On this page:

Morning tutorials run from 9:00am to 12:30pm with a break from 10:30am to 11:00am. Afternoon tutorials run from 1:30pm to 5:00pm with a break from 3:00pm to 3:30pm. Full day tutorials take in both sessions.

Lunch will be provided to delegates who attend a full day tutorial or two half day tutorials on the same day.

To register for tutorials, please fill out a Conference Registration Form.

Click here to return to the AUUG'2004 conference home page.

Tutorial Timetable

Sunday, 29 August 2004

CANCELLED
S1 - Full Day
Building Virtual Private Networks
Anshul Gupta
S2 - Morning
Service Discovery For Distributed Systems
Jan Newmarch
CANCELLED
S3 - Morning
An Introduction To CVS
David Purdue
S4 - Afternoon
Security Risk Management
Dr Lawrie Brown
S5 - Afternoon
Open Source Database Systems - An Introduction
Joel Sing

Monday, 30 August 2004

M1 - Full Day
Debugging Kernel Problems
Greg Lehey
M2 - Morning
Stopping Privilege Escalation (Secure Programming)
Theo de Raadt
M3 - Morning
Wireless Networking
Peter Sandilands
M4 - Morning
Mastering Changes And Upgrades To Mission Critical Systems
Andrew Cowie
M5 - Afternoon
Cryptography
Steve Bellovin
M6 - Afternoon
MySQL Installation, Security And Maintenance
Arjen Lentz
M7 - Afternoon
I'm Not Dead Yet! (Tcling For Fun And Profit)
Steve Landers

Tuesday, 31 August 2004

T1 - Full Day
An In-depth Code Walkthrough Of The Linux Kernel
Jeffrey Hsu
T2 - Full Day
A Whirlwind Tour Of The Breadth Of The Java API's
David Bullock
T3 - Morning
Building Flexible And Secure Internet Services Using Mac OS X
Peter Wesley, Struan Robertson and Joe Cox
FREE! Tutorial sponsored by Apple Computer
T4 - Morning
LDAP as a replacement for NIS
David Baldwin
T5 - Afternoon
Building A State Of The Art Firewall With OpenBSD
Michael Paddon
T6 - Afternoon
Optimizing MySQL
Arjen Lentz





Tutorial Descriptions


S1 - Building Virtual Private Networks

CANCELLED

Virtual Private Networks have been around for some time but seldom people can really build usable and at the same time secure networks. This tutorial will cover the basic theory of VPNs, different types of VPNs and finally the hands-on setups.

You may benefit from bringing your own laptops with Linux installed. During this tutorial you will build your own VPNs. The hands-on section would include:

Anshul Gupta

Anshul Gupta is presently working with HP as Linux Consultant within Technical Services Group. Before this Anshul was working with Monash University as Lecturer/Tutor where he lectured/tutored security related subjects like Virtual Private Networks, Network Security, Advances in Information Security etc. For the past 5 years, he has been working in the field of Systems, Networks and Security.

Anshul holds Masters degree in Network Computing from Monash University and reputed IT certifications like Red Hat Certified Engineer and Sun Certified Systems Administrator. He is a technology enthusiast and spends most of his time in his home lab when not at work.


S2 - Service Discovery For Distributed Systems

Distributed systems are adopting a "service based" approach. Many middleware architectures from CORBA through to more recent architectures such as Web Services, UPnP and Jini use this terminology. This workshop looks at this important topic in distributed systems from a practical viewpoint, considering both concepts and the realisation of these concepts in current technologies. The topics will be:

Jan Newmarch

Jan Newmarch is Associate Professor in Network Computing at Monash University. He is the author of three books, including one on Jini which is also available online. He has authored over sixty papers, and has given many tutorial presentations at international conferences. He is currently researching pervasive, ubiquitous systems.


S3 - An Introduction To CVS

CANCELLED

Change control and tracking is becoming incresingly important for technical, mangerial and legal reasons.

In open source projects in particular it is important that change is monitored and controlled, while allowing geographically dispersed individual developers to be as productive as possible and just get on with their coding.

The tool of choice for achieving this is CVS - the concurrent version system.

This tutorial will give and introduction to CVS and its use, including:

David Purdue

David Purdue is the President of AUUG Inc. He has been fiddling with UNIX systems for over 20 years, and has been on the AUUG Board for over 10.

David uses CVS primarily to administer web sites and track system admin config changes - in particular on the AUUG web site.

David works for Sun Microsystems on resolving service issues for Sun's top 50 global customers.


S4 - Security Risk Management

This tutorial will present an overview of security risk management, including the critical risk assessment process. This aims to identify threats to, impacts on and vulnerabilities of information and information processing facilities and the likelihood of their occurence, in order that these threats may be controlled and minimised at an acceptable cost. Unfortunately, this process is often not managed well. An overview of relevant international and national standards will be presented which provide guidance on this process. The latter part of the tutorial will be a "simplified case-study", walking through an example risk assessment for a hypothetical (though based on actual) organisation, using the process outlined in the recently revised DSD ACSI 33. This standard is mandated for commonwealth government use, but provides good guidance for any who need to undertake such a process.

Dr Lawrie Brown

DR LAWRIE BROWN is a senior lecturer in the School of Information Technology and Electrical Engineering, at the Australian Defence Force Academy (UNSW@ADFA) in Canberra.

His professional interests include cryptography, communications and computer systems security, and safe mobile code. His current research is in the design of safe and secure remote (mobile) code execution environments, currently focusing on the functional language Erlang. He has previously worked on the design and implementation of private key block ciphers, in particular the LOKI family of encryption algorithms.

He currently lectures postgraduate courses in Computer Security and Cryptography, the undergraduate second year core Computing Technology course, and the general studies "Computers in Society" course. He is also an instructor for the CISCO Regional Networking Academy at ADFA.

Additionally, Lawrie is a webmaster on the Internet Project (AUUG Canberra & PCUG) system.


S5 - Open Source Database Systems - An Introduction

As the information age continues to grow, so does the need for data storage that facilitates rapid and flexible access to information. We constantly hear about database systems offered by Oracle and Microsoft, but what about open source alternatives? This tutorial will provide an introduction to two of the many open source databases available, along with a brief overview of database fundamentals. Topics to be covered include:

Attendees will gain an understanding of database systems, learn how to install and manage an open source database system and how to apply the knowledge gained to real world applications.

Joel Sing

Joel is one of the founders of of Ionix Technology, a Bendigo based company that provides computing solutions to small and medium enterprise. He is a highly skilled software engineer, with many years experience developing complex software systems. With over six years experience in system administration, Joel is familiar with the installation and configuration of many operating systems and server software.

Joel graduated from La Trobe University, Bendigo in 2000 with a Bachelor of Computing with Distinction, before completing his Honours degree in 2001. He is currently a PhD candidate at La Trobe University, Bundoora.


M1 - Debugging Kernel Problems

Intended Audience:
Kernel developers and experienced system adminstrators. The tutorial assumes a good working knowledge of UNIX systems administration and the C programming language. A knowledge of kernel internals will be helpful, but is not essential. Depending on prior experience, participants will learn to locate and either fix or report kernel bugs.

Description:
This tutorial will show debugging techniques on live systems. The operating system for most of the tutorial will be FreeBSD, but it will explain the (relatively small) differences in NetBSD and OpenBSD. Much of the content, including some of the kernel debugging examples, applies to Linux as well.

Topics:

Greg Lehey

Greg Lehey has been in the computer industry for 30 years, in which time he has performed most jobs, ranging from kernel development to product management, from systems programming to systems administration, from processing satellite data to programming petrol pumps, from the production of CD-ROMs of ported free software to DSP instruction set design. He is the author of ``Porting UNIX Software'' (O'Reilly and Associates, 1995) and ``The Complete FreeBSD'' (O'Reilly and Associates, 2003).


M2 - Secure Programming (Privilege Separation And Privilege Revoking)

Bugs occur in all sorts of software but attackers are only interested if some sort of privilege can be gained. The attacker wants to break into a machine, gain root, or the ability to control some content. And while exploiting bugs has become commonplace in the last decade, users have become entirely complacent, willing to run gigantic pieces of software. When one bug in 50,000 lines of code can let an attacker easily enter, we are obviously not building software correctly.

A number of relatively new pieces of software such as qmail, postfix, and OpenSSH are implemented using an idiom of least privilege. Applications written in this way try to place as much of their code into a "jail"-like environment where bugs are more difficult for an attacker to exploit. Unfortunately the techniques used to implement this security technique are still fairly new to the mind of the common application programmer.

This talk will teach some of the methods that should be used. We will focus on the modifications needed against existing Unix applications, to benefit programmers already familiar with Unix daemon and setuid programming methods. Step by step, a series of common utilities will be modified to reduce the privileges they hold. We will start with simple utilities which simply need privilege revocation (such as ping, traceroute, write, login, Apache) and lead up to more complicated privilege separation examples such as named, tcpdump, and finally OpenSSH. It will become clear what issues must be considered by the programmer to codify this security technique into their software.

Theo de Raadt

Theo de Raadt has been involved with free Unix operating systems since 1990 (Minix!) and then became one of the founders and prime developers of NetBSD. In 1995 Theo created the OpenBSD project, creating a free Unix that focuses primarily on security technologies. A few years later he also started the OpenSSH project (the most deployed Open Source software). Theo works full time on advancing OpenBSD, OpenSSH, and any technology which enhances free Unix security.


M3 - Wireless Networking

Wireless networking continues to get a bad rap for security. Yet it is so dammed convenient! Armed with some knowledge, some tools and well defined goals we can make 802.11 work for use in as secure a way as we need.

This tutorial will take you thru the maze of 802.11 technologies, highlighting the weaknesses, explaining the differences with a, b and g. We will discuss the known vulnerabilities and we will explore the range of open source tools available to explore, test and secure 802.11. Tools such as Kismet and BSD-Stumbler will be demonstrated live. We will also show how building an access point with Linux or FreeBSD gives you more choices and flexibility.

Basic command line capability in Linux or BSD is required. Bring your notebook and wireless NIC (a limited supply of PCMCIA wireless nics will be available for use) for a hands on involvement in the tutorial.

Peter Sandilands

Peter Sandilands is currently researching and teaching in the areas of networking, security and wireless technology.<

With over twenty seven years in the computer industry Peter has extensive experience in the application of computer and networking technology to business problems. That experience covers a broad range of operating systems from time sharing systems, Unix, MSDOS through OS/2 and NT to current open source offerings. It has involved working with a wide spectrum of industry varying from Federal government departments, metal refineries to advertising agencies.

Having worked for three Australian computer hardware manufacturers in support and marketing management roles Peter has detailed knowledge of the base level technology underpinning information systems. This combined hardware and software expertise allows Peter to provide relevant and understandable insight to the use of information technology in modern businesses.


M4 - Mastering Changes And Upgrades To Mission Critical Systems

How do you ensure that you don't make mistakes when carrying out upgrades to mission critical systems?

Massive changes and upgrades are a significant part of the life-cycle of any large site. These types of event are often complex, involving numerous interdependent systems and people both internal and external to the team carrying out the procedure. They can only be allowed to disrupt services minimally, if at all. Numerous people need to be co-ordinated. And you need to "get it right the first time".

This tutorial will teach you proven methods for planning, rehearsing and executing such events.

Topics include:

There's nothing like learning by doing, so after the theory we will work through a mock event. We'll build up a procedure piece by piece, rehearse, and then execute, all with the participation of the tutorial attendees.

Audience: Systems administrators, IT managers, and anyone involved in keeping production systems running.

Andrew Cowie

Andrew Cowie is a management consultant working in the operations and infrastructure space. He uses an integrated team building, leadership development, change management and systems performance approach to help maximize the effectiveness of IT operations teams.

Andrew is a long time Unix user, but somewhat unusually served as an infantry officer in the Canadian army, having graduated from the Royal Military College with an engineering degree. He saw service across North America and a tour in Bosnia. He later ran operations for an SMS messaging startup in Manhattan and was a part of recovering the company after the Sept 11 attacks.


M5 - Cryptography

Steve will give an introduction to the theory and practice of cryptography. Topics covered will include:

Steve Bellovin

Steve is an AT&T Fellow in the Network Services Research Lab at AT&T Labs Research, New Jersey. Steve does research on networks, security and why the two don't get along. He is the co-author, with Bill Cheswick, of the book Firewalls and Internet Security: Repelling the Wily Hacker.


M6 - MySQL Installation, Security And Maintenance

This tutorial covers MySQL installation, basic configuration and security topics, as well as best practises for backup/recovery and general maintenance.

The tutorial will be highly interactive, using discussions, games, and other ways that insure maximum benefit for all participants. This method of teaching, which is the standard format of MySQL AB training courses, has proven to be much more effective than regular lectures.

Covering the MySQL administration essentials, this tutorial will provide an overview for newcomers as well as for experienced users, who can fill possible gaps in their knowledge, and addressing specific issues and bad habits. You may benefit from bringing your own laptop computer. Make sure your laptop has a CD drive, if possible. You could also download the latest versions of the software from www.mysql.com beforehand. If you are a complete beginner, do start with a book such as "MySQL Tutorial" by Luke Welling & Laura Thomson. Do come prepared, as we won't have time for the trivial.

Arjen Lentz

Arjen Lentz (35) is originally from Amsterdam, The Netherlands. Since marrying an Aussie, he decided that Australia is a very nice place to live, so together with their black cat they now reside in Kenmore, a Western suburb of Brisbane, QLD.

Arjen started with programming, but has since branched out to writing, translating, marketing, training and consultancy. He has been working for MySQL AB (the Swedish company that owns, develops and supports the MySQL database software, www.mysql.com) since 2001, primarily as technical writer for MySQL Documentation Team.

In addition, Arjen teaches MySQL training courses, and maintains contacts with the MySQL community and other organisations in Australia. Arjen co-founded and is actively involved with OSIA, Open Source Industry Australia, Incorporated (www.osia.net.au) and also helps on the press team of Linux Australia (www.linux.org.au).

Arjen is always keen to be involved in open discussions with interested parties about MySQL and the possibilities for Open Source.


M7 - I'm Not Dead Yet! (Tcling For Fun And Profit)

Want to develop in a scripting language that is web enabled, portable, object oriented, extensible, supports rapid GUI development, is fully internationalised and localised, byte-compiled, threaded, supports single file deployment, an embedable web server, supports easy network programming, is fully event driven, has a security model that supports sandboxes, is open source ... and was described by Eric Raymond as "Radically simple"?

No - not Java .... Tcl!

Contrary to the rumours, Tcl isn't dead but is alive and thriving. Sure it doesn't get the publicity and mindset of more "trendy" languages, but has a large, growing and devoted following - especially in some industry segments like telecommunications, automation and electronic design.

This tutorial will take you through the fundamentals of Tcl and Tk (its GUI extension). In addition the tutorial will cover a broad range of resources available to the Tcl developer - including various extensions, development tools and deployment options.

The tutorial assumes a knowledge of programming languages and principles, an open mind and a willingness to have fun when building software.

Steve Landers

Steve Landers is the Senior Consultant at Digital Smarties. He is active within the Tcl/Tk community, where he regularly contributes both software and expertise. He has a particular interest in the development of cross-platform scripted applications, and is a leading proponent of Tclkit, Starkit, Starpacks and Metakit for developing complex and robust cross-platform applications.

Steve has over twenty years experience in the Open Software marketplace, being a founding member of both AUUG and SAGE-AU. He was a pioneer of the commercial application of the UNIX operating system and relational database technology in Australia during the early 1980's implementing the first commercial Unix/Oracle installation in the country.

Steve regularly speaks at conferences, both in Australia and internationally. He has spoken at a number of SAGE-AU and AUUG annual conferences, and was a speaker at the Tcl2001 And Tcl2002 conferences.


T1 - An In-depth Code Walkthrough Of The Linux Kernel

In this tutorial, we will go over the code in the Linux 2.6 kernel, using animated illustrations to help explain the code being examined. We will also point out some of the subtle locking considerations and other interactions across individual subsystems.

Outline of code examined:

Jeffrey Hsu

Jeffrey Hsu has been working on and contributing to Open Source software for the past 15 years, working in industry on System V Release 3 and Release 4 ports to different RISC processors at Unisoft, at DEC on the X Window Server, Netscape on e-commerce software, and as an early member of the FreeBSD and DragonFlyBSD projects. He did many of the early language ports to FreeBSD as well as the first FreeBSD JDK 1.0.2 port. He has taught Java programming for UC Berkeley and enjoys writing and giving talks in his spare time.


T2 - A Whirlwind Tour Of The Breadth Of The Java API's

Java acronyms have been in rapid development for a number of year now: J2SE 1.5 ships with 131 packages in the java.* and javax.* namespaces, and J2EE 1.4 adds to this number. The Java Community Process has in excess of 250 specification requests at various stages of development. And then there are the dozens of open-source Java libraries and frameworks. Where to begin?!

While this massive base of standard libraries contributes a lot to Java's productivity, finding the appropriate API for a task at hand use can be a daunting challenge. Confusingly, many API's seem to do the same job, or have significant overlaps.

This one-day tutorial, by Australian Java User Group President, David Bullock, tackles the vastness of the Java landscape in a usage-oriented approach. Approximately 40% of coverage will be devoted to the core J2SE (1.5) platform, 15% to J2EE (1.4), 20% to significant 3rd party products (incl open source), 15% to important upcoming JSR's, and 10% to significant design patterns and coding idioms. It won't cover embedded Java topics.

No experience with Java is assumed, although attendees should have a familiarity with general programming issues that these libraries and frameworks address. The style will be broad and evaluative, rather than in-depth and technical. The purpose is to orient attendees in where to start looking for API's that suit their particular programming needs.

Topics to be covered include:

David Bullock

David Bullock is the principal of Thrive Online, and is President of the Australian Java User's Group. David has worked commercially with Java since JDK 1.1.4 in 1997.


T3 - Building Flexible And Secure Internet Services Using Mac OS X

FREE! Tutorial sponsored by Apple Computer

Peter Wesley, Struan Robertson and Joe Cox

Peter Wesley - Rivendell Consulting Pty. Ltd.
Peter Wesley has been consulting in IT security for nine years as the principle of Rivendell Consulting. Rivendell provides security consulting and managed security services to a variety of customers, including some of Australia's largest banks, financial institutions, medium sized businesses, and educational institutions.

Struan Robertson - Apple Computer
Struan Robertson has been a Systems Engineer with Apple Computer Australia for the past nine years, working on technical solutions for Apple's key customers in the corporate and government markets. Prior to that he spent eleven years in the police force, working as a Detective Sergeant in the Computer Crime Investigation Squad, focusing on computer security and forensics.

Joe Cox - Apple Computer
Joseph Cox is a Systems Engineer with Apple Computer Australia. A keen hobbyist since the first generation of personal computers, like many, he ended up working in IT by default. Conversant in many platforms, (although a long time Mac fan), he is very excited about the Unix and Mac worlds finally meeting. Born on the 1st Jan 1970 (%date -r 0), he was always destined to end up fiddling with Unix in one guise or another.


T4 - LDAP as a replacement for NIS

LDAP is has become increasingly prominent as a network directory service. It is supported by all major vendors and in a Unix enivronment can be used as an authentication and network naming service in place of flat files, NIS or NIS+. It is also commonly used a general "whitepages" directory, with many e-mail clients containing LDAP client functionality, and also as a directory for services such as sendmail and automount.

This tutorial is based on (but not restricted to) OpenLDAP and will cover:

David Baldwin

David Baldwin is a system administrator at the Australian National University Supercomputer Facility which runs the Australian Partnership for Advanced Computing (APAC) peak national HPC facility. He has worked at ANU for 13 years supporting research, teaching and administrative environments. David has presented papers at AUUG summer and winter conferences over the past 10 years or so. He has been successfully using LDAP for over 5 years.


T5 - Building A State Of The Art Firewall With OpenBSD

Firewalls allow a network administrator to impose a security policy on inter-network traffic. The sophistication of online threats is continuing to escalate rapidly, requiring an ongoing evolution of firewall capabilities and policy architecture. Today, if you are not using state of the art tools and techniques, you are probably at significant, and increasing, risk of compromise.

OpenBSD is widely recognised as a premier secure operating system and its "pf" subsystem provides the cutting edge features required to support a sophisticated, modern firewall policy. Attendees will learn, in detail, how to configure pf for a wide range of real world situations and protocols.

Topics covered include:

Attendees are expected to be familiar with the IP, UDP and TCP protocols and should have some systems/network administration experience. OpenBSD expertise in NOT assumed, although some general knowledge of Unix-like systems would be helpful.

Michael Paddon

Michael Paddon is a computer scientist. Despite 17 years of professional experience, he still enjoys programming and hates debugging. Currently employed by Qualcomm, he specialises in security and cryptography. He has an abiding interest in operating systems, networking and distributed systems, and has occasionally dabbled in more esoteric fields such as computer vision. Having discovered that the more he learns the less he knows, he is happily devoting his life to asymtotically approaching ignorance.


T6 - Optimizing MySQL

This tutorial will look at the many aspects involved when optimising a MySQL application, the MySQL server, and its environment.

Contrary to popular expectations (and habits), hardware will be the absolute last item on our list. The reason for this will become apparent as we build an overall picture and take a closer look at various specific issues. The tutorial will be highly interactive, using discussions, games, and other ways that insure maximum benefit for all participants. This method of teaching, which is the standard format of MySQL AB training courses, has proven to be much more effective than regular lectures.

Optimisation is certainly not a topic of dry knowledge. Instead it is about gaining the skills needed to analyse the big picture, and recognising the often small but important opportunities. As such, this tutorial will provide a valuable experience for both experienced users as well as for those who have only recently started with MySQL or DBMS in general.

You may benefit from bringing your own laptop computer, with at least MySQL 4.0.x (the current production series) server and your favourite client installed: well known are the old mysql command line client and the popular PHP/web-based phpMyAdmin. But you may also wish to take a peek at MySQL Control Center (MySQLCC for short), MySQL AB's own new cross-platform graphical user interface built on the Qt toolkit. The latest versions of the software can be downloaded from www.mysql.com. Do come prepared, as we won't have time for the trivial.

Arjen Lentz

Arjen Lentz (35) is originally from Amsterdam, The Netherlands. Since marrying an Aussie, he decided that Australia is a very nice place to live, so together with their black cat they now reside in Kenmore, a Western suburb of Brisbane, QLD.

Arjen started with programming, but has since branched out to writing, translating, marketing, training and consultancy. He has been working for MySQL AB (the Swedish company that owns, develops and supports the MySQL database software, www.mysql.com) since 2001, primarily as technical writer for MySQL Documentation Team.

In addition, Arjen teaches MySQL training courses, and maintains contacts with the MySQL community and other organisations in Australia. Arjen co-founded and is actively involved with OSIA, Open Source Industry Australia, Incorporated (www.osia.net.au) and also helps on the press team of Linux Australia (www.linux.org.au).

Arjen is always keen to be involved in open discussions with interested parties about MySQL and the possibilities for Open Source.



Information Disclaimer

The information on this page is accurate as at the time of posting. Updates to this page will be made if necessary due to changed circumstances.

AUUG reserves the right to alter this timetable or to cancel tutorials. If this happens, AUUG will contact delegates registered for affected tutorials to arrange for an alternative tutorial or a refund.

Please also read the general disclaimer.