|[Thursday Session 1]
[Thursday Session 2] [Thursday
[Friday Session 1] [Friday Session 2]
Th11 - 10.10-10.55 Where do Security Bugs Come From?
Speaker: Theo de Raadt
Theo de Raadt has been involved with free UNIXoperating systems since 1990. Early developments included porting Minix to the sun3/50 and amiga, and PDP-11 BSD 2.9 to a 68030 computer. As one of the founders of the NetBSD project, Theo worked on maintaining and improving many system components including the sparc port and a free YP implementation that is now in use by most free systems. In 1995 Theo created the OpenBSD project, which places focus on security, integrated cryptography, and code correctness. Theo works full time on advancing OpenBSD.
Infrastructure software (more commonly known by the mundane names ”system software” or ”the operating system”) is relied on to run applications or layer other service-providing software on. Increasingly, the UNIX user community is becoming concerned less with the nitty-gritty characteristics of this software, but more about simple reliability, robustness, security, and correct operation while running their applications.
Over the last three years the OpenBSD team did a comprehensive security audit of a complete UNIX system. Hundreds of security problems were repaired and whole new classes of problems were discovered. More importantly, thousands of non-security related bugs were fixed as a side effect of the procedures which the developers followed.
UNIX based systems are relied on by all of us, every day. Yet the software is full of bugs. Hopefully a few abstract lessons can be gleamed from what our auditors learned during the code audit, to explain where the bugs come from, why they keep being created, and some have persisted for so long. And perhaps avoid them in the future.
Th12 - 10.55-11.35 Burglar Alarms for Intrusion Detection
Speaker: Marcus J. Ranum is CEO of Network Flight Recorder, Inc a software company specializing in network monitoring and intrusion detection.
This talk provides an overview of some techniques system and network managers can use to build their own trivial but effective intrusion detection capabilities.
Th13 - 11.35-12.15 Security Profiles: A Small Collection (Hodgepodge) of What Stuff Hackers Know About You
Speaker: Brad C. Johnson, Vice President of Consulting SystemExperts Corporation
This session will be useful for anyone with any type of TCP/IP-based system, whether it is a UNIX, Windows, NT, or mainframe operating system.
Whether network-based host intrusions come from the Internet, an Extranet, or an Intranet, they typically follow a common methodology: reconnaissance, vulnerability research, and exploitation.
This session will review a few of the tools and techniques hackers (determined intruders) use to perform these activities. The session will focus primarily on tools that exploit many of the common TCP/IP based protocols (such as TCP, WWW, SSL, DNS, and SNMP) which underlie virtually all of the Internet applications. This course will concentrate on examples drawn from public domain tools because these tools are widely available and commonly used (and are available for you to use for free!).
Th14 - 13.30-14.10 New About C++
Speaker: Bjarne Stroustrup is the designer and original implementor of C++. He is an AT&T Fellow and the head of AT&T Labs' Large-scale Programming Research department. Recipient of the 1993 ACM Grace Murray Hopper award. ACM fellow.
To get the most out of Standard C++ we must rethink the way we write C++ programs. An approach to such a ”rethink” is to consider how C++ can be learned (and taught). What design and programming techniques do we want to emphasize? What subsets of the language do we want to learn first? What subsets of the language do we want to emphasize in real code?
I compare a few examples of simple C++ programs written in a modern style using the standard library to traditional C-style solutions. I argue briefly that lessons from these simple examples are relevant to large programs.
More generally, I argue for a use of C++ as a higher-level language that relies on abstraction to provide elegance without loss of efficiency compared to lower-level styles.
Th15 - 14.10-14.50 Software Package Management in a Distributed Environment
Speaker: Tobias Oetiker, Timelord & SysMgr @ EE-Dept ETH-Zurich
Tobias Oetiker has been working as a UNIX Systems Manager and Toolsmith since 1994. First in England and then at the Swiss Federal Institute of Technology. One of his hobbies is writing Network Monitoring software.
Keeping the software installation up to date in a large, distributed and potentially heterogeneous environment is one of the major challenges in the area of system management. At the same time, solving this problem is one of the most rewarding tasks, as the availability of a wide range of well maintained software packages is one of the prime triggers for a happy user base.
Th16 - 15.10-15.50 News in Solaris 8 from a Technical View
Speaker: Kjell Högström works as Solaris product specialist at Sun Microsystems AB. He has worked with UNIX for about ten years.
The first part of this talk will give a brief technical overview of new features in Solaris 8. There are many new features and improvements, e.g. IPv6, LDAP as a name service, faster booting of large systems, better debugging and new security features. In the second part of the talk a few of these will be described in more detail.
Th17 - 15.50-16.30 Soft Updates: A Technique for Eliminating Most Synchronous Writes in the Fast Filesyst
Speaker: Dr. Marshall Kirk McKusick writes books and articles, consults, and teaches classes on UNIX- and BSD-related subjects. While at the University of California at Berkeley, he implemented the 4.2BSD fast file system, and was the Research Computer Scientist at the Berkeley Computer Systems Research Group (CSRG) overseeing the development and release of 4.3BSD and 4.4BSD. His particular areas of interest are the virtual-memory system and the filesystem. He is a past president of the Usenix Association and is a member of ACM and IEEE.
Traditionally, filesystem consistency has been maintained across system failures either by using synchronous writes to sequence dependent metadata updates or by using write-ahead logging to atomically group them. Soft updates, an alternative to these approaches, is an implementation mechanism that tracks and enforces metadata update dependencies to ensure that the disk image is always kept consistent. The use of soft updates obviates the need for a separate log or for most synchronous writes. Indeed, the ability of soft updates to aggregate many operations previously done individually and synchronously reduces the number of disk writes by 40 to 70% for file-intensive environments. In addition to performance enhancement, soft updates can also maintain better disk consistency. By ensuring that the only inconsistencies are unclaimed blocks or inodes, soft updates can eliminate the need to run a filesystem check program after every system crash. Instead, the system is brought up immediately. When it is convenient, a background task can be run on the active filesystem to reclaim any lost blocks and inodes.
Th18 - 16.30-17.10 AIX/Monterey Futures
Speaker: Bill Sandve, Director, UNIX Product Management
Exciting things are happening with UNIX. AIX/Monterey is reaching new heights of Scalability & Performance, far reaching Robustness & Manageability, and leading Software Technology Enablers. Bill Sandve of IBM Austin goes beyond the high level views and marketing polish into the 'why's and 'how's of creating an enterprise class UNIX for the 21st century.
Some Keywords: AIX, Monterey, PowerPC, IA-64, LPAR, NUMA, Multipath I/O, Dynamic Reconfiguration, System self-diagnostics, Distributed Web-based System Management, Workload Management, Flexible Cluster Management, Java, IPv6, LDAP Directory.