From:"Sys Admin News" <> 
Subject: Sys Admin Newsletter September 2003
Date: Mon, 11 Aug 2003 14:35:43 -0700

                   The Sys Admin Newsletter
                          News for the
              September 2003 issue of Sys Admin Magazine


1. Note from the Editor
2. Highlights of the September issue 
3. Call for Papers
4. Subscription Information
Sponsored by VeriSign - The Value of Trust
Secure all your Web servers now - with a proven 5-part strategy.                                           
The FREE Server Security Guide shows you how:                                                                                 
* DEPLOY THE LATEST ENCRYPTION and authentication techniques                                        
* DELIVER TRANSPARENT PROTECTION with the strongest security 
without disrupting users. 
And more. Get your FREE Guide now:


Various articles in this issue touch on the value of doing things 
right the first time. Honeypots, for example, sound like fun tools 
and can provide extremely useful information, but they can also be 
a liability if not correctly set up and monitored. Kristy 
Westphal's article examines several aspects of honeypots, including 
what they are, what legal issues to consider, how to appropriately 
deploy them, and how to maintain them.

Amber Ankerholz
Editor in Chief

Sponsored by PROGNOSIS from Integrated Research
Still using Dinosaur technology to manage your real-time network?

Fact: e-business is real-time. 
Fact: agent/manager management software can't handle real-time. 
Fact: PROGNOSIS from Integrated Research can, and does. 
The world's largest companies rely on PROGNOSIS to manage their
business-critical systems. That's because only PROGNOSIS offers true
performance management and troubleshooting of high-availability UNIX 
cross-platform networks in real-time.  

Dump the Jurassic and get into PROGNOSIS:

	The September 2003 issue contains:

The Foremost Open Source Forensic Tool by Ray Strubinger
Strubinger examines foremost, a free forensics tool created for the 
Linux platform that is capable of recovering files from images made 
by the Unix utility dd, as well as images created by commercial 

How to Build a Honeypot by Kristy Westphal 
Westphal looks at all aspects of honeypots: what they are, how to 
deploy them, and what should be considered before implementing them.

System V Init Staged on an RS/6000 SP Platform by Bill McLean 
McLean describes how to implement and control System V startup 
across RS/6000 Scalable Processor platforms, although it could 
easily be adapted to use across standalone servers.

Identifying Spam Events by Jason A. Richards 
Richards shares a script for extracting pertinent information 
from mail logs and displaying it a usable fashion.

Detecting Kernel Rootkits by Sandra E. Ring and Eric Cole 
Rootkits come in two basic forms: application-level, which are 
based on a series of trojaned programs, and kernel-level, which 
subvert the actual kernel of an operating system usually through 
loadable kernel modules. The authors explain how to detect and 
protect against these more complex kernel-level attacks.

Embedding man Pages in Shell Scripts with kshdoc 
by Michael Wang and Ed Schaefer  
The authors present a Korn shell function that allows printing  
documentation embedded within a Korn shell script.

Securing Linux Systems with grsecurity by Keith McDuffee  
grsecurity is an open source security package available for Linux 
that works primarily as a set of patches applied to the 2.4 Linux 
kernel, improving upon system security with more restricted process 

I "new" It -- A Generator for New Shell Script Templates 
by Joseph Pietras  
Pietras shares a script he uses to generate script templates.

Build IPSec VPNs Using the Linux Kernel 2.6 by Ralf Spenneberg  
Spenneberg takes a look at the new IPSec stack included in Linux 
kernel 2.6.


Questions and Answers by Amy Rich

Computing Securely by Randal L. Schwartz

E-mail administrators wonder about the differences between spam-figting
tools like the freely available MIMEDefang + SpamAssassin versus 
solutions. Download this white paper for a detailed comparison so you 
choose the best option for your enterprise, campus or ISP:	

Enterprise Administration
We're looking for practical, high-end discussions of storage, 
clustering, security, and advanced networking solutions based 
on your expertise and insights.

Open Source
We're looking for original uses of classic tools such as Apache, 
Samba, and MySQL; custom solutions built from open source components; 
and descriptions of useful open source utilities.

Describe how you improved your life with the perfect Perl, shell, 
PHP, Python, or Tcl/Tk script.

We suggest that if you are interested in contributing, you first 
submit a proposal to us. If the proposal seems appropriate, we’ll 
ask you to submit a manuscript. If the manuscript is accepted, 
we'll edit it, print it, and pay you for it. For more detailed 
information, refer to the author guidelines. Please address requests 
for guidelines, proposals, and manuscripts to: 

Rikki Endsley
Sys Admin

voice: (785) 838-7555
fax: (785) 841-2047

SD Best Practices Conference & Expo, coming to Boston September 15-18, 
offers practical training on how to incorporate best practices, 
quality design, and proven management techniques into your development 
projects. SD Best Practices features industry renowned speakers, over 
100 classes and tutorials, keynotes, Expo, parties, special events 
and more. Register by August 15th and save up to $300!  Simply use 
the code 3ESYS71 when registering.  Learn more at

     Newsletter Subscription Information

Please feel free to share this newsletter with interested parties
via email (not on bulletin boards).  To subscribe, see:

Email comments to: