A UGUST 2005 VOLUME 30 NUMBER 4 THE USENIX MAGAZINE OPINION Musings RIK FARROWS Conference Password Sniffing ABE SINGER SYSADMIN The Inevitability of Xen JON CROWCROFT, KEIR FRASER, STEVEN HAND, IAN PRATT, AND ANDREW WARFIELD Secure Automated File Transfer MARK MCCULLOUGH SAN vs. NAS for Oracle: A Tale of Two Protocols ADAM LEVIN Practical Perl ADAM TUROFF ISPadmin ROBERT HASKINS L AW Primer on Cybercrime Laws DANI EL L. APPELMAN SECURITY Forensics for System Administrators SEAN PEISERT Your Defense Is Offensive STEVE MANZUIK WORKPLACE Marketing after the Bubble EMILY W. SALUS AND PETER H. SALUS BOOK REVIEWS Book Reviews RIK FAROWS USENIX NOTES SAGE Update DAVID PARTER ...and much more CONFERENCES 2005 USENIX Annual Technical Conference 2nd Symposium on Networked Systems Design and Implementation (NSDI ’05) 6th IEEE Workshop on Mobile Computing Systems and Applications (WMCSA 2004) The Advanced Computing Systems Association Upcoming Events INTERNET MEASUREMENT CONFERENCE 2005 4TH USENIX CONFERENCE ON FILE AND (IMC ’05) STORAGE TECHNOLOGIES (FAST ’05) Sponsored by ACM SIGCOMM in cooperation with USENIX Sponsored by USENIX in cooperation with ACM SIGOPS, IEEE Mass Storage Systems Technical Committee (MSSTC), OCTOBER 19–21, 2005, NEW ORLEANS, LA, USA and IEEE TCOS http://www.usenix.org/imc05 DECEMBER 14–16, 2005, SAN FRANCISCO, CA, USA http://www.usenix.org/fast05 ACM/IFIP/USENIX 6TH INTERNATIONAL MIDDLEWARE CONFERENCE 3RD SYMPOSIUM ON NETWORKED SYSTEMS NOVEMBER 28–DECEMBER 2, 2005, GRENOBLE, FRANCE DESIGN AND IMPLEMENTATION (NSDI ’06) http://middleware05.objectweb.org Sponsored by USENIX, in cooperation with ACM SIGCOMM and ACM SIGOPS MAY 8–10, 2006, SAN JOSE, CA, USA 19TH LARGE INSTALLATION SYSTEM http://www.usenix.org/nsdi06 ADMINISTRATION CONFERENCE (LISA ’05) Paper titles and abstracts due: October 10, 2005 Sponsored by USENIX and SAGE Final paper submissions due: October 17, 2005 DECEMBER 4–9, 2005, SAN DIEGO, CA, USA http://www.usenix.org/lisa05 5TH SYSTEM ADMINISTRATION AND NETWORK ENGINEERING CONFERENCE (SANE 2006) 2ND WORKSHOP ON REAL, LARGE Organized by Stichting SANE and co-sponsored by Stichting DISTRIBUTED SYSTEMS (WORLDS ’05) NLnet, USENIX, and SURFnet MAY 15–19, 2006, DELFT, THE NETHERLANDS DECEMBER 13, 2005, SAN FRANCISCO, CA, USA http://www.usenix.org/worlds05 http://www.sane.nl/sane2006 Paper submissions due: October 24, 2005 Paper submissions due: August 8, 2005 3RD INTERNATIONAL IEEE SECURITY IN STORAGE 2006 USENIX ANNUAL TECHNICAL WORKSHOP CONFERENCE (USENIX ’06) Sponsored by IEEE Computer Society Task Force on Information MAY 30–JUNE 3, 2006, BOSTON, MA, USA Assurance (TFIA) in cooperation with IEEE Mass Storage Systems Technical Committee (MSSTC) and USENIX DECEMBER 13, 2005, SAN FRANCISCO, CA, USA http://www.ieeeia.org/sisw/2005 For a complete list of all USENIX & USENIX co-sponsored events, see http://www.usenix.org/events OPINION 2 Musings RIK FARROW 5 Conference Password Sniffing: Legal and Ethical Issues ABE SINGER SYSADMIN 10 The Inevitability of Xen JON CROWCROFT, KEIR FRASER, STEVEN HAND, contents IAN PRATT, AND ANDREW WARFIELD 14 Secure Automated File Transfer MARK MCCULLOUGH 18 SAN vs. NAS for Oracle: A Tale of Two Protocols ADAM LEVIN 22 Practical Perl: Defensive CGI Programming with Taint Mode and CGI::Untaint ADAM TUROFF 28 ISPadmin: Understanding and Mitigating DDoS Attacks ROBERT HASKINS LAW 31 Primer on Cybercrime Laws DANI EL L. APPELMAN SECURITY 34 Forensics for System Administrators SEAN PEISERT VOL. 30, #4, AUGUST 2005 43 Your Defense Is Offensive STEVE MANZUIK EDITOR ;login: is the official WORKPLACE Rik Farrow magazine of the [email protected] USENIX Association. 47 Marketing After the Bubble MANAGING EDITOR ;login: (ISSN 1044-6397) is EMILY W. SALUS AND PETER H. SALUS Jane-Ellen Long published bi-monthly by the [email protected] USENIX Association, 2560 BOOK REVIEWS COPY EDITOR Ninth Street, Suite 215, Steve Gilmartin Berkeley, CA 94710. 50 Book Reviews [email protected] $85 of each member’s annual RI K FARROW PRODUCTION dues is for an annual sub- Rob Carroll scription to ;login:. Subscrip- USENIX NOTES Casey Henderson tions for nonmembers are $115 per year. 51 20 Years Ago in ;login: TYPESETTER PETER H. SALUS Star Type Periodicals postage paid at [email protected] Berkeley, CA, and additional 52 SAGE Update offices. USENIX ASSOCIATION DAVID PARTER POSTMASTER: Send address 2560 Ninth Street, 53 New Membership Benefits Suite 215, Berkeley, changes to ;login:, California 94710 USENIX Association, TARA MULLIGAN AND ANNE DICKISON Phone: (510) 528-8649 2560 Ninth Street, FAX: (510) 548-5738 Suite 215, Berkeley, CONFERENCE REPORTS CA 94710. http://www.usenix.org 54 2005 USENIX Annual Technical Conference http://www.sage.org ©2005 USENIX Association. 79 2nd Symposium on Networked Systems Design USENIX is a registered trade- mark of the USENIX Associa- and Implementation (NSDI ’05) tion. Many of the designa- 88 6th IEEE Workshop on Mobile Computing tions used by manufacturers and sellers to distinguish their Systems and Applications (WMCSA 2004) products are claimed as trade- marks. USENIX acknowl- edges all trademarks herein. Where those designations appear in this publication and USENIX is aware of a trade- mark claim, the designations have been printed in caps or initial caps. AT MY HOUSE, AS AT MOST OF THE buildings in the world, the best views are RIK FARROW from the roof. When I sit up there, I can see thunderstorms 30 miles away, up on the Colorado Plateau to the north. Even though I can see great bolts of lightning striking the ground, around me it is quiet and calm. musings The comparative silence is an illusion. As I wrote in Rik Farrow provides UNIX and Internet security con- my last column, enormous botnets wait to carry out sulting and training. He is the author of UNIX System their owners’ bidding, whether it be DDoS, relaying Security and System Administrator’s Guide to System spam, or assimilating more systems. There is more V and editor of the SAGE Short Topics in System Administration series. bloated software than ever before, just waiting to be exploited. Steve Manzuik has an article in this issue [email protected] about security software that has been (and still is being) exploited. One of the things I have always found fascinating is NOTE operating system design. I will have attended the [1] There actually were two papers presented about security HotOS workshop, as an observer, by the time you at HotOS, so security was a topic that was seriously read this. And one aspect of operating systems that I addressed. don’t expect will be discussed is security [1]. We have generally chosen not to include security in our oper- ating systems, outside of jails, firewalls, and some coarse-grained protection like the BSD secure levels. And these are add-ons. Operating systems are not designed for security; they are designed for perform- ance and to support features. Computers are already ubiquitous. From the simple controllers in toasters, microwaves, and cars to the more powerful ones in cell phones, computers have become embedded throughout the developed world. What is changing about these computers is just how powerful they can be. AMD has announced a new, low-power, i386-compat- ible CPU, the Geode LX 800 (http://www.linuxdevices .com/news/NS2872282951.html). This link points to a Linux site, but if you read the AMD PR, it points out that the Geode supports a familiar programming envi- ronment—Windows CE. The Geode can amply sup- port Windows or Linux or BSD. The 500Mhz process- ing core includes native support for DDR RAM at 400Mhz, L1 and L2 caches, 2-D graphics, and hard- ware support for cryptography. The companion chip supports ATA, PCI, and USB busses, and the two chips together draw only two watts of power. Com- pare that power consumption to almost anything on the desktop today, along with the performance, and you can see where this is going. Cell phones with the same capabilities as PCs of five years ago—except without decent keyboards. And security? I would not want to carry any device, especially one designed for network communications like a cell phone, that runs Windows CE. But even 2 ;LO GIN: V OL. 30, NO. 4 getting FreeBSD, OpenBSD, or Linux to run mobile Another Hat applications securely takes some serious work. None of these operating systems was designed from the In my collection of work apparel, I have added a new ground up to support security. Security was included, hat to wear, that of editor of ;login:. I can’t rely on dis- in the case of UNIX, to support multiple users on the tant visions from my rooftop to learn what the same system, not for protecting a single user who USENIX community wants or needs, or what people might run hostile apps. within that community are doing. I need you to tell Perhaps you don’t believe me. Let’s look at some me what interests you, what you want to know, what solutions. you are doing, or, better yet, what you can share with the community. The SAGE update, written by David Parter, is one example of learning what part of the Sandbox community is doing. The BSD jail is a nice solution: Chroot on steroids, Although united around computing, the USENIX something I’ve written a lot about before. Its failings community is a broad one. A quick look at the events are limited control over networking and none over calendar shows that there are many small confer- processor scheduling. ences/workshops sponsored by USENIX, often co- Fedora includes a complete SELinux configuration. sponsored with other organizations. These work- SELinux was designed to provide Mandatory Access shops cost more than can be collected as registration Control, a mechanism where users are not able to fees, and the USENIX Association—that is, you— control even access to their own files.