From:"Sys Admin News" <> 
Subject: Sys Admin Newsletter June 2003
Date: Tue, 13 May 2003 11:50:27 -0700

                   The Sys Admin Newsletter
                          News for the
              June 2003 issue of Sys Admin Magazine


1. Note from the Editor
2. Highlights of the June issue 
3. Call for Papers
4. Subscription Information
Sponsored by PROGNOSIS from Integrated Research
New release - PROGNOSIS 7.07 now available

Whether it's monitoring transient processes (without process-
Accounting overheads), or analyzing file space utilization 
and growth, PROGNOSIS delivers in-depth, real-time management 
of UNIX, Linux, Windows and HP NonStop - all via a single, 
intuitive interface. Run a FREE TRIAL NOW.


This issue of Sys Admin focuses on information security. In his article 
about Sendmail security, Hal Pomeranz speculates that "the Sendmail 
buffer overflow exploit announced in March will almost certainly be 
programmed into an automated worm within the next six months." Such a 
worm, he says, could do for UNIX systems what Code Red did to the 
Windows world -- simply because there are so many potentially 
UNIX systems on the network today. Pomeranz also details some 
suggestions for protecting networks against this Sendmail 
I hope you find his article and others in this issue useful for 
making your systems more secure.

Amber Ankerholz
Editor in Chief

NextComputing -- 
The ultimate Unix server and workstation consolidation solution
NextBook concurrent use RedHat-Linux and MS-Windows Intel P4 notebook.
PowerSPARC Notebook-Server. 64-bit 650Mhz UltraSPARCIIi SOLARIS.
NextServer 4U Blade Server-10 Xeon Blades, PCI, GigE, Red Hat cluster.
SUNDisk flash disk 32MB to 2GB.

or call (603) 886-3874  

	The June 2003 issue contains:

Improving Sendmail Security by Turning It Off by Hal Pomeranz
Pomeranz explains how to safely disable Sendmail daemons to protect 
your network.

Port Knocking - Network Authentication Across Closed Ports 
by Martin Krzywinski
Krzywinski describes the use of port knocking, a stealthy network 
authentication system that uses closed ports to carry out 
of trusted users.

Freeware Forensics Tools by Kristy Westphal 
Westphal examines three popular UNIX freeware tools: The Coroner's 
Toolkit (TCT), The @stake Sleuth Kit (TASK), and Autopsy Forensic 

Lppbuild - AIX Package Creation by Charles Ritter 
Ritter describes lppbuild, a useful tool for creating binary installa-
tion packages in AIX's LPP package format.

CFS - The Cryptographic File System by Keith McDuffee 
McDuffee describes the implementation of Matt Blaze’s Cryptographic 
File System to encrypt product source code on laptops.

Integrating SpamAssassin into Qmail and Sendmail by Jason Camp  
Camp explains how to integrate SpamAssassin into Qmail to help 
combat spam.

Using the xargs Command by Ed Schaefer 
One of the most under-utilized UNIX utilities is the xargs, construct 
argument lists, command. In this article, Schaefer describes xargs and 
presents eight xargs 'one-liners'.

Protecting Your UNIX Systems - An Overview by Eric Cole  
Cole provides a general introduction to some basic but critical 
tools for protecting your data.

Stress Testing Jabber with the Jabber Test Suite by Dustin Puryear  
Puryear describes how the Jabber Test Suite can be used to evaluate 
how well your Jabber service is working under a given load.
Are you sick of SPAM SPAM SPAM??? 
Want to kill it? 
So do we. Try a free trial of the new Meridius Anti-SPAM Mail Relay 
It's simple, secure and very affordable.

Questions and Answers by Amy Rich

Solaris Resource Management - The Fair Share Scheduler 
by Peter Baer Galvin

Introduction to RAID by Henry Newman


LEARN how companies have achieved higher profits and increased their
productivity by utilizing Linux
PARTICIPATE in LinuxWorld's world-class education program and benefit 
interactive training in the all-new Hands-on Labs!
DISCOVER the latest innovations and technologies from the hottest 
companies around
HEAR the latest developments and updates on the state of open source at 
analyst roundtable discussion
ATTEND exciting keynote addresses from Hewlett-Packard, Sun 
Red Hat, IBM and Oracle
Register today!
When Registering, enter priority code LSSAD

Enterprise Administration
We're looking for practical, high-end discussions of storage, 
clustering, security, and advanced networking solutions based 
on your expertise and insights.

Open Source
We're looking for original uses of classic tools such as Apache, 
Samba, and MySQL; custom solutions built from open source components; 
and descriptions of useful open source utilities.

Describe how you improved your life with the perfect Perl, shell, 
PHP, Python, or Tcl/Tk script.

Theme               Issue    Proposals Due      Manuscripts Due 
Security             Sep       5/1/03             6/2/03 
Server Management    Oct       6/2/03             7/1/03 
Performance Tuning   Nov       7/1/03             8/1/03 
Solaris Supplement   Nov       7/1/03             8/1/03 
Software Tools       Dec       8/1/03             9/2/03 

We suggest that if you are interested in contributing, you first 
submit a proposal to us. If the proposal seems appropriate, we'll 
ask you to submit a manuscript. If the manuscript is accepted, 
we'll edit it, print it, and pay you for it. For more detailed 
information, refer to the author guidelines. Please address requests 
for guidelines, proposals, and manuscripts to: 

Rikki Endsley
Associate Managing Editor

Introducing ClusterWorld Conference & Expo -- the first major event
to focus entirely on clustered systems.

If you work with clusters in any capacity, ClusterWorld Conference &
Expo is the one event you cannot afford to miss this year.

Learn more at:

ClusterWorld Conference and Expo. San Jose Convention Center,
San Jose, CA. June 23rd - June 26th, 2003.
     Newsletter Subscription Information

Please feel free to share this newsletter with interested parties
via email (not on bulletin boards).  To subscribe, see:

Email comments to: