Tutorial Program Wednesday February 14

See Monday

Instructor: Lars-Johan Liman, Netnod

Lars-Johan Liman, M.Sc., employed at the Network Operations Center at the Royal Institute of Technology in Stockholm, Sweden, has played in the DNS arena for 10 years, starting out with local LAN administration, gradually moving on to top level domain and root server admini-stration. He is, since 1994, responsible for the root name server in Stockholm, he is a member of ICANN’s Root Server System Advisory Committee, and he is the chairman of the DNS Operations working group in the IETF. He’s taught commercial, academic, and military courses on the subject of DNS since 1993.

Who should attend:
Name-server administrators who need a deeper under-standing of the DNS protocol and its recent extensions. Participants should already be quite familiar with the operation of DNS service, be familiar with Internet protocols such as TCP and UDP, and have knowledge of the basic theories of public- and private-key encryption.

Abstract:
This tutorial will do a walk-through of the DNS proto-col and explain the various bits and pieces from a stand-point of “general DNS knowledge”. Special attention will be paid to recent extensions like Notify, Dynamic Updates, EDNS, DNSSEC etc. New features of BIND9 will also be mentioned.

Instructor: Daniel V. Klein, Consultant (see also Tu3)

Who should attend:
Experienced Perl programmers and webmasters interested in learning more about CGI tech-niques than would be learned in a class on "how to write a CGI program in Perl". Attendees are assumed to know the fundamentals of HTML and CGI programming, as well in using (but not writing) Perl modules.

Abstract:
CGI programming is fundamentally an easy thing. The Common Gateway Interface merely defines that a CGI program be able to read stdin and environment variab-les, and to write to stderr. But writing efficient CGI programs of any degree of complexity is a difficult process. In this class, we will examine the following CGI-related topics in Perl:

• Multi-stage forms
  • Sequential “shopping cart” systems
  • Undirected “jump page” systems
  • Techniques for recording selections across pages
    
    
• Cookies
  • For authentication and authorization
  • For user tracking
  • For data validation
  • For data hiding and indirection
    
    
• Data exchange and efficiency
  • File uploading
  • Redirection and temporary aliasing
    
    
• CGI Security
  • Taint checking
  • Denial of service attacks
  • Data security
    
    
• Daemonization of processes
  • Fast CGI and mod_perl
  • Front-end/back-end solutions
  • Backgrounding
    
    
• Invocation and response techniques
  • Statelessness and statefulness
  • PATH_INFO vs. Cookies vs. CGI parameters
  • Static vs. dynamic vs. locally cached responses
    
    
• Web automation from CGI scripts
  • Fetching remote pages
  • Parsing HTML and extracting data
  • Determining and setting image sizes

In all examples, we will show which Perl modules exist to make these tasks easier. Numerous code examples will be provided, as well as pointers to web pages containing fully functioning examples for later examination.

Instructor: Gerald Carter, VA Linux Systems (see M2)

Who should attend:
This tutorial is intended for systems and network admin-istrators who wish to integrate Samba running on a UNIX-based machine with Microsoft Windows’ clients. No familiarity with Windows networking concepts will be assumed.

Abstract:
Samba is a freely available suite of programs that allows UNIX-based machines to provide file and print services to Microsoft Windows PC’s without installing any third party software on the clients. This allows users to access necessary resources from both PC’s and UNIX work-stations. As Samba makes its way into more and more network shops all over the world, it is common to see “configuring Samba servers” listed as a desired skill on many job descriptions for network administrators.

This tutorial will use real world examples taken from daily administrative tasks in order to help you.

Topics include:

• Install Samba from the ground up
• Understand the basic Microsoft networking proto-cols and concepts such as NetBIOS, CIFS, and Windows NT Domains including Windows 2000
• Configure a UNIX box to provide remote access to local files and printers from Microsoft Windows clients
• Utilize client tools to access files on Windows servers from a UNIX host
• Configure Samba as a member of a Windows NT Domain in order to utilize the domain’s PDC for user authentication
• Use Samba as a Domain Controller
• Configure Samba to participate in network browsing
• Automate the daily tasks of managing Samba

Instructor: Brad C. Johnson, Vice President of Consulting – SystemExperts Corporation

Who should attend:
Network, system, and firewall administrators; security audi-tors or those that are audited; people involved with responding to intrusions or responsible for network-based applications or systems, which might be targets for hackers. Participants should understand the basics of TCP/IP networking. Examples will use actual tools and will also include small amounts of HTML, JavaScript and TCL languages.

Abstract:
This course will be useful for anyone with any type of TCP/IP-based system, whether it is a UNIX, Windows, NT, or mainframe operating system or a router, firewall, or gateway network host. Whether network-based host intrusions come from the Internet, an Extranet, or an Intranet, they typically follow a common methodolo-gy: reconnaissance, vulnerability research and exploita-tion. This tutorial will review the tools and techniques hackers (determined intruders) use to perform these activities. You will learn what types of protocols and tools to be aware of and you will become familiar with a number of current methods and exploits. The course will focus on how you can generate vulnerability profiles of your own systems. Additionally, it will review some of the important management policy and issues that are related to these network based probes.

The course will focus primarily on tools that exploit many of the common TCP/IP based protocols (such as WWW, SSL, DNS and SNMP) which underlie virtually all of the Internet applications, including Web technologies, net-work management and remote filesystems. Some 6 topics will be addressed at a detailed technical level. This course will concentrate on examples drawn from public domain tools because these tools are widely available and commonly used by hackers (and are available for you to use for free!).

Topics include:

Profiles: What can an intruder determine about your site remotely? Review of profiling methodologies: different “viewpoints” generate different types of profiling information. Techniques: Scanning, on-line research, TCP/IP protocol “mis”uses, denial of service, and hacking clubs. Important intrusion areas: discovery techniques, SSL, SNMP, WWW, DNS Tools: Including scotty, strobe, netcat, SATAN, SAINT/SARA, ISS, mscan, sscan, queso, curl and Nmap. Management issues: defining policies and requirements to minimize intrusion risk.