., Know Your Enemy: Upgrade and patch strategies 802.11a Revealing the Security Tools, Tactics, and Backup systems: off-site storage, Motives of the Blackhat Community redundancy, and disaster recovery Building Honey Pots (Addison-Wesley, 2001). Managing the system: managers, processes, verification W3 for Intrusion Detection Topics in UNIX and NEW Practical Wireless IP: W4 Linux Administration, Marcus Ranum, NFR Security, Inc. Concepts, Adminis- Part 2 NEW W2 Who should attend: System and tration, and Security network managers with administrative skills Trent Hein and Ned McClain, Applied Trust; and a security background. The tutorial Evi Nemeth, University of Colorado Philip Cox and Brad C. Johnson, examples will be based on UNIX/Linux. Who should attend: System and SystemExperts Corporation While the materials may be of interest to a network administrators who are interested Who should attend: Users, administra- Windows/NT administrator, attendees will in picking up several new technologies in tors, managers, and others interested in benefit most if they have at least basic an accelerated manner. (Note: M4 is not a learning about some of the fundamental UNIX system administration skills. prerequisite.) The format consists of six security and usage issues around wireless This class provides a technical introduc- topics. IP services. This tutorial assumes some tion to the art of building honey pot systems Topics include: knowledge of TCP/IP networking and for intrusion detection and burglar-alarming Efficient Server Log Management: client/server computing, the ability or will- networks. Students completing this class will Server and network device logs are one ingness to use administrative GUIs to set come away armed with the knowledge that of the most useful sources of perform- up a device, and a general knowledge of will enable them to easily assemble their own ance and security information. common laptop environments. honey pot, install it, maintain it, keep it Unfortunately, system logs are often Whether you like it or not, wireless serv- secure, and analyze the data from it. overlooked by organizations, out of ices are popping up everywhere. And you Topics include: either a lack of time or a preference for and your organization will be responsible Introduction information from fancier intrusion for understanding and managing the IDSes detection systems. We present a set of devices you possess. Since the purpose of Fundamentals of burglar alarms open source tools and a unified strategy wireless is to share data when you aren’t Fundamentals of honey pots for securely managing centralized directly attached to a wired resource, you Fundamentals of log-data analysis system logs. need to understand the fundamental secu- Spoofing servers What’s New with Sendmail: Newer rity and usage options. In this tutorial we Overview of our honey pot’s design versions of sendmail ship with a will cover a number of topics that affect System initialization wealth of features every system you in managing and using wireless Services administrator should know about. services. Some of the topics will be demon- Spoofing server implementation From advanced virus and spam filter- strated live using popular wireless devices. walkthrough ing (Milter), to IPv6, to improved Topics include: Multiway address/traffic manipu- LDAP and mailbox abstraction sup- Cellular services basics lation port, we discuss sendmail’s hot new What’s out there? Logging architecture: syslogs, features, quirks, and tricks. Who’s using what? XML logs, statistical processing Performance Crisis Case Studies: What really matters? Simple tricks for information visu- Trying to squeeze more performance Wireless LAN fundamentals alization out of your existing environment? Architecture Crunchy implementation details We’ll walk you through the pathology Threats How to write spoofing rules of actual performance crisis situations 802.11b How to write log filtering rules we’ve encountered, and talk not only Configuration examples Management about how to fix them but also how Antennas How to get help in analyzing to avoid them altogether. There’s Access points attacks nothing like learning from real-world Channels, placement Keeping up to date situations! Bandwidth, aggregation Auxiliary materials: Attendees will Security Tools: A new generation’s Congestion receive a bootable CD-ROM containing a worth of security management tools Roaming, signals mini UNIX kernel and preconfigured soft- are on the loose. We’ll help you ware, and will also have source-code access understand how to use them to your

REGISTER EARLY FOR TUTORIALS: Get Your First Choice! 13 Tutorials Mon.–Wed., June 10–12

advantage. We’ll examine network Integrating authentication NFS performance tuning scanning tools such as Nessus and mechanisms for other services (e.g., NFS server constraints nmap, as well as new tools to Apache, Sendmail, Samba) with NFS client improvements facilitate security forensics. LDAP NFS over WANs Site Localization and Management: LDAP interoperability with other Automounter and other tricks Wouldn’t it be nice if new system proprietary directory services, such as Network performance, design, and arrivals meant pushing a button and Novell’s NDS and Microsoft’s Active capacity planning watching the localization work hap- Directory Locating bottlenecks pen magically before your eyes? Programming tools and languages Demand management Imagine if systems at your site all available for implementing LDAP Media choices and protocols shared a consistent configuration! support in applications Network topologies: bridges, We’ll talk about modern tools for switches, routers localization and mass deployment of System and Network Throughput and latency systems, and how to keep systems up- Modeling resource usage to-date on a going forward basis. Performance Tuning Application tuning W6 Security Incident Recovery: You’ve System resource usage Marc Staveley, Soma Networks been vigilant about your site’s Memory allocation security, but the day still comes when Who should attend: Novice and Code profiling you detect an intruder. How do you advanced UNIX system and network Job scheduling and queuing handle the situation, analyze the administrators, and UNIX developers con- Real-time issues intrusion, and restore both security cerned about network performance Managing response time and confidence to your environment? impacts. A basic understanding of UNIX This crash course in incident system facilities and network environments Cisco’s Security handling will give you the skills you is assumed. need to deal with the unthinkable. We will explore techniques for tuning W7 Features: What They systems, networks, and application code. Are, Where to Use Exploring the Potential Starting from a single-system view, we’ll examine how the virtual memory system, Them, How to W5 of LDAP the I/O system, and the file system can be Configure Them NEW Gerald Carter, Hewlett Packard measured and optimized. We’ll move on to Network File System tuning and perfor- John Stewart, Digital Island, Inc. Who should attend: Administrators mance strategies. Detailed treatment of net- Who should attend: Network and sys- and programmers interested in the potential work performance problems, including tem administrators running Cisco of the Lightweight Directory Access Proto- network design and media choices, will lead networks, and security professionals. col (LDAP) and in exploring issues related to examples of network capacity planning. It’s common knowledge that over 85% to deploying an LDAP infrastructure. This Application issues, such as system call opti- of all Internet traffic crosses a Cisco prod- tutorial is not a how-to for a specific LDAP mization, memory usage and monitoring, uct at one time or another. Given this fact, server, nor is it an LDAP developers’ code profiling, real-time programming, and it is obvious that improving security on course. Rather, it is an evaluation of the controlling response time will be covered. Cisco products can improve the overall potential of LDAP to allow the consolida- Many examples will be given, along with security of your site as well as the overall tion of existing deployed directories. No guidelines for capacity planning and security of the Internet. However, the secu- familiarity with LDAP or other Directory customized monitoring based on your work- rity features available in Cisco products can Access Protocols will be assumed. loads and traffic patterns. Analysis periods be a discipline in themselves. This class System administrators today run many for particular situations will be provided. takes a nuts-and-bolts approach to deciding directory services, though they may be Topics include: which Cisco security features to use, and called by such names as DNS and NIS. Performance tuning strategies when and where to use them. A sample LDAP, the up-and-coming successor to the Practical goals network is used as the basis for the class. X500 directory, promises to allow adminis- Monitoring intervals For each area, sample uses and actual con- trators to consolidate multiple existing Useful statistics figuration techniques are discussed. directories into one. Vendors across operat- Tools, tools, tools Topics include: ing-system platforms are lending support. Server tuning Perimeter Security Topics include: Filesystem and disk tuning Cisco Access Control Lists (ACLs) The basics of LDAP Memory consumption and swap Lock and key Current technologies employing space TCP intercept LDAP services System resource monitoring Context-Based Access Control Replacing NIS using LDAP (CBAC)

14 REGISTER ON-LINE: For Additional Savings! Mon.–Wed., June 10–12 Tutorials/Instructors

Firewalling technologies compared Language overview Gerald Carter (W5), a member of the Samba Team since and contrasted Sessions 1998, is employed by Hewlett Packard as a Software Engineer, working on PIX Error handling Samba-based print appliances. He is IOS Database examples writing a guide to LDAP for system Access Lists revealed Creating graphics on the fly administrators to be published by Basic vs. extended Creating PDF and Flash on the fly O’Reilly. Jerry holds an M.S. in com- Where and how to use ACLs XML/XSLT puter science from Auburn University, Event logging Caching, content compression, and where he also served as a network and systems adminis- trator. Gerald has published articles with Web-based Per-user ACLs on dial-up ports other tips magazines such as Linuxworld and has authored courses Router-to-router security Content management for companies such as Linuxcare. He recently completed Shared symmetrical application Extending PHP the second edition of Teach Yourself Samba in 24 Hours keys Anybody involved with Web (Sams Publishing). Distributed Director development will come out of this tutorial Philip Cox (T6, W2) is a consultant with SystemExperts Remote access with some new approaches to common Corporation. Phil frequently writes and Route authentication problems. lectures on issues of UNIX and User security Windows NT integration and on infor- Authentication, Authorization, mation security. He is the lead author Accounting (AAA) of Windows 2000 Security Handbook, INSTRUCTORS 2nd Edition (Osborne McGraw-Hill), a TACACS contributing author of Windows Fixed, OTP, SecureCard NT/2000 Network Security (Macmillan Technical Eric Allman (M5) is the original author of sendmail. He RADIUS Publishing), and a featured columnist in ;login: The is the author of syslog, tset, the -me Kerberos Magazine of USENIX & SAGE. He has served on numer- troff macros, and trek. He was the ous USENIX program committees. Phil holds a B.S. in IPSec chief programmer on the INGRES data- computer science from the College of Charleston, South Current standards update base management project, designed Carolina. Deploying IPSec with other database user and application inter- technologies faces at Britton Lee (later Sharebase), Lee Damon (T2) holds a B.S. in speech communication ISAKMP/Oakley and contributed to the Ring Array from Oregon State University. He has Processor project at the International Computer Science Availability been a UNIX system administrator Institute. He is a former member of the USENIX Board of Configuring and using IPSec since 1985 and has been active in Directors. SAGE since its inception. He has Network Address Translation (NAT) developed several large-scale mixed Matt Bishop (M7) began working on problems of com- Hiding your company environments. He is a member of the puter security, including the security of Hiding your Web servers SAGE Ethics Working Group and was the UNIX operating system, at Purdue, one of the commentators on the SAGE Ethics document. Using NAT over dial-up where he earned his doctorate in 1984. He has championed awareness of ethics in the system VPN He worked in industry and at NASA administration community, including writing ethics con- VPDNs before becoming a professor, teaching cerns into policy documents. GRE tunnels courses in computer security, cryptog- Layer 2 Forwarding (L2F) raphy, operating systems, and software Peter Baer Galvin (M1) is the chief technologist for L2TP tunnels engineering at both Dartmouth College and the Corporate Technologies, Inc., and was University of California at Davis, where he teaches now. the systems manager for Brown Matt’s current research interests are analyzing vulnera- University’s Computer Science Depart- PHP: Scripting the bilities in operating systems, protocols, and software in ment. He has written articles for Byte general; denial of service; intrusion detection; and formal and other magazines, is a columnist for Web NEW models of access control. W8 SunWorld, and is co-author of the Operating Systems Concepts and the Rasmus Lerdorf, Consultant David N. Blank-Edelman (T5) is the Director of Applied Operating Systems Concepts textbooks. Peter Technology at the Northeastern has taught tutorials on security and systems administra- Who should attend: Web site designers University College of Computer Science tion and has given talks at many conferences and institu- or programmers working on Web-related and the author of Perl for System tions. projects. No programming background is Administration (O’Reilly). He has spent required, but a basic understanding of the last 15 years as a system/network Trent Hein (T4, W4) is co-founder of Applied Trust HTML and HTTP is assumed. administrator in large multi-platform Engineering. Previously, he was the PHP is a popular scripting language environments and has served as Senior CTO at XOR Inc., where he focused on Technical Editor for the Perl Journal. He has also written used for creating dynamic Web sites. This using UNIX and Linux in production- many magazine articles on world music. grade commercial environments.Trent tutorial, taught by the original developer of worked on the 4.4 BSD port to the the language, will cover all the main MIPS architecture at Berkeley, is co- features of the language. author of both the UNIX Systems Topics include: Administration Handbook and the Linux Administration History

QUESTIONS? Ask [email protected] 15 Instructors Mon.–Wed., June 10–12

Handbook, and holds a B.S. in computer science from the Architecture Tips and Techniques (Sun Microsystems Mark Mellis (T6) is a consultant with SystemExperts University of Colorado. Email him at [email protected]. Press/Prentice Hall, 2000). Corporation. Over the past two years, Mark has assisted several premier Craig Hunt (T7) is the author of the best-sellers TCP/IP Ned McClain (T4, W4), co-founder and CTO of Applied Internet companies in responding to Network Administration (O’Reilly) and Trust Engineering, was formerly director major network attacks and has Linux Network Servers 24seven of Infrastructure Engineering at XOR designed and implemented robust infra- (Sybex). Craig is also the series editor Inc. In this role, McClain was responsi- structure to limit future exposure. Mark for the Craig Hunt Linux Library from ble for the security and performance of was the Principal of Mellis and Sybex, a library of advanced system more than 200 client network and Associates, where he provided network consulting serv- administration books. He has more server environments. Ned speaks regu- ices to various high-tech firms. Mark attended the than 20 years of computer experience larly at international system administra- University of Washington, where he studied physics. and more than 10 years experience in training computer tion and networking conferences and is contributing science professionals. He is a well-known lecturer, who author to both the UNIX System Administration Evi Nemeth (T4, W4), a faculty member in computer sci- speaks about networking and Linux at USENIX, Handbook and the Linux Administration Handbook. Ned ence at the University of Colorado, has LinuxWorld, Networld+Interop, COMDEX, ComNet, and holds a B.S. in computer science from Cornell University. managed UNIX systems for the past 25 the Open Source Software Convention. years, both from the front lines and Richard McDougall (T3), an Established Engineer in from the ivory tower. She is co-author Brad C. Johnson (W2) is vice president of the Performance Application Engin- of the UNIX System Administration SystemExperts Corporation. He has par- eering Group at Sun Microsystems, Handbook. Evi is about to get out of ticipated in the Open Software focuses on large systems performance the UNIX and networking worlds and Foundation, X/Open, and the IETF, and and architecture. He has over twelve explore the real world on a sailboat. has often published about open years of experience in UNIX perform- systems. Brad has served as a security ance tuning, application/kernel devel- George Neville-Neil (M6) has worked on networking advisor to organizations such as opment, and capacity planning. Richard and embedded operating system soft- Dateline NBC and CNN. He is a is the author of many papers and tools for measurement, ware for the last five years, most frequent tutorial instructor and conference speaker on monitoring, tracing, and sizing UNIX systems, including recently as a Senior Member of network security, penetration analysis, middleware, and the memory-sizing methodology for Sun, the MemTool Technical Staff and TCP/IP Architect at distributed systems. He holds a B.A. in computer science set for Solaris, the recent Priority Paging memory algo- Wind River Systems. He presents semi- from Rutgers University and an M.S. in applied manage- rithms in Solaris, and many unbundled tools for Solaris, nars on advanced networking subjects ment from Lesley University. and is co-author of Solaris Internals: Architecture Tips regularly at the PerNet colloquia series and Techniques (Sun Microsystems Press/Prentice Hall, at San Francisco State University. Currently he has a Rasmus Lerdorf (W8) has been designing large-scale 2000). consulting company working on advanced frameworks for UNIX-based solutions since 1989. In network protocol implementation. the Open Source community, he is Gary McGraw (T1) Cigital Inc.’s CTO, researches soft- known mostly as the creator of the PHP ware security and sets technical vision Marcus Ranum (T8, W3) is founder and CTO of NFR scripting language. Rasmus has in the area of software risk Security, Inc. He has been working in contributed to a number of Apache- management. Dr. McGraw is co-author the computer/network security field for related projects and is a member of the of four popular books: Java Security over 14 years and is credited with Apache core team. He currently lives in (Wiley, 1996), Securing Java (Wiley, designing and implementing the first the San Francisco Bay Area with his wife, Christine. He 1999), Software Fault Injection (Wiley commercial Internet firewall product. can be reached at [email protected]. 1998), and Building Secure Software Marcus also designed and implemented (Addison-Wesley, 2001). He consults with major e-com- other significant security technologies, Evan Marcus (W1) , who has 14 years of experience in merce vendors, including Visa, MasterCard, and the including the TIS firewall toolkit and the TIS Gauntlet fire- UNIX systems administration, is now a Federal Reserve, functions as principal investigator on wall. As a researcher for ARPA, Marcus set up and man- Senior Systems Engineer and High several government grants, and serves on commercial aged the Whitehouse.gov email server. Widely known as a Availability Specialist with VERITAS and academic advisory boards. Dr. McGraw holds a dual teacher and industry visionary, he has been the recipient Software Corporation. At Fusion Ph.D. in cognitive science and computer science from of both the TISC Clue award and the ISSA lifetime Systems and OpenVision Software, Indiana University and a B.A. in philosophy from UVa. achievement award. Marcus lives in Woodbine, Maryland, Evan worked to bring the first high- with his wife, Katrina, and a small herd of cats. availability software application for Marshall Kirk McKusick (M8, T8) writes books and SunOS and Solaris to market. He is the author of several articles, consults, and teaches classes Avi Rubin (M2) is Principal Researcher at AT&T Labs and articles and talks on the design of high availability sys- on UNIX- and BSD-related subjects. a member of the Board of Directors of tems and is the co-author, with Hal Stern, of Blueprints While at the University of California at USENIX. He has been researching issues for High Availability: Designing Resilient Distributed Berkeley, he implemented the 4.2BSD in computer security since 1991. Rubin Systems (John Wiley & Sons, 2000). fast filesystem and oversaw the devel- is the author of two books on computer opment and release of 4.3BSD and security: White-Hat Security Arsenal James Mauro (T3) is a Senior Staff Engineer in the 4.4BSD. His particular areas of interest (Addison Wesley, 2001) and Web Performance and Availability are the virtual-memory system and the filesystem. He Security Sourcebook (with Dan Geer and Engineering group at Sun earned a B.S. in Electrical Engineering from Cornell Marcus Ranum, John Wiley &Sons, 1997). He is the Microsystems. Jim’s current projects University. At the University of California at Berkeley, he author of dozens of refereed conference and journal are focused on quantifying and improv- received Master’s degrees in computer science and busi- papers, and co-authored two chapters of Peer-to-Peer ing enterprise platform availability, ness administration, and a doctoral degree in computer (O’Reilly,2001). Rubin is also an Associate Editor of including minimizing recovery times for science. He is past president and a current member of Electronic Commerce Research Journal. His latest data services and Solaris. He co-devel- the USENIX Board of Directors and is a member of research project, Publius, a system for circumventing cen- oped a framework for system availability measurement AAAS, ACM, and IEEE. sorship on the Internet, won the Index on Censorship’s and benchmarking and is working on implementing this Freedom of Expression Award. framework within Sun. Jim co-authored Solaris Internals:

16 REGISTER EARLY FOR TUTORIALS: Get Your First Choice! SAGE Certification

John Sellens (M4) has been involved in system and network administration since 1986 and is the author of several related USENIX papers and a number of ;login: articles, SAGE System Administrator including the “On Reliability”series and SAGE booklet. He has a Master’s degree in computer science from the University of Waterloo and is a char- Certification Program tered accountant. He is currently the General Manager for Certainty Solutions (formerly known as GNAC) in Toronto. Prior to joining Certainty, John was the Director of Network Engineering at UUNET Canada, and he was a staff member in computing and information technology AGE Certification is now live! SAGE has been developing a new international at the University of Waterloo for 11 years. certification to meet the growing demand for an objective means for evaluat- Marc Staveley (W6) recently took a position with Soma Networks, where he is applying his 18 Sing system administrators, as well as to enhance a sense of professionalism years of experience with UNIX develop- and personal development in the field. ment and administration in leading their IT group. Previously Marc has been an independent consultant and has held SAGE is pleased to announce the launch of SAGE Certification, the first positions at Sun Microsystems, NCR, professional certification program developed by and for system administrators. Princeton University, and the University of Waterloo. He is a frequent speaker on the topics of SAGE Certification is a multi-platform program which came into existence, standards-based development, multi-threaded program- ming, system administration, and performance tuning. through SAGE, as a response to industry demands for vigorous, job-specific John Stewart (W7) is the Chief Security Officer at Digital Island, Inc., a cable and wireless evaluation. company. Prior to his work at Digital Island, he helped architect Cisco’s Web The exams for the first level of certification, called cSAGE, are underway site and worked on the security teams at Cisco and at NASA Ames Research through VUE testing centers worldwide. The cSAGE program, which consists of a Center. John, who is the co-author of the W3C’s “WWW Security FAQ,” has core plus a module exam, is focused on junior-level system administrators seek- been teaching at the SANS and Network Security confer- ences since 1996 and serves on a number of technical ing verifiable validation of their abilities. Senior-level certifications will be devel- advisory boards. He holds a B.S. and M.S. in computer sci- oped in the near future. This program assists recent college graduates strength- ence from Syracuse University. Theodore Ts’o (M3) has been a Linux kernel developer ening their marketability, corporations that want to define more clearly their since almost the very beginnings of Linux—he implemented POSIX job con- system administrators’ career development plans, and channel partners, trol in the 0.10 Linux kernel. He is the resellers, and authorized service provider programs who wish to offer confirma- maintainer and author for the Linux COM serial port driver and the Comtrol tion of their remote site capabilities. Rocketport driver. He architected and implemented Linux’s tty layer. Outside of the kernel, he is the maintainer of the e2fsck filesys- SAGE Certification Founding Corporate Patrons include SAGE, USENIX, TAOS, tem consistency checker. Ted is a Senior Technical Staff Member of IBM’s Linux Technology Center. and UGU. For more information, see the SAGE Certification Web site: www.sagecert.org.

SAVE $$: Register for 3 Days of Tutorials 17 Technical Sessions June 13–15

General Track Invited Talks FREENIX Track THURSDAY (day one)

8:45 AM–10:30 AM

OPENING REMARKS, AWARDS, AND KEYNOTE KEYNOTE ADDRESS: THE INTERNET’S COMING SILENT SPRING Lawrence Lessig, Stanford University The innovation of the Internet grew out of the network’s unique design. Its ‘architecture’ was built to enable neutral and unrestrained innovation. In this talk, Lawrence Lessig shows how this ecology of innovation is now being undermined by those who were threatened by the original network architecture. Changes to this architecture, and the legal environment within which it lives, will in turn undermine the network’s potential. Professor Lessig, the nation's leading scholar of law and cyberspace, recently formed the Center for Internet and Society at Stanford Law School. The Center aims to examine the relationship between the architecture of cyberspace and the basic constitutional and public policy values that define our democracy.

10:30 AM–11:00 AM BREAK

11:00 AM–12:30 PM

FILE SYSTEMS THE IETF, OR, WHERE DO ALL THOSE RFCS BUILDING APPLICATIONS Session Chair: Greg Ganger, Carnegie Mellon COME FROM, ANYWAY? Session Chair: Chris Demetriou, Broadcom Corp. University Steve Bellovin, AT&T Labs—Research Interactive 3D Graphics Applications for Tcl Structure and Performance of the Direct What are Internet standards, and where do they come Oliver Kersting and Jüergen Döellner, Hasso Plattner Access File System from? What is the real meaning of an RFC? Did a black Institute for Software Systems Engineering, Kostas Magoutis, Salimah Addetia, Alexandra helicopter really land on the White House lawn? The University of Potsdam Fedorova, and Margo I. Seltzer, Harvard last topic won't be covered, but you'll hear all you The AGFL Grammar Work Lab University; Jeffrey S. Chase, Andrew J. Gallatin, need to know about the IETF (Internet Engineering Task Cornelis H.A. Koster and Erik Verbruggen, University Richard Kisley, and Rajiv G. Wickremesinghe, Force) and what it does. More important, you'll hear of Nijmegen (KUN) Duke University; and Eran Gabber, Lucent why you should care, and perhaps even participate. SWILL: A Simple Embedded Web Server Library Conquest: Better Performance Through a Sotiria Lampoudi and David M. Beazley, University of Disk/RAM Hybrid File System Chicago An-I A. Wang, Peter Reiher, and Gerald J. Popek, University of California, Los Angeles; and Geoffrey H. Kuenning, Harvey Mudd College Exploiting Gray-Box Knowledge of Buffer Management Nathan C. Burnett, John Bent, Andrea C. Arpaci- Dusseau, and Remzi H. Arpaci-Dusseau, University of Wisconsin, Madison

18 REGISTER NOW: www.usenix.org/events/usenix02 June 13–15 Technical Sessions

General Track Invited Talks FREENIX Track

12:30 PM–2:00 PM LUNCH (ON YOUR OWN)

2:00 PM–3:30 PM

OPERATING SYSTEMS (AND DANCING INTRODUCTION TO AIR TRAFFIC NETWORK PERFORMANCE BEARS) MANAGEMENT SYSTEMS Session Chair: Craig Metz, Extreme Networks Session Chair: Frank Bellosa, University of Ron Reisman and James Murphy, NASA Ames Linux NFS Client Write Performance Erlangen-Nürnberg Research Center, and Rob Savoye, Seneca Software Chuck Lever, Network Appliance, Incorporated; and The JX Operating System This introduction to air traffic control systems summa- Peter Honeyman, CITI, University of Michigan Michael Golm, Meik Felser, Christian Wawersich, rizes the operational characteristics of the principal Air A Study of the Relative Costs of Network Security and Jürgen Kleinöder, University of Erlangen- Traffic Management (ATM) domains (i.e., en route, ter- Protocols Nürnberg minal area, surface control, and strategic traffic flow Stefan Miltchev and Sotiris Ioannidis, University of Design Evolution of the EROS Single-Level management) and the challenges of designing ATM Pennsylvania; and Angelos Keromytis, Columbia Store decision support tools. The Traffic Flow Automation University System (TFAS), a version of the Center TRACON Jonathan S. Shapiro, Johns Hopkins University; Congestion Control in Linux TCP and Jonathan Adams, University of Pennsylvania Automation System (CTAS), will be examined. TFAS achieves portability across platforms (Solaris, HP/UX, Pasi Sarolahti, University of Helsinki; and Alexey Think: A Software Framework for Component- and Linux) by adherence to software standards (ANSI, Kuznetsov, Institute for Nuclear Research at Moscow based Operating System Kernels ISO, POSIX). Software engineering issues related to Jean-Philippe Fassino, France Télécom R&D; design, code reuse, portability, performance, and Jean-Bernard Stefani, INRIA; Julia Lawall, DIKU; implementation are discussed. and Gilles Muller, INRIA

3:30 PM–4:00 PM BREAK

4:00 PM–5:30 PM

BUILDING SERVICES ADVENTURES IN DNS XTREME XCITEMENT Session Chair: Jason Nieh, Columbia University Bill Manning, ISI Session Chair: Keith Packard, XFree86 Core Team & Ninja: A Framework for Network Services The Internet Domain Name System is poised for explo- SuSE, Inc. J. Robert von Behren, Eric A. Brewer, Nikita sive growth in several areas: • adding support for The Future Is Coming: Where the X Window Borisov, Michael Chen, Matt Welsh, Josh IPv6; • DNS security; • support for alternate character System Should Go MacDonald, Jeremy Lau, and David Culler, encoding methods. The existing DNS root structure Jim Gettys, Compaq Computer Corporation University of California, Berkeley was constructed with some presumptions about the XCL: An Xlib Compatibility Layer for XCB Using Cohort Scheduling to Enhance Server underlying transport protocol that have dictated how Jamey Sharp and Bart Massey, Portland State Performance the DNS root structure and context have evolved. Our University project has constructed and deployed a root context James R. Larus and Michael Parkes, Microsoft Biglook: A Widget Library for the Scheme Research that supports the IPv4 data but introduces new fea- tures and protocol support. We have augmented the Programming Language system with IPv6 and DNSSec records and are dis- Erick Gallesio, University of Nice – Sophia Antipolis; cussing how to test alternate encodings. I'll review and Manuel Serrano, INRIA Sophia Antipolis some preliminary findings and possible ramifications.

QUESTIONS? Call 1.510.528.8649 19 Technical Sessions June 13–15

General Track Invited Talks FREENIX Track

FRIDAY (day two)

9:00 AM–10:30 AM

NETWORK PERFORMANCE THE JOY OF BREAKING THINGS HACKING IN THE KERNEL Session Chair: Vern Paxson, ICIR Pat Parseghian, Transmeta Session Chair: Chuck Cranor, AT&T Labs—Research EtE: Passive End-to-End Internet Service When Transmeta launched the Crusoe microprocessor, An Implementation of Scheduler Activations on Performance Monitoring how did we assure its compatibility with the x86 archi- the NetBSD Operating System Yun Fu and Amin Vahdat, Duke University; tecture? The CPU's layered design poses unique chal- Nathan J. Williams, Wasabi Systems Inc. Ludmila Cherkasova and Wenting Tang, Hewlett- lenges, from the silicon's underlying proprietary archi- Authorization and Charging in Public WLANs Packard Laboratories tecture through the multiple stages of the Code Using FreeBSD and 802.1x The Performance of Remote Display Morphing Software which executes x86 instructions. Pekka Nikander, Ericsson Research NomadicLab Mechanisms for Thin-Client Computing This talk will share a testing philosophy and set of practices that can be applied to software products as ACPI Implementation on FreeBSD S. Jae Yang, Jason Nieh, Matt Selsky, and Nikhil Takanori Watanabe, Kobe University Tiwari, Columbia University well as systems or devices. A Mechanism for TCP-Friendly Transport-Level Protocol Coordination David E. Ott and Ketan Mayer-Patel, University of North Carolina, Chapel Hill

10:30 AM–11:00 AM BREAK

11:00 AM–12:30 PM

STORAGE SYSTEMS TECHNOLOGY, LIBERTY, AND WASHINGTON ANALYZING APPLICATIONS Session Chair: Elizabeth Shriver, Bell Labs Alan Davidson, Center for Democracy and Technology Session Chair: Jim McGinness, Consultant My Cache or Yours? Making Storage More The open, distributed, end-to-end architecture of Gscope: A Visualization Tool for Time-Sensitive Exclusive today's Internet is becoming a favorite target of policy- Software Theodore M. Wong, Carnegie Mellon University; makers in the U.S. and around the world. For example, Ashvin Goel and Jonathan Walpole, Oregon and John Wilkes, Hewlett-Packard Laboratories in the wake of the September 11 attacks, new laws Graduate Institute, Portland Bridging the Information Gap in Storage and regulations have been proposed in the U.S. to Inferring Scheduling Behavior With Hourglass Protocol Stacks enable greater government monitoring of Internet John Regehr, University of Utah Timothy E. Denehy, Andrea C. Arpaci-Dusseau, activity. Concerns about copyright have prompted some to propose government-mandated digital-rights- A Decoupled Architecture for Application- and Remzi H. Arpaci-Dusseau, University of Specific File Prefetching Wisconsin, Madison management security standards. These and other ini- tiatives could directly impact both the architecture of Chuan-Kai Yang, Tulika Mitra, and Tzi-Cker Chiueh, Maximizing Throughput in Replicated Disk the Internet and the rights of Internet users. This talk Stony Brook University Striping of Variable Bit-Rate Streams will report on the latest Internet security and policy Stergios V. Anastasiadis, Duke University; and initiatives in Washington and examine their impact on Kenneth C. Sevcik and Michael Stumm, the Internet's architecture and individual liberty. University of Toronto

12:30 PM–2:00 PM LUNCH IN THE EXHIBITION HALL

20 REGISTER ON-LINE: For Additional Savings! June 13–15 Technical Sessions

General Track Invited Talks FREENIX Track

2:00 PM–3:30 PM

WORK-IN-PROGRESS REPORTS CNN.COM: FACING A WORLD CRISIS WORK-IN-PROGRESS REPORTS Session Chair: Amin Vahdat, Duke University William LeFebvre, CNN Internet Technologies Session Chair: Amin Vahdat, Duke University Short, pithy, and fun, Work-in-Progress reports On September 11, 2001, Net users flocked to news See the General Track (column 1) for a description introduce interesting new or on-going work, and sites. The unexpected and unprecedented demand of this shared session. the USENIX audience provides valuable discussion quickly drove nearly every news site into the ground, and feedback. A schedule of presentations will be and CNN.com was no exception. What brought our site posted at the conference. back up was a tremendous effort of teamwork, fast See page 25 for complete information on how to thinking, and troubleshooting. On September 11, with submit presentations. only 85% availability, we nearly equaled our site's all- time high. Next day, we shattered previous site records. This talk tells the story of the CNN.com team that met an unbelievable user demand.

3:30 PM–4:00 PM BREAK

4:00 PM–5:30 PM

TOOLS TAKING AN OPEN SOURCE PROJECT TO ACCESS CONTROL Session Chair: Christopher Small, Sun MARKET Session Chair: Robert Watson, NAI Labs & The Microsystems Eric Allman, Sendmail, Inc. FreeBSD Project Simple and General Statistical Profiling with What happens when a long-time open source project is Design and Performance of the OpenBSD Stateful PCT converted to a commercial model? Some effects are Packet Filter (pf) Charles Blake and Steven Bauer, Massachusetts business-oriented and expected: for example, market- Daniel Hartmeier, Systor AG Institute of Technology ing and sales departments appear. Some are less obvi- Enhancing NFS Cross-Administrative Domain Engineering a Differencing and Compression ous, involving the way engineering is done. Open Access Data Format source sendmail has been the major MTA since 1982. Joseph Spadavecchia and Erez Zadok, Stony Brook David G. Korn and Kiem Phong Vo, AT&T Labs— In 1998, as sendmail neared a "success disaster," a University Research commercial company was formed to develop and sup- port sendmail. The focus of this talk will be on engi- neering, but business issues will also crop up.

SATURDAY (day three)

9:00 AM–10:30 AM

WHERE IN THE NET . . . INFORMATION VISUALIZATION FOR SYSTEMS ENGINEERING OPEN SOURCE SOFTWARE Session Chair: Patrick McDaniel, AT&T Research PEOPLE Session Chair: Niels Provos, University of Michigan A Precise and Efficient Evaluation of the Tamara Munzner, Compaq SRC Ningaui: A Linux Cluster for Business Proximity Between Web Clients and Their By interacting with a carefully designed visual repre- Andrew Hume, AT&T Labs—Research; and Scott Local DNS Servers sentation of data, people form mental models that help Daniels, Electronic Data Systems Corporation Zhuoqing Mao, U.C. Berkeley; and Charles D. them carry out a specific task more effectively. To CPCMS: A Configuration Management System Cranor, Fred Douglis, Michael Rabinovich, Oliver meet the daunting design challenge of finding a cogni- Based on Cryptographic Names Spatscheck, and Jia Wang, AT&T–Labs-Research tively useful spatial mapping for an abstract dataset, Jonathan S. Shapiro and John Vanderburgh, Johns Geographic Properties of Internet Routing information visualization draws on ideas from several Hopkins University intellectual traditions, including computer graphics, Lakshminarayanan Subramanian, U.C. Berkeley; X Meets Z: Verifying Correctness in the Presence human-computer interaction, cognitive psychology, Venkata N. Padmanabhan, Microsoft Research; of POSIX Threads and Randy H. Katz, U.C. Berkeley semiotics, graphic design, cartography, and art. I will present a survey of information visualization tech- Bart Massey, Portland State University; and Robert Providing Process Origin Information to Aid in niques and methods, concentrating on solutions rele- T. Bauer, Rational Software Corporation Network Traceback vant to problems faced by computer systems people. Florian P. Buchholz, Purdue University; and Clay Shields, Georgetown University

FOR PROGRAM UPDATES: www.usenix.org/events/usenix02 21 Technical Sessions June 13–15

General Track Invited Talks FREENIX Track

10:30 AM–11:00 AM BREAK

11:00 AM–12:30 PM

PROGRAMMING FIXING NETWORK SECURITY BY HACKING THE FILE SYSTEMS Session Chair: Darrell Anderson, Duke University BUSINESS CLIMATE Session Chair: Erez Zadok, SUNY at Stony Brook Cyclone: A Safe Dialect of C Bruce Schneier, Counterpane Internet Security Planned Extensions to the Linux Ext2/Ext3 Trevor Jim, AT&T Labs—Research; and Greg Network security has long been considered an engi- Filesystem Morrisett, Dan Grossman, Michael Hicks, James neering problem, which companies try to solve by Theodore Y. Ts'o, IBM; and Stephen Tweedie, Cheney, and Yanling Wang, Cornell University applying technologies. The technologies are failing, Red Hat Cooperative Task Management Without and the problem is worsening. What we need are Recent Filesystem Optimisations on FreeBSD Manual Stack Management security processes, such as detection, response, and Ian Dowse, Corvil Networks; and David Malone, Atul Adya, Jon Howell, Marvin Theimer, Bill deterrence. However, the only way to get corporate CNRI Dublin Institute of Technology Bolosky, and John Douceur, Microsoft Research management to adequately address security is to change the risk-management equation. This can be Filesystem Performance and Scalability in Linux Improving Wait-Free Algorithms for achieved by enforcing penalties for liabilities and giv- 2.4.17 Interprocess Communication in Embedded ing corporate management the means to reduce or Ray Bryant, SGI; Ruth Forester, IBM; and John Real-Time Systems insure against those liabilities. It's only after we do all Hawkes, SGI Hai Huang, Padmanabhan Pillai, and Kang G. of these things that the Internet will be a safe and Shin, University of Michigan secure place.

12:30 PM–2:00 PM LUNCH ON YOUR OWN

2:00 PM–3:30 PM

MOBILITY LIFE IN AN OPEN SOURCE STARTUP THINGS TO THINK ABOUT Session Chair: Mary Baker, Stanford University Daryll Strauss, Consultant Session Chair: Toon Moene, GNU Fortran Team Robust Positioning Algorithms for Distributed Development is very different for open source compa- Speeding Up Kernel Scheduler by Reducing Cache Ad-Hoc Wireless Sensor Networks nies. Strangers look at your code. You give away large Misses Chris Savarese and Jan Rabaey, University of parts of your intellectual property. Demands are made Shuji Yamamura, Akira Hirai, Mitsuru Sato, Masao California, Berkeley; Koen Langendoen, Delft by your users. You're expected to explain your plans Yamamoto, Akira Naruse, and Kouichi Kumon, Fujitsu University of Technology and actions. Outsiders contribute code without neces- Laboratories, LTD Application-specific Network Management for sarily understanding the material in depth. The bene- Overhauling Amd for the '00s: A Case Study of Energy-aware Streaming of Popular fits are a better product that better meets the require- GNU Autotools Multimedia Formats ments of your users. The development of OpenGL for Erez Zadok, Stony Brook University Linux, a very large and very visible open source proj- Surendar Chandra, University of Georgia; and Simple Memory Protection for Embedded Amin Vahdat, Duke University ect, was a roller coaster ride with a startup company, acquisition, and finally a split, but the project lives on. Operating System Kernels Characterizing and Analyzing Alert and This talk will debunk some of the myths about open Frank W. Miller, University of Maryland, Baltimore Browse Services of Mobile Clients source development and will draw conclusions in the County Atul Adya, Paramvir Bahl, and Lili Qiu, Microsoft hope of improving experiences for future open source Research companies.

3:30 PM–4:00 PM BREAK

4:00 PM–5:30 PM

SPECIAL CLOSING SESSION: HOW FLIES FLY? Michael H. Dickinson, Williams Professor, UC Berkeley Join Professor Dickinson as he shares his fascinating exploration into the flight behavior and aerodynamics of flies. In his research Professor Dickinson uses virtual technology to reconstruct what a fly ‘sees’ and determine the means by which the fly’s nervous system integrates visual and olfactory input to modify aerodynamic forces. This clever fusion of olfactory and visual information produces a robust and efficient search algorithm and should serve as a useful model for control systems in autonomous vehicles.

22 QUESTIONS? Email [email protected] AFS Workshop June 11–12

The AFS WORKSHOP Tuesday, June 11–Wednesday, June 12

The AFS Workshop, co-located with the USENIX Annual Technical Conference, brings together administrators and programmers to discuss the development and progress of AFS software, which is growing rapidly both in use and usability. Previous AFS Workshops have covered such topics as methods of authentication, Multi-Resident AFS [MR-AFS], backups, client stability and configuration, replacing ubik, and future work on OpenAFS and Arla. As some of the key players in both OpenAFS and Arla attend the Workshops, these discussions can and do affect the course of development. Attendance is limited to 50 people. The cost is $100 for those already registered for the technical sessions at USENIX, and $350 for those who wish to attend the workshop only. Breakfast pastries, lunch, and beverages will be provided. To apply to attend the AFS Workshop, send email to [email protected]. Your email must contain at least one of the following:

■ A proposal for a short talk to present about work done, in progress, or being considered

■ A list of topics you would like discussed, time permitting Your application must be accepted and you must be registered for the Workshop in order to be admitted. To register and get the latest updates, see www.usenix.org/events/usenix02/.

Workshop Co-ordinators Esther Filderman has been working with AFS since its infancy at CMU, before it was called AFS. She is currently Senior Systems Mangler and AFS administrator for the Pittsburgh Supercomputing Center. Ted McCabe started working with AFS at CMU in the mid-’80s. After a 5-year stint studying mathematics in Boston University's graduate program, he returned to working with AFS at MIT in '96. Ted also represents MIT on the OpenAFS Council of Elders. Derrick Brashear works for CMU and is an OpenAFS Elder..

USENIX AND SAGE THANK THEIR SUPPORTING MEMBERS

USENIX Supporting Members ❖ Interhack ❖ Corporation ❖ Linux Security, Inc. ❖ Lucent Technologies ❖ Microsoft Research ❖ Motorola Australia Software Centre ❖ New Riders Press ❖ The SANS Institute ❖ Sendmail, Inc. ❖ Sun Microsystems, Inc. ❖ Sybase, Inc. ❖ Taos: The Sys Admin Company ❖ TechTarget.com ❖ UUNET Technologies, Inc. SAGE Supporting Members ❖ Certainty Solutions ❖ Collective Technologies ❖ ESM Services, Inc. ❖ Lessing & Partner ❖ Linux Security, Inc. ❖ Microsoft Research ❖ Motorola Australia Software Centre ❖ New Riders Press ❖ O’Reilly & Associates, Inc. ❖ RIPE NCC ❖ SysAdmin Magazine ❖ Taos: The Sys Admin Company ❖ Unix Guru Universe (UGU)

23 FOR MORE INFORMATION: Ask [email protected] June 13–15 The Guru Is In

The GURU IS IN Thursday, June 13–Saturday, June 15

Our Guru Is In sessions are informal gatherings which allow you to pose questions to noted experts in the commu- nity. This is your opportunity to get practical solutions to your most burning technical questions. Thursday, 11:00 a.m.–12:30 p.m. years. He is a consulting Infrastructure Architect and publishes tools and Linux on Laptop/PDA techniques for automated system administration. His deployments have ranged Bdale Garbee, HP Linux Systems Operation from financial trading floors and NASA supercomputers to Web farms and growing Bdale currently works at HP helping to making sure Linux will work well on startups. future HP systems. He has worked on both UNIX internals and embedded systems Friday, 4:00 p.m.–5:30 p.m. for many years. He helped jump-start ports of Debian GNU/Linux to 5 architectures Network Management, System Performance Tuning other than i386, and keeps an impressive number of oddball systems running Linux Jeff R. Allen, Tellme Networks, Inc. in his basement just for fun. When he's not busy trying to keep his compute farm Jeff has been working in the Sysadmin field since 1992. He finds himself drawn running, Bdale's other big hobby is amateur radio, specifically building amateur to running large, complex systems that serve people who don't want to know they satellites. are using a computer (therein lies the complexity). He developed tools for the NOC Thursday, 2:00 p.m.–3:30 p.m. at WebTV Networks, then moved to Tellme Networks, where today he acts as a Large Data/Clusters/Resilient Computing bridge between engineering and the NOC, interfaces with the European operations Andrew Hume, AT&T Labs—Research team, and solves tricky problems as they arise. Andrew Hume has worked at Bell Labs and AT&T for 21 years. Most recently, Saturday, 9:00 a.m.–10:30 a.m. he has been working on solving very large-scale data problems, using data feeds Internet Security, Intranet Security, Mapping Networks from legacy systems, on a Linux cluster using resilient computing techniques. Bill Cheswick, Lumeta Corporation Thursday, 4:00 p.m.–5:30 p.m. Ches used to be a programmer from Bell Labs. Now he is a programmer for a SAMBA—Ins and Outs Bell Labs startup. He is working hard on the second edition of his book. Gerald Carter, SAMBA Team / Hewlett-Packard Saturday, 11:00 a.m.–12:30 p.m. Gerald Carter has been a member of the SAMBA Team since 1998 and is General/Random employed by Hewlett-Packard as a Software Engineer, where he works on Samba- Jim Gettys, Compaq based print appliances. He is currently working on a guide to LDAP for system Jim helped develop the X Window System. He also edited the HTTP/1.1 spec, administrators with O'Reilly Publishing. Gerald holds a master's degree in computer and is now messing with Linux handhelds. science from Auburn University, where he was also previously employed as a net- work and system administrator. Saturday, 2:00 p.m.–3:30 p.m. Sysadmin Management/General Friday, 9:00 a.m.-10:30 a.m. David Parter, University of Wisconsin, Madison Developing Portable Applications David has been a system administrator at the University of Wisconsin Nick Stoughton, MSB Consultants Computer Science Department for 10 years, serving as Associate Director for the Nick has been working in this field for over 6 years as a consultant. He has past six. David has been the senior system administrator, guiding a staff of 8 full- built both internal and external help desk systems for a wide variety of time sysdamins, and supervising up to 12 student sysadmins at a time. His experi- organizations, both in the U.S. and in Europe. His experience covers several leading ences in this capacity include working with other groups on campus; providing applications. He also has a wealth of experience in computer telephony integration. technical leadership to the group; managing the budget; dealing with vendors; When not building help-desk systems, Nick serves as USENIX’s Standards Liaison. dealing with faculty; and training students. As a consultant, he has dealt with a Friday, 11:00 a.m.-12:30 p.m. variety of technical and management challenges. David has also been active in Automated System Administration SAGE, serving on several program committees and chairing LISA ’99. He currently Steve Traugott, TerraLuna, LLC serves as SAGE President. Steve helped pioneer the term “Infrastructure Architecture” and has worked toward industry acceptance of this SysAdmin++ career track for the last several

FOR UPDATES SEE: www.usenix.org/events/usenix02/ 24 Special Conference Features

Birds-of-a-Feather Sessions (BoFs) Work-in-Progress Reports (WiPs) Wednesday, Thursday, and Friday evenings, June 12–14 Friday, June 14, 2:00 p.m.–3:30 p.m. Do you have a topic you’d like to discuss with others? Our Short, pithy, and fun, Work-in-Progress reports introduce inter- Birds-of-a-Feather (BoF) sessions may be perfect for you. These esting new or ongoing work. If you have work you would like to informal and highly interactive evening gatherings are a great way share or a cool idea that’s not quite ready for publication, send a for you to present new work, meet with your peers and maximize one- or two-paragraph summary to [email protected]. We your time at the conference. Topics range from highly technical, to are particularly interested in presenting students’ work. A schedule fun! Past BoF sessions include: of presentations will be posted at the conference, and the speakers • Getting Plugged into Sendmail will be notified in advance. Work-in-Progress reports are five- • BSD Users, Unite! minute presentations; the time limit will be strictly enforced. • UWIN-UNIX for Windows Conference Proceedings • Oldtimer’s BoF One copy of the Proceedings is included with your technical ses- • Sun-Manager’s BOF sions registration fee. Additional copies may be purchased at the • Workplace Issues for Lesbian, Gay, Bisexual, Transgendered conference. To order additional copies after the conference, see Sysadmins & Friends http://www.usenix.org/publications/ordering/, telephone the • How do YOU manage to not get spammed? USENIX Office at 1.510.528.8649, or send email to Don’t miss the famous LINUX BoF with Linus Torvalds and [email protected]. Ted Ts’o on Friday, June 14 from 10pm- midnight. These sessions are open to all attendees and can be scheduled Internet Connectivity and Terminal Room during the conference at the registration desk or in advance by con- Sponsored by Apple Computer tacting USENIX ([email protected]); please include preferred day USENIX is pleased to offer Internet connectivity and a terminal and time, title of the BoF, and the name, email address, and phone room at the Annual Technical Conference. The terminal room will number of the moderator. Check the USENIX '02 Web site for be furnished with G4s running OS X, drops for you to connect BoF schedule information. your laptop to our switches, and 802.11b wireless connectivity. During the tutorials the terminal room will offer limited hours Dessert Reception at the Aquarium of operation covering peak times. On Thursday and Friday we will USENIX ’02 offers many opportunities for attendees to socialize be open from 7 a.m. until 2 a.m., except for all-inclusive and get to know each other. Don't miss our special dessert conference functions such as the Opening Session and the reception on Friday, June 14, at the Monterey Bay Aquarium. Conference Reception. We will close on Saturday at 5:30 p.m. If you are interested in being a terminal room volunteer in exchange for a free Technical Session registration, please contact Take advantage of SUPER SAVINGS when you Lynda McGinley ([email protected]). register online for three days of tutorials! Attendee Messages Telephone messages may be left at the USENIX Message Center TUTORIAL FEES Desk, 1.831.646.5312. The Message Center will be open Sunday, One Day Fee: $600 June 9, through Saturday, June 15, from 7:30 a.m. until 5:00 p.m. Two Day Fee: $1100 Three Day Fee: $1500 - SAVE $300! Messages will be posted on the message board in the Registration area. Use our online Web registration form : SAVE an additional $50! Attendee List Your registration packet will include a list of the names and (A $150 fee will be added to the above rates if register- ing after May 17.) affiliations of your fellow conference attendees. To protect your pri- vacy, we do not print full contact information. Instead, we offer a Web-based contact service after the conference.

FOR MORE INFORMATION: Call 1.510.528.8649 25 Registration, Hotel, and Travel Information

REGISTRATION INFORMATION STUDENT DISCOUNTS & STIPENDS HOTEL AND TRAVEL INFORMATION Early registration deadline: TUTORIALS Hotel discount reservation deadline: Friday, May 17, 2002 A limited number of tutorial seats are reserved for Friday, May 17, 2002 full-time students at the very special rate of $90 TUTORIAL FEES (JUNE 10–12) USENIX has negotiated special rates for for a full-day tutorial. You must email the conference attendees at the Monterey Marriott and Tutorial registration fees include: Conference Dept., [email protected], to con- the DoubleTree Hotel. Contact a hotel directly to Admission to the tutorials you select firm availability and make a reservation. You will make your reservation as soon as possible. You Lunch on the day of your tutorial be given a code number to use when you register. must mention USENIX to get the special rate. A Tutorial CD-ROM The Conference Dept. must receive your registra- Printed tutorial materials for your courses one-night room deposit must be guaranteed to a tion form, with the code number, full payment, Admission to the Vendor Exhibition major credit card. and a photocopy of your current student I.D. card, Select only one full-day tutorial per day. within 14 days from the date you make your reser- Monterey Marriott Hotel 350 Calle Principal, Monterey, CA 93940 Members/Nonmembers vation, or your reservation will be canceled. This $600/day Toll-free: 1.800.228.9290 special fee is not transferable. CEU credit (optional) $15/day Local telephone: 1.831.649.4234 Tutorial Multi-Day Discounts TECHNICAL SESSIONS www.marriott.com Deduct $100 for two days: $1100 total USENIX offers full-time students a special discount Room Rates (single/double occupancy) Deduct $300 for three days: $1500 total rate of $100 for its technical sessions. You must fax $130.00 After May 17, add $150 to the tutorial fee. a copy of your current student I.D. card to the (plus taxes, currently at 10.05%) Students, with Tutorial Codes USENIX Conference Dept. when you register. This DoubleTree Hotel $90/day special fee is not transferable. 2 Portola Plaza, Monterey, CA 93940 CEU credit (optional) $15/day Toll-free: 1.800.222.8733 STUDENT STIPENDS Local telephone: 1.831.649.4511 TECHNICAL SESSIONS FEES (JUNE 13–15) The USENIX student stipend program covers www.doubletreemonterey.com Technical sessions registration fees include: travel, hotel, and registration fees to enable full- Room Rates (single/double occupancy) Admission to all technical sessions time students to attend USENIX meetings. $130.00 Free USENIX T-shirt Application information is posted on (plus taxes, currently at 10.05%) Copy of Conference Proceedings comp.org.usenix 6–8 weeks before the conference, Note: All requests for hotel reservations made after Admission to the Conference Receptions and is also available at the May 17 deadline (or after the room block is Admission to the Vendor Exhibition http://www.usenix.org/students/stipend.html. sold out) will be handled on a space-available basis Early Registration Fees (before May 17) STUDENT MEMBERSHIP at the hotel’s standard rate. Member* $595 USENIX offers full-time students a special mem- Need a Roommate? Nonmember** $695 bership rate of $30 a year. Students must provide a Student $100 Usenet facilitates room-sharing. Post to and check copy of current student ID. To join SAGE, the After May 17, members and nonmembers add comp.org.usenix.roomshare. System Administrators Guild, you must be a mem- $150 to the technical sessions fee. ber of USENIX. Student SAGE membership is an DISCOUNT AIRFARES * The member fee applies to current members of additional $15. Students receive the same member Special discounted airfares have been negotiated USENIX and EurOpen.SE. benefits as individual members. with United Airlines: ** The nonmember fee includes a free one-year Join when you register by filling out the appropri- 5% off any published fare on United membership in the USENIX Association. ate line on the print or on-line registration form. Airlines, United Express, or Shuttle by Payment by check or credit card must accompany United. the registration form. Purchase orders, vouchers, or 10% off coach fares (BUA) when telephone or email registrations cannot be reservations are made in “M” class and uti- accepted. lize the MTGUA Unique Fare Basis Code. Make reservations through your travel agent or Be sure to make your hotel reservation early. Monterey hotels fill up quickly. directly with United Airlines at 1.800.521.4041. Refer to Meeting ID Number 510CH. AIRPORT AND TAXI SERVICE The Monterey Peninsula Airport is located just Registration Refund & four miles from the Conference Center and hotels. Cancellation Policy Questions? Taxi service costs approximately $15 one way. USENIX Conference Department CANCELLATION DATE: June 5, 2002 DRIVING AND PARKING 2560 Ninth St., Suite 215 All refund requests must be emailed Please see the conference Web site for directions, Berkeley, CA 94710 to [email protected] by and for the many parking options available: Phone: 1.510.528.8649 ext. 30 Wednesday, June 5.You may substitute www.usenix.org/events/usenix02. Fax: 1.510.548.5738 another in your place. Email: [email protected]

26 REGISTER ON-LINE: For Additional Savings! Register on the Web & Save Up to $100: www.usenix.org/events/usenix02/

Registration Form USENIX ’02 June 10–15, 2002 This address will be used for all USENIX mailings unless you notify us in writing. Tutorial Program (Monday–Wednesday, June 10–12) Select only one full-day tutorial per day (9:00 a.m.–5:00 p.m.) First name Last name First Name for Badge Monday , June 10 ❏ M1 Advanced Solaris SysAdmin ❏ M5 Sendmail Config. & Operation Job Title Member Number ❏ M2 Intro to Computer Security ❏ M6 Socket Programming ❏ M3 Inside the Linux Kernel ❏ M7 UNIX Security Company/Institution ❏ M4 System & Network Monitoring ❏ M8 FreeBSD Kernel Internals, Pt. 1 Tuesday, June 11 Mail Stop Mail Address ❏ T1 Building Secure Software ❏ T5 Perl for SysAdmin ❏ T2 UNIX Infrastructure Design ❏ T6 Real-World Intrusion Detection ❏ ❏ City State Zip Country T3 Solaris Internals T7 Practical UNIX Cryptography ❏ T4 UNIX and Linux Admin, Pt. 1 ❏ T8 FreeBSD Kernel Internals, Pt. 2

Telephone No. Fax Wednesday, June 12 ❏ W1 Blueprints for High Availability ❏ W5 Exploring LDAP Email Address (one only, please) Priority Code* ❏ W2 Practical Wireless IP ❏ W6 System & Network Tuning ❏ W3 Building Honey Pots ❏ W7 Cisco’s Security Features *Your Priority Code appears just above the address on the mailing label of this ❏ W4 UNIX and Linux Admin, Pt. 2 ❏ W8 PHP—Scripting the Web brochure. EARLY BIRD TUTORIAL FEES (until May 17) Attendee Profile One day: $600...... $ Would you like to receive email about USENIX activities? ❏ Yes ❏ No Two days: $1100...... $ Three days: $1500...... $ Would you like us to provide your name to carefully selected partners? USENIX does not sell its mailing lists. ❏ Yes ❏No CEU fee (optional)...... $15.00 per day $ Would you like to be included on the Attendee list? ❏ Yes ❏ No STANDARD TUTORIAL FEES (after May 17) Would you like information about onsite childcare? ❏ Yes ❏ No One day: $750 ...... $ Two days: $1250...... $ What is your affiliation (check one): Three days: $1650...... $ 1. ❏ academic 2. ❏ commercial 3. ❏ gov’t 4. ❏ R&D 5. ❏ consultant CEU fee (optional)...... $15.00 per day $ What is your role in the purchase decision (check one): STUDENT TUTORIAL FEES (special rate) ❏ ❏ ❏ ❏ ❏ 1. final 2. specify 3. recommend 4. influence 5. no role CODE NO...... $90.00 $ What is your primary job function (check one): CODE NO...... $90.00 $ 1. ❏ system/network administrator 2. ❏ consultant CODE NO...... $90.00 $ 3. ❏ academic/researcher 4. ❏ developer/programmer/architect *Students: Attach a photocopy of current student I.D. 5. ❏ system engineer 6. ❏ technical manager 7. ❏ student 8. ❏ security 9. ❏ Webmaster 10. ❏ other AFS Workshop Fees (Tuesday–Wednesday, June 11–12) $100 with Tech Sessions registration/$350 AFS only ...... $ How did you first hear about this meeting (check one): 1. ❏ Email from USENIX 2. ❏ Conference brochure 3. ❏ comp.org.usenix Technical Program (Thursday–Saturday, June 13–15) 4. ❏ USENIX/SAGE Web site 5. ❏ Other newsgroup 6. ❏ Local user group EARLY BIRD REGISTRATION (until May 17) 7. ❏ Ad in Linux Journal 8. ❏ Ad in SysAdmin Magazine Current member fee...... $595.00 $ 9. ❏ Colleague 10. ❏ Other (applies to individual members of USENIX and EurOpen.SE) Nonmember fee (includes FREE one-year membership) $695.00 $ What publications or Web sites do you read related to the topics of this I do NOT wish to join USENIX at this time (check here): ❏ conference? STANDARD REGISTRATION (after May 17) Payment Must Accompany This Form Current member fee...... $745.00 $ Payment (U.S. dollars only) must accompany this form. Purchase orders, vouch- (applies to individual members of USENIX and EurOpen.SE) ers, email, or telephone registrations cannot be accepted. Nonmember fee (includes FREE one-year membership) $845.00 $ ❏ Payment enclosed. Make check payable to USENIX Conference. I do NOT wish to join USENIX at this time (check here): ❏ Charge to my: ❏ VISA ❏ MasterCard ❏ American Express ❏ Discover STUDENT REGISTRATION (special rate) $100.00 $ *Students: Attach a photocopy of current student I.D.

Account No. Exp. Date Membership Renewal Renew your USENIX membership...... $100.00 $ Print Cardholder’s Name Join or renew your SAGE membership...... $40.00 $ (You must be a current member of USENIX to join SAGE) Cardholder’s Signature STUDENTS: Join USENIX or renew your student membership...... $30.00 $ FAX YOUR REGISTRATION FORM TO: +1.510.548.5738 Join SAGE or renew your student SAGE membership $15.00 $ (You must be a current member of USENIX to join SAGE) *Students: Attach a photocopy of current student I.D. CANCELLATION DATE: Wednesday, June 5, 2002 All refund requests must be emailed to [email protected] by June 5. TOTAL DUE $

PLEASE COMPLETE THIS FORM AND RETURN IT, ALONG WITH FULL PAYMENT, TO: C ONFERENCE D EPT., USENIX ASSOCIATION 2560 NINTH S T., SUITE 215 B ERKELEY, CA 94710-2565 27