From:"Sys Admin News" <> 
Subject: Sys Admin Newsletter March 2003
Date: Thu, 06 Feb 2003 06:26:01 -0700

                   The Sys Admin Newsletter
                          News for the
          March 2003 issue of Sys Admin Magazine


1. Note from the Editor
2. Highlights of the March issue 
3. Call for Papers
4. Subscription Information
Sponsored by PROGNOSIS from Integrated Research
New release - PROGNOSIS 7.07 now available

Whether it's monitoring transient processes (without process-
Accounting overheads), or analyzing file space utilization 
and growth, PROGNOSIS delivers in-depth, real-time management 
of UNIX, Linux, Windows and HP NonStop - all via a single, 
intuitive interface. Run a FREE TRIAL NOW.


Sys Admin's theme for March is Network Security, and the issue 
contains articles on managing a Security Enhanced Linux system, 
troubleshooting problems with ARP, configuring the AIDE tool, and 
setting up VPN connections. 

Amber Ankerholz
Editor in Chief

Sponsored by uptime software


up.time is an easy-to-install, easy-to-use, low cost, browser-based,
yet powerful realtime server performance and availability monitoring 
graphical reporting tool, which enables rapid: Application & Server
Resource Trend Analysis, Root-Cause Analysis and Capacity Planning.

Buy or Rent up.time from $125/month per server


for your FREE  evaluation copy.

	The March 2003 issue contains:

SELinux by Kerry Thompson 
Security Enhanced Linux is an extension to the standard Linux kernel, 
designed to enforce strict access controls that confine processes 
to the minimum amount of privilege. In this article, Thompson 
describes how to install, configure, and manage an SELinux system.

AIDE to the Rescue -- An Open Source Security Tool 
by Arthur Messenger and Brian Gollsneider 
The authors show how to install and configure the Advanced Intrusion 
Detection System (AIDE), a multiple platform, open source, and GPL 
replacement for Tripwire.

Dangerous ARPs by Noah Davids 
Most of the time, the ARP protocol works quietly and flawlessly in 
the background, however, it can create problems. In this article, 
Davids reviews ARP and shows how to diagnose trouble with a protocol 
analyzer like tcpdump.

Easy-to-Use VPN Connections with vpnd by Bill Davidsen 
Davidsen describes the vpnd program, which is included with recent 
Red Hat releases and available in source for any UNIX distribution.

Proactively Protecting VPN with Nessus by Edward L. Haletky
Using Linux, Apache, and Nessus, Haletky put together a system that 
allows administrators to assess the security of the remote network 
through which a VPN connection is initiated.

Stop Spam at the Server

PureMessage decreases spam by up to 98% through high-performance, 
easily managed filters that control security and usage at the gateway.

Find out more: 

Questions and Answers by Amy Rich

Solaris Administration Best Practices by Peter Baer Galvin

30% of the Global 100 use application security from Permeo.  Are you?

Permeo enables organizations to securely extend any TCP or UDP
application to any internal or remote user on any trusted or untrusted
network - addressing many of today's application deployment security
challenges. To learn more, read Permeo's Application Security White

	Networking -- July 2003

Proposals Due: March 3, 2003
Manuscripts Due: April 1, 2003

* Homegrown Network Management Tools
* Unusual and Interesting Case Studies in Network Configuration
* Weird (but Effective) Solutions for Multi-platform Connectivity
* Open Source Network-Troubleshooting Utilities
* Securing Wireless Networks

	Storage -- August 2003

Proposals Due: April 1, 2003
Manuscripts Due: May 1, 2003

* Advanced Tricks for Serving Up Samba
* Approximating a SAN with Open Source Tools
* Innovative Scripts for Managing Data Storage
* Unsung Techniques for Securing Archived Data
* How I Solved a Complex Remote Storage Problem Inexpensively

InfoSec World Conference and Expo/2003
March 10-12, 2003, Orlando, FL
Optional Workshops March 8, 9, 12, 13, & 14
Expo March 10 & 11

MIS Training Institute's InfoSec World covers today's need-to-know 
topics and delivers proven strategies, tactics, and techniques for 
protecting your systems. Features include the CISO Executive Summit, 
Information Security Magazine's Third Annual Excellence Awards 
89 sessions, and 21 optional workshops. 

For details and to register, go to:
     Newsletter Subscription Information

Please feel free to share this newsletter with interested parties
via email (not on bulletin boards).  To subscribe, see:

Email comments to: