Slashdot Mirror

← Back to Stories (view on slashdot.org)

SANE 2000 Programme Announced

Posted by ryuzaki0 on from the NP:-From-this-moment dept.

Brad Knowles has sent in the details for SANE 2000, an international conference on System Administration and Networking, focused on Unix and IP networks. Read on for a a few choice recommendations from Brad.

Brad writes: FreeBSD's Poul-Henning Kamp is giving a presentation entitled "Confining the Omnipotent Root", and you can read more about the presentation Joe Greco (no stranger to those of you at the cross-roads of USENET news administration and FreeBSD) is giving on the subject of how he has built a large (and highly scalable) USENET news server system on relatively inexpensive commodity components.

For the security-minded folks in the crowd who might be willing to look a bit further afield, you might be interested in the presentation Jon Lasser is giving on Bastille Linux (a ruggedized Red Hat, or the presentation that Guido van Rooij is doing on "Real Stateful TCP Packet Filtering in IP-filter".

SANE is running from May 22 to the 25th, at Maastrict in the Netherlands. Full program details, on-line registration, hotel information, reservation forms, and travel information can be found at the SANE Web site.

15 of 81 comments (clear)

  1. InSane Quiz Question? by SuperG · · Score: 3

    I noticed the SANE 2000 totally InSane quiz sample questions, one of which is the following:

    What is the maximum airspeed velocity of an unladen swallow?

    To which I can only reply:

    African of European?

    Cheers,
    SuperG

    1. Re:InSane Quiz Question? by SuperG · · Score: 2

      To all those people who are wondering, yes I made a typo in the above comment. It should have read:

      African fo European.

      Sorry for the inconvenience.

      Cheers,
      SuperG

  2. Root access... by pb · · Score: 2

    Being able to control who has root for what jobs is a very hairy task under Unix. Although having user accounts devoted to specific tasks in certain groups works for some things, ultimately it's all just a nasty hack on top of a "good enough" system...

    A good design for this would have to designate certain capabilities for a given user or task, and I imagine that it would get very complicated. That's one of the good things about groups under Unix: it does most of this, while still being pretty simple.

    That having been said, it's still a lot better than a system where there's *only* a root account, or a system that is only designed to be used by one user, and needs ugly hacks to add to that... :)
    ---
    pb Reply or e-mail; don't vaguely moderate.

    --
    pb Reply or e-mail; don't vaguely moderate.
  3. sudo (was Re:Root access...) by BetaJim · · Score: 3

    The sudo utility is great. With it you can give root access to users only for certain commands.
    Certainly, using groups is very useful but, if you need more fine grained control sudo is the best way to go.

    --

    "Drug related crime" is a misnomer, "prohibition related crime" is the more accurate and correct phrase.

  4. Yeah I got something on this in the mail by Felinoid · · Score: 2

    The people doing this thing.. SANS... Seem to have industreal stringth clue.. at least to me :)

    Anyway I submit that Linux advocates should attend this as well as admin... It is useful to have a well rounded understanding of the real security issues (as apposed to FUD) of Unix in general and Windows... This will put you in a position of explainning the real security issues vs the science fiction of people mistereously having access to some computer after downloading the source code to same.

    A well informed IT will know that security defects are located and repaired within Linux all the time. If you don't fix thies bugs some script kiddy will make use of them.

    An IT dosn't want to update software every day. He'd rather go with something that dosn't put such a workload on him.
    So he'd go with closed source as crackers don't have source code to aid them.
    However decompilers have existed for years and as such a cracker can have source code for any program he desires. It dosn't recompile mind you but a cracker dosn't care about recompiling as long as he can discover and exploit a defect.

    If your going to argue the value of Linux it will be nessisary to understand the issues as well as the guy who allready knows all the security issues. If you can not explain how security by obscurity is a farce you won't get very far.

    And thats not the only issue... You should understand getting root vs getting admin... and be able to explain how to address any given Linux security issue as well as demonstrate how using Windows dosn't dodge the ball.

    Ok enough rambling from me :)

    --
    I don't actually exist.
  5. Re:Interesting program by jd · · Score: 2
    GPLed code doesn't bother me. Personally, I think the GPL is the best licence out there.

    Algorithms may, technically, be IPSec-generic, but in practice that is simply not practical. Why? Because the IPSec standard defines the inputs and outputs, but not what goes on in the middle. (Which, arguably, is what standards are -SUPPOSED- to do.)

    But, if you don't know what goes on in the middle, how is it possible to define changes which would make IPSec tamper-resistant? How do you change the undefined in a controlled, predictable way?

    As for the authors living in Germany & the Netherlands, that's not a particularly good reason, I'm afraid. With the relaxation of the crypto laws, all it would take is someone in the US to get the disk, publish it on a website, and you could download it legally. That you did not consider this possibility tells me that you didn't spend overly long considering the new US export laws, or the impact that would have on obtaining US crypto technology.

    Sure, that might be too much trouble, but that's not what you said. You said you can't, which is simply not true, and hasn't been for some time.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  6. Right by kwsNI · · Score: 3

    System Administration and SANE. Aren't they like, opposites???

    kwsNI

  7. Is online better? by noeld · · Score: 3
    So I ask the question: Is online better?

    Here online we can have a 24x365 system admin conference. All without going out into the big blue room.

    So what does flying to far off places give you, (other than fun/travel)? Is there any point/value to these things?

    Noel

    RootPrompt.org -- Nothing but Unix

    --

    kayaking

    1. Re:Is online better? by rde · · Score: 3

      So I ask the question: Is online better?
      "Hey, boss. There's a sysadmin conference on, and it's vital for the security of our network that I attend."

      "Sure thing. We'll spring for expenses and we'll just struggle on for the week that you're away."

      "no need. It's online. I'll just have to stay in work for an extra couple of hours each day while it's on."

      "Gosh, the internet's great."

      "Yeah."

  8. Interesting program by jd · · Score: 5
    But a bit short on useful subject matter.

    Some of the stuff seemed overly OS/Implementation dependent. eg: The stuff on tamper-resistant IPSec could be applied to NRL's IPSec code for BSD4.4. The chances are, though, it'll be specific to FreeS/WAN, and won't even apply to NIST's IPSec implementation for Linux.

    Then, there's the flip-side - areas noticably absent from the programme. Nothing on IPv6. Nothing on QoS. Nothing on Mobile IP and how it impacts security. With Linux supporting many different protocols, it's about time there was something on Native Protocol Translation (ie: sending data across networks not supporting the primary protocol, without the use of tunnels). Nope! Nothing on such matters.

    I'm not faulting the people running this event - there's only a finite amount of time, only a finite amount of space, finite resources and only a finite number of people to run the programs. That means they will obviously have to pick and choose what they run, and it's just too bad for me if I would have liked a completely different line-up of events.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  9. Joe Greco and news... by bko · · Score: 2
    When they blurb talks about large news servers, they mean it. Recently, Joe posted an email to freebsd-hackers because he tried, and failed, to newfs a 1.9 terabyte filesystem. Since it failed, he went back to allocating it as a bunch of different filesystems, but it was interesting to try...

    article on geocrawler

  10. SAGE-AU'2000 Conference: Gold Coast, Australia by psyke · · Score: 3
    This is a blatant plug, but it is at least on topic :)

    SAGE-AU is holding Australasia's premier System Administration Conference on the Gold Coast, Australia, from Mon 3rd to Fri 7th of July, 2000. Details are available online at www.sage-au.org.au/conf. Mon-Wed is 3 days of tutorials, with the conference proper Thu-Fri. Thursday evening is the conference dinner which is always a great night.

    Having been to a number of sysadmin conferences I have to say I think they are a damn fine idea. It's a great chance to see what other people are doing and see how other organisations are solving the same problems you are facing.

    Cheers,
    Russell.

  11. Perhaps you would enjoy... by rm+-rf+/etc/* · · Score: 2

    my permission denied page here

    1. Re:Perhaps you would enjoy... by rm+-rf+/etc/* · · Score: 2


      Sorry, that host is behind the firewall and may only be accessed internally. But since I'm a nice guy, there's a preview here

  12. SANE? by jesser · · Score: 2
    This is your computer. (Short video of someone working in kde)

    This is your computer on doze. (Slightly longer video of someone sitting at a windows computer. The man sitting at the computer seems to be cursing.)

    (The entire screen turns blue, with small white text in the middle: Any questions? A scream is heard in the background.)

    --

    --
    The shareholder is always right.