Upload
anon-132561
View
216
Download
0
Embed Size (px)
Citation preview
8/15/2019 usenix07 training proof
1/24
Join us in Santa Clara, CA,
June 1722, for the 2007
USENIX Annual Technical
Conference.
6 days of training byindustry experts, including:
Richard Bejtlich on TCP/IP
Weapons School, Layers 23
Tom Christiansen on Advanced
Perl Programming
Jacob Farmer on Next GenerationStorage Networking
Steve VanDevender on High-
Capacity Email System Design
And over 30 other full- and half-
day tutorials
3-day technicalprogram, including:
The latest research in the
Refereed Papers Track
Keynote Address by Mendel
Rosenblum, Stanford University
Expert-led Invited Talks Guru Is In Sessions
BoFs, a Poster Session, and more
New in 2007:
SANS Security Training
Register by June 1 and save! www.usenix.org/usenix2007
Santa Clara, CA June 1722, 2007
Dont miss the latest in groundbreakingresearch and cutting-edge practices in a widevariety of technologies and environments.
TRAINING PROGRAM
8/15/2019 usenix07 training proof
2/24
B REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
CONTENTS
1 USENIX 07 Organizers
23 Training at a Glance
412 USENIX Training Program
1315 USENIX Training Instructors1619 SANS Training Program
20 Hotel & Travel Information
21 Registration Information & Fees
USENIX Annual Tech has always been the place to present groundbreakingresearch and cutting-edge practices in a wide variety of technologies and envi-ronments. USENIX 07 will be no exception.
The 2007 USENIX Annual Technical conference will feature:
6-Day Training Program: SundayFriday, June 1722, 2007
The training program at USENIX 07 provides in-depth and immediately useful training on the
latest techniques, effective tools, and best strategies. The 37 half- and full-day sessions are
taught by well-known industry experts, selected for their ability to teach complex subjects.
Topics include:
Hands-on Linux Security: From Hacked to Secure in Two Days, by Rik Farrow
Solaris 10 Security Features Workshop, by Peter Baer Galvin
Distributed Source Code Management Systems: Bzr, Hg, and Git (Oh My!), by
Theodore Tso
New in 2007: SANS at USENIX Annual Tech. In addition to the top-notch USENIX training,
Were partnering with the SANS Institute to offer two 6-day security classes:
SANS Security 504: Hacker Techniques, Exploits, and Incident Handling
SANS Security 617: Assessing and Securing Wireless Networks
Technical Sessions: WednesdayFriday, June 2022, 2007
The 3-day technical program includes:
The latest in cutting-edge research in the Refereed Papers Track
Expert-led invited talks, including the keynote address by Mendel Rosenblum, Stanford
University
Guru Is In sessions, where you can get answers to your most urgent technical ques-
tions
The opportunity to mingle with colleagues and industry leaders at the Birds-of-a-Feath-
er sessions and other evening social events, including poster and vendor sessions and
receptions
Register today at www.usenix.org/usenix2007.
Join leading researchers and practitioners for6 full days on the latest technology.
EARLY BIRDDISCOUNT
SAVE!Register by June 1, 2007, at
www.usenix.org/usenix2007
TOP 5 REASONS TO ATTEND
#1 Top-notch trainingHighly respected experts pro-
vide you with new information
and skills you can take back
to work tomorrow.
#2 Invited TalksIndustry luminaries discusstimely and important topics.
#3 Youll hear it here firstCheck out the latest develop-
ments in cutting-edge
research in the Refereed
Papers Track and poster
session.
#4 AnswersIndustry experts address your
toughest questions in the
Guru Is In sessions.
#5 The chance to mingleTalk with industry leaders and
network with peers in the
evening BoFs and receptions.
8/15/2019 usenix07 training proof
3/24
REGISTER BY JUNE 1 AND SAVE! 1
Program Co-ChairsJeff Chase, Duke University
Srinivasan Seshan, Carnegie Mellon
University
Program Committee
Atul Adya, Microsoft Research
Matt Blaze, University of Pennsylvania
George Candea, EPFLMiguel Castro, Microsoft Research,
Cambridge
Fay Chang, Google
Nick Feamster, Georgia Institute of
Technology
Marc Fiuczynski, Princeton University/
PlanetLab
Terence Kelly, Hewlett-Packard Labs
Eddie Kohler, University of California,
Los Angeles, and Mazu Networks
Z. Morley Mao, University of Michigan
Erich Nahum, IBM T.J. Watson Research
Center
Jason Nieh, Columbia University and
VMware
Brian Noble, University of Michigan
Timothy Roscoe, Intel Research, Berkeley
Emin Gn Sirer, Cornell University
Mike Swift, University of Wisconsin,
Madison
Renu Tewari, IBM Almaden Research
Center
Win Treese, SiCortex, Inc.
Andrew Warfield, Cambridge University
and XenSource
Matt Welsh, Harvard University
Yuanyuan Zhou, University of Illinois at
Urbana-Champaign
Poster Session Chair
Mike Swift, University of Wisconsin,Madison
The USENIX Association Staff
Every USENIX training program registration includes:
Admission to the tutorials you select
Lunch on the day of your tutorials
Training program CD-ROM, including all available tutorial presentations and
materials
Printed materials for your tutorials
Admission to the receptions, BoFs, and other evening events
Conference t-shirt
Wireless connectivity in the conference session area
Every SANS training program registration includes:
Admission to the tutorials you select
Lunch on the day of your tutorials
Complimentary one-year membership in the USENIX Association
Printed materials for your tutorials
Admission to the receptions, BoFs, and other evening events
Conference t-shirt
Wireless connectivity in the conference session area
Our Guarantee
If youre not happy, were not happy. If you feel a tutorial does not meet the high
standards you have come to expect from USENIX, let us know by the first breakand we will change you to any other available tutorial immediately.
USENIX 07 Organizers
8/15/2019 usenix07 training proof
4/242 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
SUNDAY, JUNE 17, 2007
S1 Simson L. Garfinkel Computer Forensics
S2 Dustin Whittle RAD 2.0: Developing Web
Applications with Symfony
S3Rik Farrow Hands-on Linux Security: From Hackedto Secure in Two Days (Day 1 of 2)
S4 Peter Baer Galvin Solaris 10 Administration Workshop
S5 Chip Salzenberg Higher-Order Perl
S6 Strata Rose Chalup Problem-Solving for IT Professionals
S7 Abe Singer Security Without Firewalls
S8 Chip Salzenberg Perl Program Repair Shop and Red
Flags
S9 John Sellens Performance Tracking with Cacti
S10 Theodore Tso Distributed Source Code Man-
agement Systems: Bzr, Hg, and Git(Oh My!)
MONDAY, JUNE 18, 2007
M1 leen Frisch Administering Linux in Production
Environments
M2 Abe Singer Building a Logging Infrastructure and
Log Analysis for Security
M3 Rik Farrow Hands-on Linux Security: From Hacked
to Secure in Two Days (Day 2 of 2)
M4 Marc Staveley System and Network PerformanceTuning
MONDAY, JUNE 18, 2007 (CONTINUED)
M5 Chip Salzenberg Regular Expression Mastery
M6 John Sellens Databases: What You Need to Know
M7 Jacob Farmer Disk-to-Disk Backup and Eliminating
Backup System Bottlenecks
M8 Strata Rose Chalup Practical Project Management for
Sysadmins and IT Professionals
M9 Gerald Carter Ethereal and the Art of Debugging
Networks
M10Jacob Farmer Next Generation Storage Networking
TUESDAY, JUNE 19, 2007
T1 Alan Robertson Configuring and DeployingLinux-HA
T2 Abe Singer Incident Response
T3 Peter Honeyman NFSv4 and Cluster File Systems
T4 Jim Mauro and Solaris 10 Performance, Observability,
Richard McDougall and Debugging
T5 leen Frisch Beyond Shell Scripts: 21st-Century
Automation Tools and TechniquesT6 John Sellens System and Network Monitoring:
Tools in Depth
T7 Steve VanDevender High-Capacity Email System
Design
NEW!
NEW!
SANS security 6-day tutorials: pp. 1619SANS
SANS security 6-day tutorials: pp. 1619SANS
SANS security 6-day tutorials: pp. 1619SANS
NEW!
NEW!
NEW!
NEW!
NEW!
NEW!
NEW!
FULL DAY: 9:00 A.M.5:00 P.M.
HALF DAY AFTERNOON: 1:30 P.M.5:00 P.M.
HALF DAY MORNING: 9:00 A.M.12:30 P.M.
FULL DAY: 9:00 A.M.5:00 P.M.
HALF DAY AFTERNOON: 1:30 P.M.5:00 P.M.
HALF DAY MORNING: 9:00 A.M.12:30 P.M.
FULL DAY: 9:00 A.M.5:00 P.M.
TRAINING AT A GLANCE
8/15/2019 usenix07 training proof
5/24REGISTER BY JUNE 1 AND SAVE! 3
WEDNESDAY, JUNE 20, 2007
W1 Richard Bejtlich Network Security Monitoring with Open
Source Tools
W2 Gerald Carter Using Samba 3.0
W3Peter Baer Galvin Solaris 10 Security Features Workshop
W4 Theodore Tso Inside the Linux 2.6 Kernel
THURSDAY, JUNE 21, 2007
R1 Tom Christiansen Advanced Perl Programming
R2 Richard Bejtlich TCP/IP Weapons School, Layers
23 (Day 1 of 2)
R3 Gerald Carter Implementing [Open]LDAP Directories
R4 Lee Damon Issues in UNIX Infrastructure Design
FRIDAY, JUNE 22, 2007
F1 John Arrasjid and Introduction to VMware Virtual
Shridhar Deuskar Infrastructure 3
F2 Richard Bejtlich TCP/IP Weapons School, Layers23 (Day 2 of 2)
NEW!
NEW!
SANS security 6-day tutorials: pp. 1619SANS
SANS security 6-day tutorials: pp. 1619SANS
SANS security 6-day tutorials: pp. 1619SANS
FULL DAY: 9:00 A.M.5:00 P.M.
FULL DAY: 9:00 A.M.5:00 P.M.
FULL DAY: 9:00 A.M.5:00 P.M.
EARLY BIRDDISCOUNT
SAVE!Register by June 1, 2007, at
www.usenix.org/usenix2007
8/15/2019 usenix07 training proof
6/244 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
USENIX TRAINING PROGRAM
S1 Computer ForensicsSimson L. Garfinkel , Naval Postgraduate
School
Who should attend: Anyone interested
in forensics: recovering lost or deleted
data, hunting for clues, and tracking
information.Topics include:
Introduction to computer forensics
Disk forensics
Network forensics
Document forensics
Memory forensics
Cell phone forensics
Take back to work: An in-depth
understanding of computer forensics,why forensic tools are possible, what
they can do and their limits; modern
tools, and the legal environment that
governs U.S. forensics.
S2 RAD 2.0: Developing WebApplications with SymfonyDustin Whittle , Yahoo, Inc.
Who should attend: Technical project
managers and engineers interested in
learning how to build better Web 2.0
applications using symfony.
Topics include:
Overview and foundations
Is symfony right for your project?
Design patterns and best practices
Project management
Installation
Project creation
Configuring your environment
Setting up your project
Building your object model
Developing fast with scaffolding and
generators
Controlling your model
Developing and managing views
Adding your favorite JavaScriptframework
AJAX and JavaScript helpers via
Prototype
Command line interface
Plugins Unit and functional testing
Performance and security
Project deployment
Take back to work: All you need to
know to dive into your next Web 2.0
application.
S3 Hands-on Linux Security: FromHacked to Secure in Two Days(Day 1 of 2)Rik Farrow , Security Consultant
Who should attend: System adminis-
trators of Linux and other UNIX sys-
tems; anyone who runs a public UNIX
server.
Exercises include:
Searching for hidden files
TCP/IP and its relation to probesand attacks
Uses of ARP and Ethereal
hping2 probes
nmap (connect and SYN scans)
Buffer overflows in sample C pro-
grams
Weaknesses in Web scripts (using a
Perl example)
Take back to work: How to determineif a system has been exploited, use net-
work scanning/evaluation tools, improve
security of your systems, and check
Web scripts for weaknesses.
S4 Solaris 10 AdministrationWorkshopPeter Baer Galvin , Corporate
Technologies
Who should attend: Solaris systems
managers and administrators interested
in learning the new administration fea-
tures in Solaris 10 (and features in previ-
ous Solaris releases that they might not
be using).
Topics include:
Overview
Solaris releases Installing and upgrading to Solaris
10
Patching the kernel and applica-
tions
Service Management Facility
The kernel: update, /etc/system Crash and core dumps
Cool commands you need to know
Zfs, the new endian-neutral file sys-
tem
N1 Grid Containers (a.k.a. Zones)
DTrace
FMA (Fault Management Architec-
ture)
Sysadmin best practicesTake back to work: All you need to
consider in deploying, implementing,
and managing Solaris 10.
S5 Higher-Order Perl(AM) Chip Salzenberg, Consultant and Author
Who should attend: Programmersinvolved in the development and main-
tenance of large systems written partly
or mostly in Perl.
Topics include:
Dynamically replacing functions with
facades
Iterators
Building complex parserseasily!
Take back to work: How to write func-
tions that can manufacture or modify
other functions, instead of writing ten
similar functions that must be main-
tained separately.
S6 Problem-Solving for IT(AM) Professionals
Strata Rose Chalup , Project
Management Consultant
Who should attend: IT support people
who would like to have a better grasp of
problem-solving as a discipline.
Take back to work:
A solid grounding in the process of
solving problems
A framework on which to build trou-
bleshooting techniques that arespecific to your environment
Confidence in your ability to apply
logic and common sense to debug
problems in complex interacting
systems
NEW!
NEW!
NEW!
FULL DAY 9:00 A.M.5:00 P.M.
SUNDAY, JUNE 17, 2007
HALF DAY 9:00 A.M.12:30 P.M.
8/15/2019 usenix07 training proof
7/24REGISTER BY JUNE 1 AND SAVE! 5
S7 Security Without Firewalls(AM) Abe Singer , San Diego Supercomputer
Center
Who should attend: Administrators
who want or need to explore strong,
low-cost, scalable security without fire-
walls.
Topics include:
The threat perspective from a data-
centric point of view
How to implement and maintain
centralized configuration manage-
ment using cfengine, and how to
build reference systems for fast and
consistent (re)installation of hosts
Secure configuration and manage-
ment of core network services such
as NFS, DNS, and SSH
Good system administration prac-tices
Implementing strong authentication
and eliminating use of plaintext
passwords for services such as
POP/IMAP
A sound patching strategy
An overview of how we were com-
promised, how we recovered, and
what we learnedTake back to work: How to build
effective, scalable host-based security
without firewalls.
S8 Perl Program Repair Shop and Red(PM) Flags
Chip Salzenberg, Consultant and Author
Who should attend: Anyone who
writes Perl programs regularly.
Topics include:
Families of variables Making relationships explicit
Refactoring
Programming by convention
Why you should avoid the . opera-
tor
Elimination of global variables
The use strict zombies
What can go wrong with if and
else The Condition that Ate Michigan
Structural vs. functional code
Boolean values
Programs that take two steps for-
ward and one step back
Programs that are 10% backslash-
es
Unnecessary shell calls
How (and why) to let undef be the
special value
Take back to work: How to improve
your own code and the code of others,
making it cleaner, more readable, more
reusable, and more efficient, while at
the same time making it 3050% small-
er.
S9 Performance Tracking with Cacti(PM)
John Sellens, SYONEX
Who should attend: Network and sys-
tem administrators ready to implement
a graphical performance and activity
monitoring tool, who prefer an integrat-
ed, Web-based interface.
Topics include:
Installation: Basic steps, prerequi-sites, common problems and solu-
tions
Configuration, setup options, and
how to manage larger and non-triv-
ial configurations
User management and access con-trol
Special cases: How to deal with
interesting problems
Extending Cacti: How to write
scripts or programs to extend the
functionality of the basic package
Security concerns and access con-
trol
Ongoing operationsTake back to work: The information
needed to immediately implement and
use Cacti to monitor systems and
devices on their networks.
S10 Distributed Source Code(PM) Management Systems: Bzr, Hg, and
Git (Oh My!)
Theodore Tso , IBM Linux TechnologyCenter
Who should attend: Developers, proj-
ect leaders, and system administrators
dealing with source code management
systems who want to take advantage of
the newest distributed development
tools.
Topics include:
Basic concepts of distributed SCMs
Advantages of peer-to-peer sys-
tems
How distributed SCMs work
Strengths and weaknesses of each
distributed SCM
Guidance and suggestions on
choice criteria
Take back to work: An understanding
of the basic concepts of distributed
SCMs, how these systems work, how
to use them, and the information you
need to choose the distributed SCM
that is most appropriate for your proj-
ect.
NEW!
NEW!
See www.usenix.org/usenix07/training for complete training program information.
HALF DAY 1:30 P.M.5:00 P.M.
8/15/2019 usenix07 training proof
8/246 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
MONDAY, JUNE 18, 2007
M1 Administering Linux in ProductionEnvironments
leen Frisch , Exponential Consulting
Who should attend: Both current
Linux system administrators and admin-
istrators from sites considering convert-
ing to Linux or adding Linux systems totheir current computing resources.
Topics include:
Recent kernel developments
High-performance I/O
Advanced compute-server environ-
ments
High availability Linux: fault-toler-
ance options
Enterprise-wide authentication andother security features
Automating installations and other
mass operations
Linux performance tuning
Take back to work: The knowledge
necessary to add reliability and availabil-
ity to their systems, and to assess and
implement tools needed for production-
quality Linux systems.
M2 Building a Logging Infrastructureand Log Analysis for Security
Abe Singer , San Diego Supercomputer
Center
Who should attend: System, network,
and security administrators who want to
be able to separate the wheat of warn-
ing information from the chaff of normalactivity in their log files.
Topics include:
Problems, issues, and scale of han-
dling log information
Generating useful log information:
improving the quality of your logs
Collecting log information
Storing log information
Log analysis How to handle and preserve log
files for HR and legal folks
Take back to work: How to get a han-dle on your log files, which can help you
run your systems and networks more
effectively and can provide forensic
information for post-incident investiga-
tion.
M3 Hands-on Linux Security: FromHacked to Secure in Two Days
(Day 2 of 2)Rik Farrow , Security Consultant
Who should attend: System adminis-
trators of Linux and other UNIX sys-
tems; anyone who runs a public UNIX
server.
Topics include:
John the Ripper, password cracking
Misuses of suid shells, finding back-
doors
Uncovering dangerous network
services
Searching for evidence of rootkits
and bots
Sleuth Kit (looking at intrusion time-
lines)
netfilter
Take back to work: How to uncover
the more subtle indicators of compro-
mise such as backdoors and rootkits,
and improve the network security of
your systems.
M4 System and Network PerformanceTuningMarc Staveley , Soma Networks
Who should attend: Novice andadvanced UNIX system and network
administrators, and UNIX developers
concerned about network performance
impacts.
Topics include:
Performance tuning strategies
Server tuning
NFS performance tuning
Network performance, design, andcapacity planning
Application tuning
Take back to work: Procedures andtechniques for tuning your systems,
networks, and application code, along
with guidelines for capacity planning
and customized monitoring.
M5 Regular Expression Mastery
(AM) Chip Salzenberg, Consultant and Author
Who should attend: System adminis-
trators and users who use Perl, grep,
sed, awk, procmail, vi, or emacs.
Topics include:
Inside the regex engine
Disasters and optimizations
Take back to work: Fixes for all your
regexes: unexpected results, hangs,unpredictable behaviors.
M6 Databases: What You Need to Know(AM) John Sellens, SYONEX
Who should attend: System and
application administrators who need to
support databases and database-
backed applications.
Topics include:
An introduction to database con-
cepts
The basics of SQL (Structured
Query Language)
Common applications of databases
Berkeley DB and its applications
MySQL installation, configuration,
and management
PostgreSQL installation, configura-tion, and management
Security, user management, and
access controls
Ad hoc queries with standard inter-
faces
ODBC and other access methods
Database access from other tools
(Perl, PHP, sqsh, etc.)
Take back to work: A better under-standing of databases and their use
and of how to deploy and support com-
mon database software and database-
backed applications.
FULL DAY 9:00 A.M.5:00 P.M.
HALF DAY 9:00 A.M.12:30 P.M.
USENIX TRAINING PROGRAM
8/15/2019 usenix07 training proof
9/24REGISTER BY JUNE 1 AND SAVE! 7
M7 Disk-to-Disk Backup and(AM) Eliminating Backup System
BottlenecksJacob Farmer , Cambridge Computer
Services
Who should attend: System adminis-
trators involved in the design and man-
agement of backup systems and policy-
makers responsible for protecting their
organizations data.Topics include:
Identifying and eliminating backup
system bottlenecks
Conventional disk staging
Virtual tape libraries
Removable disk media
Incremental forever and synthetic
full backup strategies
Block- and object-level incrementalbackups
Information lifecycle management
and nearline archiving
Data replication
CDP (Continuous Data Protection)
Snapshots
Current and future tape drives
Capacity Optimization (Single-
Instance File Systems)
Minimizing and even eliminating
tape drives
iSCSI
Take back to work: Immediate ideas
for effective, inexpensive improvements
to your backup systems.
M8 Practical Project Management for(PM) Sysadmins and IT Professionals
Strata Rose Chalup , Project
Management Consultant
Who should attend: System adminis-
trators who want to stay hands-on as
team leads or system architects andneed a new set of skills with which to
tackle bigger, more complex challenges.
Topics include:
Quick basics of project manage-
ment
Skill sets
Problem areas
Project management tools
Take back to work: A no-nonsensegrounding in methods that work with-
out adding significantly to ones work-
load. You will be able to take an arbi-
trarily daunting task and reduce it to a
plan of attack that will be realistic, will
lend itself to tracking, and will have
functional, documented goals. You will
be able to give succinct and useful
feedback to management on overallproject viability and timelines and easily
deliver regular progress reports.
M9 Ethereal and the Art of Debugging(PM) Networks
Gerald Carter, Centeris/Samba Team
Who should attend: System and net-
work administrators who are interested
in learning more about the TCP/IP pro-tocol and how network traffic monitor-
ing and analysis can be used as a
debugging, auditing, and security tool.
Topics include:
Introduction to Ethereal for local
and remote network tracing
TCP/IP protocol basics
Analysis of popular application pro-
tocols such as DNS, DHCP, HTTP,NFS, CIFS, and LDAP
How some kinds of TCP/IP network
attacks can be recognized
Take back to work: How to use theEthereal protocol analyzer as a debug-
ging and auditing tool for TCP/IP net-
works.
M10 Next Generation StorageNetworking
(PM) Jacob Farmer , Cambridge Computer
Services
Who should attend: Sysadmins run-
ning day-to-day operations and those
who set or enforce budgets.
Topics include:
Fundamentals of storage virtualiza-
tion: the storage I/O path
Shortcomings of conventional SAN
and NAS architectures
In-band and out-of-band virtualiza-
tion architectures
The latest storage interfaces: SATA
(serial ATA), SAS (serial attached
SCSI), 4Gb Fibre Channel, Infini-
band, iSCSI
Content-Addressable Storage
(CAS)
Information Life Cycle Management
(ILM) and Hierarchical Storage Man-
agement (HSM) The convergence of SAN and NAS
High-performance file sharing
Parallel file systems
SAN-enabled file systems
Wide-area file systems (WAFS)
Take back to work: An understanding
of general architectures, various
approaches to scaling in both perfor-
mance and capacity, relative costs ofdifferent technologies, and strategies for
achieving results on a limited budget.
HALF DAY 1:30 P.M.5:00 P.M.
See www.usenix.org/usenix07/training for complete training program information.
8/15/2019 usenix07 training proof
10/24
8 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
TUESDAY, JUNE 19, 2007
T1 Configuring and Deploying Linux-HA
Alan Robertson , IBM Linux Technology
Center
Who should attend: System adminis-
trators and IT architects who architect,
evaluate, install, or manage critical com-puting systems. It is suggested that par-
ticipants have basic familiarity with sys-
tem V/LSB-style startup scripts, shell
scripting, and XML.
Topics include:
General HA principles
Compilation and installation of the
Linux-HA (heartbeat) software
Overview of Linux-HA configuration Overview of commonly used
resource agents
Managing services supplied with
init(8) scripts
Sample Linux-HA configurations for
Apache, NFS, DHCP, DNS, and
Samba
Writing and testing resource agents
conforming to the Open ClusterFramework (OCF) specification
Creating detailed resource depen-
dencies
Creating co-location constraints
Writing resource location con-
straints
Causing failovers on user-defined
conditions
Take back to work: Both the basictheory of high-availability systems and
practical knowledge of how to plan for
and install and configure highly available
systems using Linux-HA.
T2 Incident Response Abe Singer , San Diego Supercomputer
Center
Who should attend: Security folks,system administrators, and operations
staff (e.g., help desk). Examples are pri-
marily from UNIX systems, but most of
what is discussed will be operating sys-
tem neutral.
Topics include:
Goals: What results do you want?
Policies: Having the authority to do
the job
Tools: Having the stuff to do the job
Intelligence: Having the information
to do the job Initial suspicion: Complaints,
alarms, anomalies
The oh, sh*t moment: When you
realize its a compromise
Gathering information on your
attacker
Assessing the extent of the com-
promise
Communicating: Inquiring minds
want to know
Recovery: Kicking em out and fix-
ing the damage
Evidence handling
The law: Dealing with law enforce-
ment, lawyers, and HR
Take back to work: An understanding
of how to prepare for security incidents
and how to handle incidents in an
organized, effective manner, without
panicking.
T3 NFSv4 and Cluster File Systems
Peter Honeyman, CITI, University of
Michigan
Who should attend: System builders
developing storage solutions for high-end computing, system administrators
who need to anticipate and understand
the state of the art in high performance
storage protocols and technologies,
and researchers looking for an intensive
introduction to an exciting and fertile
area of R&D.
Topics include:
Features of NFSv4 and cluster filesystems
Major coordination issues of lock-
ing, delegation, and shares, giving
special attention to fair queuing for
NFSv4, NLM, and POSIX locks
Efficient client recovery and migra-
tion for NFSv4 on cluster file sys-
tems
An introduction to pNFS, the
emerging parallel extension to
NFSv4, which offers the potential to
deliver the bisectional bandwidth ofa cluster file system to a single
client.
Take back to work: Knowledge of the
challenges and solutions in marrying
NFSv4 with cluster file systems.
T4 Solaris 10 Performance,Observability, and DebuggingJim Mauro and Richard McDougall,Sun Microsystems
Who should attend: Anyone who
supports or may support Solaris 10
machines.
Topics include:
Solaris 10 features overview
Solaris 10 tools and utilities
Understanding memory use and
performance
Understanding thread execution
flow and profiling
Understanding I/O flow and
performance
Looking at network traffic and
performance
Application and kernel interaction
Putting it all together
Take back to work: How to apply the
tools and utilities available in Solaris 10
to resolve performance issues and
pathological behavior, and simply to
understand the system and workload
better.
NEW!
NEW!
NEW!
FULL DAY 9:00 A.M.5:00 P.M.
USENIX TRAINING PROGRAM
8/15/2019 usenix07 training proof
11/24
REGISTER BY JUNE 1 AND SAVE! 9
T5 Beyond Shell Scripts: 21st-CenturyAutomation Tools and Techniques
leen Frisch , Exponential Consulting
Who should attend: System administra-
tors who want to explore new ways of
automating administrative tasks. Shell
scripts are appropriate for many jobs, butmore complex operations will often bene-
fit from sophisticated tools.
Topics include:
Cfengine configurations, sample
uses, and limitations
Expect: Automating interactive
processes
Bacula, an enterprise backup man-
agement facility Network and system monitoring
tools: SNMP overview, Nagios, RRD-
Tool, Ethereal
Take back to work: You will be ready to
begin using these packages in your own
environment, and to realize the efficiency,
reliability, and thoroughness that they offer
compared to traditional approaches.
T6 System and Network Monitoring:Tools in DepthJohn Sellens , SYONEX
Who should attend: Network and sys-
tem administrators ready to implement
comprehensive monitoring of their sys-
tems and networks using the best of the
freely available tools.
Topics include, for each of Nagios,
Cricket, MRTG, and Orca:
Installation: Basic steps, prerequi-
sites, common problems and solu-
tions
Configuration, setup options, and
how to manage larger and nontrivial
configurations
Reporting and notifications, both
proactive and reactive
Special cases: How to deal with inter-
esting problems
Extending the tools: How to write
scripts or programs to extend the
functionality of the basic package
Dealing effectively with network
boundaries and remote sites
Security concerns and access control
Ongoing operationsTake back to work: The information
needed to immediately implement,
extend, and manage popular monitoring
tools on your systems and networks.
T7 High-Capacity Email System Design
Steve VanDevender , University of Oregon
Who should attend: Anyone who needs
to design a high-volume, secure email
system or upgrade an existing one.
Topics include:
Mail system architecture and compo-
nents
MTAs and SMTP
Spam!
LDAs and the mail store
POP, IMAP
Coping with MUAs
Scaling and reliability methods
Take back to work: An overview of
available choices in software and meth-
ods, with their tradeoffs and domains of
applicability.
NEW!
FULL DAY 9:00 A.M.5:00 P.M.
See www.usenix.org/usenix07/training for complete training program information.
ATTENTION MANAGERS: WHY
YOU SHOULD SEND YOUR
EMPLOYEES TO USENIX 07
Hiring the best and the brightest isthe ultimate goal for any employer.
However, keeping current employ-ees up to par is just as important.Technology continues to evolve:
truly to stay ahead of the game,your employees must continue toenhance their skills.
The training program at USENIX 07offers a cost-effective, one-stopshop for training current IT anddevelopment employees. Over 35
full- and half-day tutorials taughtby the most respected leaders inthe field provide an unparalleled
opportunity to learn from the best.Tutorials cover a multitude of topicsincluding open source technologies,system administration, and security.
Combining full days of training withdays of technical sessions ongroundbreaking research makes the
USENIX 07 experience even morevaluable. Additionally, the recep-tions, Poster Session, and Birds-of-
a-Feather sessions provide yourstaff with a chance to network withpeers and industry leaders to gainthat all-important insider IT knowl-edge that will keep your companycurrent and running smoothly.
Keeping up with technology can becostly and time-consuming in thisunforgiving economy: take fulladvantage of this opportunity to
have your staff learn from the topresearchers, practitioners, andauthors all in one place, at onetime.
8/15/2019 usenix07 training proof
12/24
10 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
WEDNESDAY, JUNE 20, 2007
W1 Network Security Monitoring withOpen Source ToolsRichard Bejtlich, TaoSecurity
Who should attend: Anyone who
wants to know what is happening on
their network. I assume command-line
knowledge of UNIX and familiarity withTCP/IP. Anyone with duties involving
intrusion detection, security analysis,
incident response, or network forensics
will profit from this course.
Topics include:
NSM theory
Building and deploying NSM sen-
sors
Accessing wired and wireless traffic Full content tools: Tcpdump, Ethe-
real/Tethereal, Snort as packet log-
ger
Additional data analysis tools:
Tcpreplay, Tcpflow, Ngrep, Netdude
Session data tools: Cisco NetFlow,
Fprobe, Flow-tools, Argus, SANCP
Statistical data tools: Ipcad, Traf-
show, Tcpdstat, Cisco accountingrecords
Sguil (sguil.sf.net)
Case studies, personal war stories,
attendee participation
Take back to work: You will immedi-
ately be able to implement numerous
new techniques and tools to discover
normal, malicious, and suspicious net-
work events.
W2 Using Samba 3.0Gerald Carter, Centeris/Samba Team
Who should attend: System adminis-
trators who are currently managing
Samba servers or are planning to
deploy new servers this year. This
course will outline the new features of
Samba 3.0, including working demon-strations throughout the course session.
Topics include:
How to provide common file and
print services
How to integrate Samba with Active
Directory
How to enable Samba as a Domain
Controller in its own domain
Take back to work: You will under-
stand not only how to configure Samba
in a variety of environments, but alsohow to troubleshoot the unpredictable
glitches that occur at the most inoppor-
tune times.
W3 Solaris 10 Security FeaturesWorkshopPeter Baer Galvin , Corporate
Technologies
Who should attend: Solaris systems
managers and administrators interested
in the new security features in Solaris 10
(and features in previous Solaris releas-
es that they might not be using).
Topics include:
Overview
N1 Grid Containers (a.k.a. Zones)
RBAC: Role Based Access Control
Privileges
NFSv4
Flash archives and live upgrade
(automated system builds)
Moving from NIS to LDAP
DTrace
FTP client and server enhance-
ments for security, reliability, and
auditing
PAM enhancements for moredetailed access control
Auditing enhancements
BSM (the Basic Security Module)
Service Management Facility (a
replacement for rc files)
Solaris Cryptographic Framework
Kerberos enhancements
Packet filtering with IPfilters
BART (Basic Audit Reporting Tool)Take back to work: During this explo-
ration of the important new features of
Solaris 10, youll not only learn what it
does and how to get it done, but also
best practices. Also covered is the sta-
tus of each of these new features, how
stable it is, whether it is ready for pro-
duction use, and expected future
enhancements.
W4 Inside the Linux 2.6 KernelTheodore Tso , IBM Linux Technology
Center
Who should attend: Application pro-
grammers and kernel developers.
Topics include:
How the kernel is organized
(scheduler, virtual memory system,
filesystem layers, device driver lay-
ers, networking stacks)
Ground rules of kernel program-
ming (races, deadlock conditions)
Implementation and properties of
the most important algorithms
Comparison between Linux and
UNIX kernels, with emphasis on
differences in algorithms
Details of the Linux scheduler
The requirements for portabilitybetween architectures
Take back to work: An overview and
roadmap of the kernels design and
functionality.
FULL DAY 9:00 A.M.5:00 P.M.
USENIX TRAINING PROGRAM
8/15/2019 usenix07 training proof
13/24
REGISTER BY JUNE 1 AND SAVE! 11
R1 Advanced Perl ProgrammingTom Christiansen , Consultant
Who should attend: Anyone with a
journeyman-level working knowledge of
Perl programming who wants to hone
Perl skills.
Topics include:
Symbol tables and typeglobs
Modules
References
Fancy object-oriented programming
Managing exceptions and warnings
Regular expressions
Programming with multiple
processes or threads
Unicode and I/O layers
Take back to work: With a much rich-
er understanding of Perl, you will be
better able to make it part of your daily
routine.
R2 TCP/IP Weapons School, Layers23 (Day 1 of 2)Richard Bejtlich, TaoSecurity
Who should attend: Junior and inter-
mediate analysts and system adminis-
trators who detect and respond to
security incidents.
Topics for Day 1 include:
Layer 2
What is layer 2?
Ethernet in brief
packet delivery on the LAN Ethernet interfaces
ARP basics, ARP request/reply, ARP
cache, Arping, Arpdig, Arpwatch
VLANs
Dynamic Trunking Protocol
Layer 2 attacks
MAC address trickey
MAC flooding: Macof
ARP denial of service: arp-sk
Port stealing: Ettercap
Layer 2 man-in-the-middle: Ettercap
Dynamic Trunking Protocol attack:
Yersinia
Take back to work: The fundamentals
of TCP/IP networking. You will learn
how to interpret network traffic by ana-
lyzing packets generated by network
security tools and how to identify secu-
rity events on the wire.
R3 Implementing [Open]LDAPDirectories
Gerald Carter, Centeris/Samba Team
Who should attend: Both LDAP direc-
tory administrators and architects.
Topics include:
Replacing NIS domains
Integration with Samba file and print
servers
Integrating MTAs such as Sendmail
and Postfix Creating customized LDAP schema
items
Examining scripting solutions for
developing your own directory
administration tools
Take back to work: Comfortable with
LDAP terms and concepts, you will
understand how to extend that knowl-
edge to integrate future applicationswith it into your network.
R4 Issues in UNIX InfrastructureDesignLee Damon , University of Washington
Who should attend: Anyone who is
designing, implementing, or maintaining
a UNIX environment with 2 to 20,000+
hosts; system administrators, archi-tects, and managers who need to main-
tain multiple hosts with few admins.
Topics include:
Administrative domains: Who is
responsible for what, and what can
users do for themselves?
Desktop services vs. farming: Do
you do serious computation on the
desktop, or do you build a computefarm?
Disk layout: How do you plan for an
upgrade? Where do things go?
Free vs. purchased solutions:
Should you write your own, or hire a
consultant or company?
Homogeneous vs. heterogeneous:
Homogeneous is easier, but will it
do what your users need?
The essential master database:
How can you keep track of what
you have? Policies to make life easier
Push vs. pull
Getting the user back online in 5
minutes
Remote administration: Lights-out
operation; remote user sites; keep-
ing up with vendor patches, etc.
Scaling and sizing: How do you
plan on scaling?
Security vs. sharing: Your users
want access to everything. So do
the crackers . . .
Single sign-on: How can you do it
securely?
Single system images: Can users
see just one environment, no matter
how many OSes there are?
Tools: The free, the purchased, the
homegrown
Take back to work: The answers to all
the questions you should ask while
designing and implementing the mixed-
architecture or single-architecture UNIX
environment that will meet your needs.
NEW!
FULL DAY 9:00 A.M.5:00 P.M.
THURSDAY, JUNE 21, 2007
See www.usenix.org/usenix07/training for complete training program information.
8/15/2019 usenix07 training proof
14/24
12 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
FRIDAY, JUNE 22, 2007
F1 Introduction to VMware VirtualInfrastructure 3John Arrasjid and Shridhar Deuskar,
VMware
Who should attend: System adminis-
trators and architects who are interest-
ed in deploying a VMware Virtual Infra-structure, including ESX Server and
VirtualCenter, in a production environ-
ment. No prior experience with VMware
products is required. Knowledge of
Linux is helpful; basic knowledge of
SANs is useful but not required.
Topics include:
Virtual Infrastructure overview
ESX Server and VirtualCenteroverview
Installation and configuration
Virtual machine creation and opera-
tion
Migration technologies such as
VMware Converter
Operations and administration best
practices
Advanced configuration (SAN and
networking)
Take back to work: How to deploy a
VMware virtual infrastructure effectively
on your own site.
F2 TCP/IP Weapons School, Layers23 (Day 2 of 2)Richard Bejtlich, TaoSecurity
Who should attend: Junior and inter-
mediate analysts and system adminis-
trators who detect and respond to
security incidents.
Topics for Day 2 include:
Layer 3
What is layer 3?
Internet Protocol
Raw IP: Nemesis
IP options: Fragtest
IP time-to-live: Traceroute
Internet Control Message Protocol:
Sing ICMP Error Messages: Gnetcat
IP Multicast: Iperf
IP Multicast: Udpcast
IP fragmentation: Fragtest
Layer 3 attacks
IP IDs: Isnprober
IP IDs: Idle Scan
IP TTLs: LFT
IP TTLs: Etrace and Firewalk
ICMP Covert Channel: Ptunnel
IP fragmentation: Fragroute and Pf
Take back to work: The fundamentals
of TCP/IP networking. You will learn
how to interpret network traffic by ana-
lyzing packets generated by network
security tools and how to identify secu-
rity events on the wire.
NEW!
FULL DAY 9:00 A.M.5:00 P.M.
CONTINUING EDUCATION
UNITS (CEUS)
USENIX provides Continuing
Education Units for a small addi-
tional administrative fee. The CEUis a nationally recognized stan-
dard unit of measure for continu-
ing education and training and is
used by thousands of organiza-
tions.
Each full-day tutorial qualifies for
0.6 CEUs. You can request CEU
credit by completing the CEU
section on the registration form.USENIX provides a certificate for
each attendee taking a tutorial for
CEU credit and maintains tran-
scripts for all CEU students.
CEUs are not the same as college
credits. Consult your employer or
school to determine their applica-
bility.
WANT MORE INFO?
For full tutorial desccriptions, see
www.usenix.org/usenix07/training.
USENIX TRAINING PROGRAM
8/15/2019 usenix07 training proof
15/24
REGISTER BY MONTH JUNE 1 AND SAVE! 13
John ArrasjidF1
John Arrasjid has 20 years
of experience in the com-
puter science field, includ-
ing work with AT&T,
Amdahl, 3Dfx Interactive,
Kubota Graphics, Roxio, and his own com-
pany, WebNexus Communications, where
he developed consulting practices and builta cross-platform IT team. John is currently a
senior member of the VMware Professional
Services Organization.
Richard Bejtlich
W1, R2, F2
Richard Bejtlich is founder
of TaoSecurity LLC(http://www.taosecurity
.com), a company that
helps clients detect, con-
tain, and remediate intru-
sions using network security monitoring
(NSM) principles. Richard wrote the Tao of
Network Security Monitoring: Beyond Intru-
sion Detection and the forthcoming Extru-
sion Detection: Security Monitoring for Inter-
nal Intrusions and Real Digital Forensics.
Gerald Carter
M9, W2, R3
Gerald Carter has been a
member of the Samba
Development Team since
1998. He has been devel-
oping, writing about, andteaching on open source
since the late 1990s. Currently employed by
Centeris as a Samba and open source
developer, Gerald has written books for
SAMS Publishing and for OReilly Publish-
ing.
Strata Rose ChalupS6, M8
Strata Rose Chalup has
been leading and manag-
ing complex IT projects
for many years. She has
written a number of arti-
cles and has volunteered
for BayLISA and SAGE. Strata has built a
successful consulting practice around beingan avid early adopter of new tools. Another
MIT dropout, Strata founded VirtualNet Con-
sulting in 1993.
Tom Christiansen
R1
Tom Christiansen has
been involved with Perlsince day zero of its initial
public release in 1987.
Author of several books
on Perl, including the Perl
Cookbook and Programming Perl from
OReilly, Tom is also a major contributor to
Perls online documentation. He holds
undergraduate degrees in Computer Sci-
ence and Spanish and a Masters in Com-
puter Science. He now lives in Boulder, Col-
orado.
Lee Damon
R4
Lee Damon has been a
UNIX system administra-
tor since 1985 and has
been active in SAGE(U.S.) and LOPSA since
their inceptions. He assist-
ed in developing mixed environments at IBM
Watson Research, Gulfstream Aerospace,
and QUALCOMM. He is currently leading
the development effort for the Nikola project
at the University of Washington Electrical
Engineering department. He is past chair of
the SAGE Ethics and Policies workinggroups, and he was the chair of LISA 04.
Shridhar Deuskar
F1
Shridhar Deuskar has
over 10 years of experi-
ence in system adminis-
tration of UNIX and Win-
dows servers. He has
consulted with companies such as Caterpil-
lar, HP, and EMC. Currently he is a Consult-
ing Architect in VMwares Professional Serv-ices organization and is responsible for
delivering services tied to virtualization to
clients worldwide.
Jacob Farmer
M7, M10
Jacob Farmer has written
numerous papers andarticles and is a regular
speaker at trade shows
and conferences. In addi-
tion to his expert advice
column in the Reader I/O section of InfoS-
tor Magazine, Jacob serves as the publica-
tions senior technical advisor. Jacob has
over 18 years of experience with storage
technologies and is the CTO of CambridgeComputer Services, a national integrator of
data storage and data protection solutions.
Rik Farrow
S3, M3
Rik Farrow provides UNIX
and Internet security con-
sulting and training. He
has been working with
UNIX system security
since 1984 and with
TCP/IP networks since 1988. He has taught
at the IRS, Department of Justice, NSA,
NASA, US West, Canadian RCMP, Swedish
Navy, and for many U.S. and European user
groups. He is the author ofUNIX System
Security and System Administrators Guide
to System V. Farrow is the editor of ;login:and works passionately to improve the state
of computer security.
USENIX TRAINING INSTRUCTORS
8/15/2019 usenix07 training proof
16/24
14 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
leen Frisch
M1, T5
leen Frisch has been
working as a system
administrator for over 20
years. She currently looks
after a pathologically het-
erogeneous network of UNIX and Windows
systems. She is the author of several books,
including Essential System Administration(now in its 3rd edition from OReilly). leen
was the program chair for LISA 03 and is a
frequent presenter at USENIX events, as
well as presenting classes for universities
and corporations worldwide.
Peter Baer Galvin
S4, W3
Peter Baer Galvin is the
Chief Technologist for Cor-
porate Technologies, Inc.,
a systems integrator and
VAR. He has written arti-
cles for Byte and other
magazines. He wrote the Petes Wicked
World and Petes Super Systems columns
at SunWorld. He is currently contributing
editor for Sys Admin, where he manages the
Solaris Corner. Peter is co-author of the
Operating Systems Concepts and Applied
Operating Systems Concepts textbooks.
Simson L. Garfinkel
S1
Simson L. Garfinkel is an
Associate Professor atthe Naval Postgraduate
School in Monterey, CA,
and a fellow at the Center
for Research on Computa-
tion and Society at Harvard University. He is
also the founder of Sandstorm Enterprises,
a computer security firm. Garfinkel writes a
monthly column for CSO Magazine and is
the author or co-author of fourteen bookson computing. He is perhaps best known
for his bookDatabase Nation: The Death of
Privacy in the 21st Century.
Peter Honeyman
T3
Peter Honeyman is
Research Professor of
Information at the Univer-
sity of Michigan and Sci-
entific Director of the Cen-
ter for Information Technology Integration,
where he leads a team of scientists, engi-
neers, and students developing the Linux-
based open source reference implementa-
tion of NFSv4 and its extensions for high
end computing. With 25 years of experience
building middleware for file systems, securi-
ty, and mobile computingincluding Honey
DanBer UUCP, PathAlias, MacNFS, Discon-
nected AFS, and WebCard (the first Internet
smart card)Honeyman is regarded as one
of the worlds leading experimental comput-er scientists.
James Mauro
T4
James Mauro is a Senior
Staff Engineer in the Per-
formance and Availability
Engineering group at SunMicrosystems. Jims cur-
rent interests and activities
are centered on benchmarking Solaris 10
performance, workload analysis, and tool
development. This work includes Suns new
Opteron-based systems and multicore per-
formance on Suns Chip Multithreading
(CMT) Niagara processor. He spent most of
his spare time in the past year working on
the second edition ofSolaris Internals. Jim
co-authored the first edition ofSolaris Inter-
nals with Richard McDougall.
Richard McDougallT4
Richard McDougall, had
he lived 100 years ago,
would have had the hood
open on the first four-
stroke internal combus-
tion gasoline-powered
vehicle, exploring new techniques for mak-
ing improvements. These days, McDougalluses technology to satisfy his curiosity. He is
a Distinguished Engineer at Sun Microsys-
tems, specializing in operating systems
technology and system performance. He is
co-author ofSolaris Internals and Resource
Management.
Alan Robertson
T1
Alan Robertson founded
the High-Availability Linux
(Linux-HA) project in 1998
and has been project
leader for it since then.
He worked for SuSE for a
year, then in March 2001 joined IBMs Linux
Technology Center, where he works on it full
time. Before joining SuSE, he was a Distin-
guished Member of Technical Staff at Bell
Labs. He worked for Bell Labs for 21 years
in a variety of roles. These included provid-
ing leading-edge computing support, writing
software tools and developing voicemail
systems.
TRAINING INSTRUCTORS
FPO
8/15/2019 usenix07 training proof
17/24
REGISTER BY MONTH JUNE 1 AND SAVE! 15
Chip SalzenbergS5, S8, M5
Chip Salzenberg is Princi-
pal Engineer at Cloud-
mark, where he fights
spam with flair and
aplomb. Chip is also chief
coder (pumpking) of the
Parrot virtual machine (http://parrotcode
.org), with which he plans to bring alldynamic languages together and, in the
darkness, dynamically bind them. He was
pumpking for Perl release 5.4. He created
the automated Linux install-and-test system
for VA Linux Systems and was VAs Kernel
Coordinator. Chip has been published by
OReilly and Prentice Hall on Perl and other
topics.
John Sellens
S9, M6, T6
John Sellens has been
involved in system and
network administration
since 1986 and is the
author of several related
USENIX papers, a number
of;login: articles, and the SAGE Short Top-ics in System Administration booklet #7,
System and Network Administration for
Higher Reliability. He is the proprietor of
SYONEX, a systems and networks consul-
tancy, and is currently a member of the sys-
tems team at Magna International. From
1999 to 2004, he was the General Manager
for Certainty Solutions in Toronto. Prior to
joining Certainty, John was the Director ofNetwork Engineering at UUNET Canada and
was a staff member in computing and infor-
mation technology at the University of
Waterloo for 11 years.
Abe SingerS7, M2, T2
Abe Singer is a Computer
Security Researcher in the
Security Technologies
Group at the San Diego
Supercomputer Center. In
his operational security responsibilities, he
participates in incident response and foren-
sics and in improving the SDSC logginginfrastructure. His research is in pattern
analysis of syslog data for data mining. He is
co-author of of the SAGE booklet Building a
Logging Infrastructure and author of a forth-
coming OReilly book on log analysis.
Marc Staveley
M4
Marc Staveley works with
Soma Networks, where
he is applying his many
years of experience with
UNIX development and
administration in leading
their IT group. Previously Marc had been an
independent consultant and also held posi-
tions at Sun Microsystems, NCR, PrincetonUniversity, and the University of Waterloo.
He is a frequent speaker on the topics of
standards-based development, multi-
threaded programming, system administra-
tion, and performance tuning.
Theodore Tso
S10, W4
Theodore Tso has been a
Linux kernel developer
since almost the very
beginnings of Linux: he
implemented POSIX job
control in the 0.10 Linux
kernel. He is the maintainer and author of
the Linux COM serial port driver and the
Comtrol Rocketport driver, and he architect-
ed and implemented Linuxs tty layer. Out-side of the kernel, he is the maintainer of the
e2fsck filesystem consistency checker. Ted
is currently employed by IBM Linux Technol-
ogy Center.
Steve VanDevenderT7
By once not knowing to
be afraid of Sendmail,
Steve VanDevender has
ended up specializing in
email system administra-
tion for much of his system administration
career. At efn.org between 1994 and 2002,
he ended up managing a mail system thatgrew to 10,000 users; at the University of
Oregon since 1996, he has helped manage
a mail system that has grown from 20,000
to 30,000 users and, more important, has
grown even more in message volume and
user activity, with many corresponding
changes to cope with that growth. Since
2000, he has taught a popular course in
system administration for the University ofOregons Department of Computer and
Information Science.
Dustin Whittle
S2
Dustin Whittle is a Techni-
cal Yahoo in the Social
Search Group at Yahoo!.He is also a contributing
developer on the symfony
project and the developer
of several plugins. Before joining Yahoo!, he
was a self-employed technology consultant,
working around the world to make the Web
a better place for everyone and was the lead
developer at The Web Freaks. As a consult-
ant and trainer, Dustin has taught tutorials
and given talks at many conferences andinstitutions on such topics as enterprise
Web development and symfony.
FPO
FPO
8/15/2019 usenix07 training proof
18/24
16 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
SANS TRAINING PROGRAM
SANS Security 504:Hacker Techniques, Exploits,and Incident HandlingJohn Strand , Northrop Grumman
Overview: Instead of merely teaching a few
hack attack tricks, this course includes atime-tested, step-by-step process for
responding to computer incidents, a
detailed description of how attackers under-
mine systems so you can prepare, detect,
and respond to them, and a hands-on work-
shop for discovering holes before the bad
guys do. Additionally, the course explores
the legal issues associated with responding
to computer attacks, including employee
monitoring, working with law enforcement,
and handling evidence.
Who should attend: Individuals who lead
or are a part of an incident handling team;
system administrators and security person-
nel; ethical hackers/penetration testers.
SUNDAY, JUNE 17, 2007504.1 Incident Handling Step-by-Step
and Computer Crime
Investigation
The first part of the course looks
at the invaluable Incident Handling
Step-by-Step model. This section is
designed to introduce the incident
handling process, using the six steps
(preparation, identification, contain-
ment, eradication, recovery, and les-
sons learned) needed to prepare for
and deal with a computer incident.
The second part examines case stud-
ies to understand what works in iden-
tifying computer attackers. This sec-
tion provides valuable information on
the steps a systems administrator can
take to improve the chances of catch-
ing and prosecuting attackers.
Topics include:
Preparation
Identification
Containment
Eradication
Recovery
Special actions for responding to
different types of incidents
Incident record keeping
Incident follow-up
MONDAY, JUNE 18, 2007504.2 Computer and Network Hacker
Exploits: Part 1
Seemingly innocuous data leaking
from your network could provide the
clue needed by an attacker to blow
your systems wide open. This day-
long course covers the details associ-
ated with reconnaissance and scan-
ning, the first two phases of many
computer attacks. If you dont have
the skills needed to understand these
critical phases of an attack in detail,
you wont be able to protect your net-
work.
Topics include:
Reconnaissance
Scanning
Intrusion detection system evasion
Hands-on exercises with the follow-
ing tools:
What is layer 3?
NetStumbler for wireless LAN discov-
ery
Nmap port scanner and operating
system fingerprinting tool Nessus Vulnerability Scanner
Enum for extracting Windows data
through null sessions
TUESDAY, JUNE 19, 2007
504.3 Computer and Network Hacker
Exploits: Part 2
Computer attackers are ripping ournetworks and systems apart in novel
ways, while constantly improving their
techniques. This day-long course cov-
ers the third step of many hacker
attacks: gaining access.
This section covers the attacks in
depth, from the details of buffer over-
flow and format string attack tech-
niques to the latest in session hijack-
ing of supposedly secure protocols.
For each attack, the course explains
the vulnerability, how various toolsexploit it, the signature of the attack,
and how to harden the system or
application against the attack.
Topics include:
Network-level attacks
Gathering and parsing packets
Operating system and application-
level attacks
Netcat: The attackers best friend Hands-on exercises with the follow-
ing tools:
Sniffers, including Tcpdump
Sniffer detection tools, including
ifconfig, ifstatus, and promiscdetect
Netcat for transferring files, creating
backdoors, and setting up relays
Format string vulnerabilities in Win-
dows
WEDNESDAY, JUNE 20, 2007504.4 Computer and Network Hacker
Exploits: Part 3
This course starts out by covering one
of the attackers favorite techniques
for compromising systems: worms.
Well analyze worm developments
over the past two years and get a feelfor the Super Worms well face in the
future. Then the course turns to
another vital area often exploited by
attackers: homegrown Web applica-
tions. Attackers exploit these targets
using SQL injection, cross-site script-
ing, session cloning, and a variety of
other mechanisms discussed in detail.
The course also presents a taxonomyof nasty denial of service attacks, illus-
trating how attackers can stop servic-
es or exhaust resources and how to
prevent their nefarious deeds.
SUNDAYFRIDAY, JUNE 1722, 2007, 9:00 A.M.5:00 P.M.
USENIX is pleased to partner with SANS at USENIX 07 to offer two 6-day training courses focused on security.
16 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
8/15/2019 usenix07 training proof
19/24
REGISTER BY JUNE 1 AND SAVE! 17
Topics include:
Password cracking
Web application attacks
Denial of service attacks
Hands-on exercises with the following
tools:
John the Ripper password cracker Web application attack tools, including
Achilles
THURSDAY, JUNE 21, 2007504.5 Computer and Network Hacker
Exploits: Part 4
This course covers the fourth and fifth
steps of many hacker attacks: maintain-
ing access and covering their tracks. In
this course, well analyze the most com-
monly used malicious code specimens,
as well as explore future trends in mal-
ware, including BIOS-level and combo
malware possibilities. This course gives
you the tools and techniques you need
to detect and respond to these activities
on your computers and network.
Topics include:
Maintaining access
Covering their tracks
Putting it all together
Hands-on exercises with the following
tools:
Virtual Network Computing (VNC) and
Shovelling GUI
RootKits and detection
Detecting backdoors with Netstat, Lsof,and Fport
Hidden file detection with LADS
Covert Channels using Covert_TCP
FRIDAY, JUNE 22, 2007504.6 Hacker Tools Workshop
This workshop lets you put what you
have learned over the past week into
practice. You will be connected to one
of the most hostile networks on planet
Earth. This network simulates the Inter-
net and allows students to try actual
attacks against live machines and learn
how to protect against these attacks.
This workshop will give students flight
time with the attack tools to better
understand how they work. Additionally,
students can participate in the work-
shops Capture the Flag event. By pene-
trating systems, discovering subtleflaws, and using puzzle-solving tech-
niques, you can test the skills youve
built over the week in this engaging con-
test. The Capture the Flag victors will
win a prize.
Topics include:
Hands-on analysis
General Exploits
Other attack tools and techniques
John Strand
John Strand started working in information
security at Accenture Consulting at the Depart-
ment of the Interior, where he worked incident
response, vulnerability assessment, and intru-
sion detection. He is currently employed with
Northrop Grumman in Denver doing Information
Assurance. John currently holds the CISSP and
GIAC GCIH and GCFW certifications.
LAPTOP REQUIRED
See www.usenix.org/usenix07
/training for more information.
PLEASE NOTE
Each SANS class runs for 6
days. Attending a SANS
course precludes attending
USENIX training courses or
technical sessions. See p. 22
for registration information.
SATISFACTION
GUARANTEED
If you feel a SANS tutorial
does not meet your needs, let
us know by the first break and
we will change you into any
other available SANS or
USENIX tutorial immediately.
See www.usenix.org/usenix07/training for complete training program information.
8/15/2019 usenix07 training proof
20/24
SANS TRAINING PROGRAM
SANS Security 617:Assessing and SecuringWireless NetworksJames Tarala , Enclave
Overview: Few fields are as complex as
wireless security. This course breaks downthe issues and relevant standards that affect
wireless network administrators, auditors,
and information security professionals. With
hands-on labs and instruction from industry
wireless security experts, you will gain an
intimate understanding of the risks threaten-
ing wireless networks. After identifying risks
and attacks, well present field-proven tech-
niques for mitigating these risks, leveraging
powerful open-source and commercial tools
for Linux and Windows systems.
Who should attend: Operations profes-
sionals who are responsible for designing
and implementing secure wireless networks;
security professionals who are concerned
about the weaknesses of wireless networks;
penetration testers who want to include
wireless network security assessments in
their organizations services offerings; audi-
tors who must evaluate wireless networks
to ensure they meet an acceptable level of
risk and are compliant with organizational
policy. Students should have a working
knowledge of wireless networks, with expe-
rience in the design or deployment of wire-
less technology.
SUNDAY, JUNE 17, 2007617.1 Wireless Architecture, RF
Fundamentals
The field of wireless networking is
vastly complex, with umpteen proto-
cols, standards, and nonstandard
software packages. This day intro-
duces the architecture of wireless net-
works, varying wireless protocols, andradio-frequency concepts.
Topics include:
Radio frequency characteristics
Interference in wireless networks
Calculating signal gain and loss
Wireless organizers and standards
bodies
Antenna signal propagation and
characteristics
Building home-brew antennas from
parts Conducting effective site surveys
MONDAY, JUNE 18, 2007617.2 Auditing Wireless Networks
Hands-on
This day examines the process of
auditing wireless networks through
passive network analysis using popu-
lar sniffer tools. Well also examine the
various threats that target wireless
networks, take an in-depth look at the
802.11 MAC layer, and leverage tools
such as Kismet to map the range and
exposure of wireless networks.
Topics include:
Common misconceptions about
wireless security
Using satellite maps to document
wireless signal leakage
Understanding 802.11 addressing
Passive WLAN traffic sniffing
Leveraging TCPDump, Ethereal,
and Kismet
Analyzing wireless traffic with post-
processing tools
TUESDAY, JUNE 19, 2007617.3 WLAN Hacker Tools and
Techniques, Part IHands-on
With the flurry of wireless standards
and specifications has come a flurry of
attack tools that leverage protocol and
implementation weaknesses to com-
promise wireless security. This first of
three days exploring tools and tech-niques focuses on the threats and mit-
igation techniques surrounding rogue
APs, WEP-based security, and 802.1x
with dynamic WEP security.
Topics include:
Exploring how rogue APs can be
used against your organization
Wireless-side techniques for identi-
fying and locating rogue APs
Automating centralized wired-side
scanning for rogue APs Triangulation techniques for locating
transmitters
Understanding the RC4 cipher used
in WEP security
Weaknesses in WEP and dynamic
WEP implementations
Evaluating your network using pop-
ular hacker tools
WEDNESDAY, JUNE 20, 2007617.4 WLAN Hacker Tools and
Techniques, Part IIHands-on
This second of three days exploring
tools and techniques focuses on the
threats and mitigation techniques for
outdoor wireless MAN networks,
Cisco LEAP networks, networks using
VPN, and WPA pre-shared key imple-mentations.
Topics include:
Understanding different types of
wireless MAN networks
Software and hardware for sniffing 5
GHz networks
Evaluating WMAN information dis-
closure
Weaknesses in MS-CHAPv2 andMD4 hashing techniques
Operation and weaknesses in Cisco
LEAP Networks
Recovering user passwords from
LEAP transactions
Common vulnerabilities in wireless
IPSec/VPN deployments
Leveraging IP-over-DNS to bypass
VPN security Understanding the TKIP algorithm
and pre-shared key vulnerabilities
SUNDAYFRIDAY, JUNE 1722, 2007, 9:00 A.M.5:00 P.M.
USENIX is pleased to partner with SANS at USENIX 07 to offer two 6-day training courses focused on security.
18 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
8/15/2019 usenix07 training proof
21/24
THURSDAY, JUNE 21, 2007617.5 WLAN Hacker Tools and
Techniques, Part IIIHands-on
This third of three days exploring tools
and techniques focuses on the threats
and mitigation techniques for assessing
PEAP networks using WPA security,
DoS attacks against wireless networks,
hotspot security, and WLAN IDS moni-
toring techniques.
Topics include:
Understanding RADIUS and key dis-
tribution in 802.1x networks
Leveraging weaknesses to compro-
mise PEAP+WPA security
Evaluating the impact of WLAN DoS
attacks
Understanding Layer 1 and Layer 2
WLAN DoS techniques
Assessing hotspot security as a
provider, subscriber, and security
administrator
Service theft risks on wireless
hotspots
Rogue APs and hotspot networks Compromising SSL security on
hotspot networks
Designing and deploying WLAN intru-
sion detection services
Implementing WLAN intrusion preven-
tion services
Open-source and commercial tools
for WLAN monitoring
FRIDAY, JUNE 22, 2007617.6 Designing a Secure Wireless
InfrastructureHands-on
This sixth day of the course shifts from
learning about different attack tech-
niques and vulnerabilities to the steps
we can take to design a secure infra-
structure that will be resistant to attacks.
Using the knowledge gathered from the
previous days, well review the deploy-
ment or migration steps that organiza-
tions can take to mitigate the weakness-
es in other architectures, using
commercial or open-source tools.
Topics include:
Steps for migrating from WEP to WPA
to WPA2
Introduction to public key infrastruc-
ture (PKI) authentication
Deploying PKI using low-cost tools
Automating client setup and configu-
ration for secure wireless
Integrating RADIUS with existing
authentication databases
Securing 802.1x and RADIUSauthentication
Deploying PEAP for enterprise wire-
less security
Deploying secure VPN connectivity
for wireless networks
James Tarala
James Tarala is a principal consultant with
Enclave Hosting, LLC, and is based in Venice,
FL. He is a regular speaker and senior instruc-
tor with the SANS Institute, as well as a course-
ware author and editor for many of their audit-
ing and security courses. As a consultant
he has spent the past few years architecting
large enterprise IT security and infrastructure
architectures, specifically working with many
Microsoft-based, directory services, email, ter-
minal services, and wireless technologies.
LAPTOP REQUIRED
See www.usenix.org/usenix07
/training for more information.
PLEASE NOTE
Each SANS class runs for 6
days. Attending a SANS
course precludes attending
USENIX training courses or
technical sessions. See p. 22
for registration information.
SATISFACTION
GUARANTEED
If you feel a SANS tutorial
does not meet your needs, let
us know by the first break and
we will change you into any
other available SANS or
USENIX tutorial immediately.
REGISTER BY JUNE 1 AND SAVE! 19
See www.usenix.org/usenix07/training for complete training program information.
8/15/2019 usenix07 training proof
22/24
20 REGISTER TODAY: WWW.USENIX.ORG/USENIX2007
SANTA CLARA,CALIFORNIA
HOTEL & TRAVELHyatt Regency Santa Clara
5101 Great America ParkwaySanta Clara, CA 95054Tel: (408) 200-1234Fax: (408) 980-3990http://santaclara.hyatt.com/hyatt/hotels/
Hotel Reservation Discount Deadline: May 29, 2007
USENIX has negotiated special rates for conference attendees at the Hyatt Regency Santa Clara.Please make your reservation as soon as possible by contacting the hotel directly. You must men-
tion USENIX to get the special group rate.Special Attendee Room Rate
$169 per night, plus 9.5% state and local tax, $0.12 California State Tourism Tax, and $1.00 Dis-trict Improvement Tax
Note: When the rooms in the USENIX block are sold out, requests will be handled on a space-available basis at the hotel's standard rate. Make your reservations early!
Why should you stay in the headquarters hotel?
We encourage you to stay in the conference hotel and when making your reservation to identifyyourself as a USENIX conference attendee.
It is by contracting rooms for our attendees that we can significantly reduce hotel charges formeeting room rental. When the sleeping rooms are not utilized, we face significant financial penal-ties. These penalties ultimately force us to raise registration fees.
We recognize, however, that not everyone can afford to stay in the conference hotel, so we alwaystry to book venues that have some low-cost alternatives available near the conference.
With costs going higher and higher, we are working hard to negotiate the very best hotel rates andkeep other conference expenses down in order to keep registration fees as low as possible. Weappreciate your help in this endeavor.
Airports & Ground Transportation
The hotel is located 5 miles from San Joses Norman Y. Mineta International Airport (SJC) and 30miles from San Francisco International Airport (SFO). Shuttle service from SJC to the hotel costsapproximately $1621 per person, and taxi service costs approximately $1530. Shuttle servicefrom SFO to the hotel costs approximately $36 per person, and taxi service costs approximately$80100. Valet parking at the hotel costs $10 per day and self-parking is complimentary. Seewww.usenix.org/usenix07/hotel for more information.
Traveling to USENIX 07 from Outside the U.S.A.
See detailed advice from the National Academies about visiting the United States at http://www7.nationalacademies.org/visas/Traveling_to_US.html.
About Santa Clara
USENIX is pleased to bring the Annual Technical Conference to Santa Clara. Santa Clara and itsenvirons offer a wide array of activities to occupy your free time, including a vibrant cultural sceneand exciting amusement park. Here are just a few ideas:
Paramounts Great America, http://www.pgathrills.com
Intel Museum, http://www.intel.com/museum
Tech Museum of Innovation, http://www.thetech.org NASA Ames Exploration Center, http://www.nasa.gov/centers/ames/home/exploration.html
Rosicrucian Egyptian Museum & Planetarium, http://www.egyptianmuseum.org
See the Santa Clara Convention & Visitors Bureaus Web site, http://www.santaclara.org, for more.
8/15/2019 usenix07 training proof
23/24
REGISTER BY JUNE 1 AND SAVE! 21
REGISTRATION INFORMATION & FEESRegister or make a reservation on the Web today athttp://www.usenix.org/usenix07/registration.
Pay today with a credit card, or make a reservation online and then payby check, phone, or fax. Have the best of both worlds: the convenienceof online registration without the hassle of hand-written forms, and theability to pay as you want, when you want!
Early Bird Registration Deadline: June 1, 2007
TRAINING PROGRAM REGISTRATION
Every USENIX training program registration includes:
Admission to the tutorials you select
Lunch on the day of your tutorials Training program CD-ROM, including all available
tutorial presentations and materials
Printed tutorial materials for your courses
Admission to the evening activities
Conference t-shirt
Wireless connectivity in conference session area
Every SANS training program registration includes:
Admission to the tutorials you select
Lunch on the day of your tutorials Complimentary one-year membership in the USENIX Association
Printed tutorial materials for your courses
Admission to the evening activities
Conference t-shirt
Wireless connectivity in conference session area
TECHNICAL SESSIONS REGISTRATION
Every technical sessions registration includes:
Admission to all technical sessions on the days of your choice Copy of the Conference Proceedings (in print or on CD-ROM)
Admission to the evening activities
Conference t-shirt
Wireless connectivity in conference session area
Multiple Employee DiscountWe offer discounts for organizations sending 5 or more employees toUSENIX 07. Please email [email protected] for more details.
The group discount cannot be used in conjunction with any other dis-
counts, and it cannot be applied retroactivelythat is, refunds will not beissued to those meeting the discount requirement after they have alreadyregistered.
REGISTRATION FEES
USENIX is pleased to offer Early Bird Registration Discounts of up to$300 to those who register for USENIX 07 by June 1, 2007. After June 1,registration fees increase.
*Each SANS class runs for 6 days. Attending a SANS course precludes
attending USENIX training courses or technical sessions.
For maximum savings, combine Package A with Package B or C.
If you are not a member of USENIX, EurOpen.SE, or NUUG, $120 will beadded to your technical sessions fees.
Optional CostsContinuing Education Units (CEUs): $15 per training day
Registration Fees for Full-Time StudentsUSENIX offers full-time students special low registration fees for USENIX07 that are available at any time. See www.usenix.org/usenix07/studentsfor more information.
Students who are not members of USENIX: $45 will be added to yourtechnical sessions fee.
Workshop RegistrationUSENIX 07 will be co-located with the 3rd Workshop on Steps toReducing Unwanted Traffic on the Internet (SRUTI 07) and with the FAST-OS PI Meeting and Workshop. Please see www.usenix.org/sruti07 formore information and to register for SRUTI 07, and www.usenix.org
/fastos07 for more information and to register for the FAST-OS workshop.
Daily Rates for Full-Time Students
1 day of technical sessions $110
1 day of USENIX trainingA limited number of USENIX tutorial seats are reserved for full-timestudents at this very special rate. Students must reserve their tuto-
rial seats before registering. If you plan to take half-day tutorials,you must take both half-days to qualify for the student rate. Thereis no special student rate for SANS training.
$200
SAVE! Choose One of Our SpecialDiscount Packages
Before
June 1
After
June 1
A. 3 Days of Technical Sessions SAVE $100! $680 $830
B. 2 Days of USENIX Training SAVE $50! $1220 $1320
C. 3 Days of USENIX Training SAVE $100! $1805 $1955
D. 4 Days of USENIX Training SAVE $200! $2340 $2540
E. 5 Days of USENIX Training SAVE $300! $2875 $3125
F. 6 Days of USENIX Training SAVE $600! $3210 $3510
G. 6 Days of SANS Training* $3210 $3510
Daily RatesBefore
June 1
After
June 1
1 day of technical sessions $260 $310
1 day of USENIX training $635 $685
1 half-day of USENIX training;second half-day only $300
$335 $385
Refund/Cancellation Deadline: Monday, June 11, 2007All refund requests must be emailed to [email protected] byMonday, June 11, 2007. You may substitute another in your place.
Please Read: This is not a registration form. Please use our onlineform to register or make a reservation. If you choose to make a reser-vation and pay later by check or credit card, you will receive a print-able summary of your session selections, the cost breakdown, andthe total amount due. If you are paying by check or phone, submit a
copy of this summary along with your payment or have it with youwhen you call. Tutorial bookings cannot be confirmed until paymenthas been received. Purchase orders, vouchers, and telephone reser-vations cannot be accepted.
8/15/2019 usenix07 training proof
24/24
USENIX ASSOCIATION
2560 Ninth Street, Suite 215
Berkeley, CA 94710
510.528.8649
510.548.5738 fax
Register with the prioritycode on your mailing labelto receive a $25 discount!
Non-Profit
Organization
US Postage
PAID
Permit #110
Hopkins, MN
Hewlett-Packard Labs
THANKS TO OUR SPONSOR THANKS TO OUR MEDIA SPONSORS
Santa Clara, CA June 1722, 2007
ACM Queue
Dr. Dobbs Journal
IEEE Security & Privacy
ITtoolboxLinux Journal
No Starch Press
SNIA
Sys Admin
Join leading researchers and practitioners for 6 full days on the latest technologies.