From:"Sys Admin News" <> 
Subject: Sys Admin Newsletter March 2002
Date: Sun, 07 Feb 2002 14:16:21 -0800

                   The Sys Admin Newsletter
                          News for the
              March 2002 issue of Sys Admin Magazine


1. Note from the Editor
2. Highlights of the March issue 
3. Call for Papers
4. Links
5. Subscription Information
Sponsored by PROGNOSIS from Integrated Research
Manage all your UNIX servers and clusters with one product.

PROGNOSIS lets you simultaneously monitor and manage any
server in real-time, from any point on the network --
regardless of location or UNIX variant. You can alter
management parameters or individual monitoring intervals
on the fly, so you can isolate any problem, on any server,
at any time.

Check it out:
Check out our third supplemental issue of The Perl Journal. 
This issue contains an exposition of Perl 6 by Damian Conway, 
in which he tells us that Perl 6 will certainly be different 
from Perl 5, but never gratuitously so. He says, "When syntax 
or semantics change, it will always be a change for the better: 
for greater consistency, for more intuitability, for extra 
Do-What-I-Meanness." Such principles can just as sensibly be applied 
to systems administration. We should strive to implement only those 
policy changes or security measures that will truly benefit our 
systems and users, and I hope that the articles in Sys Admin and 
The Perl Journal will be useful to you in making such decisions 
for your company.  

Amber Ankerholz
Editor in Chief
Sponsored by VeriSign - The Value of Trust
Pinpoint the right security solution for your company - 
FREE Guide from industry leader VeriSign gives you all the facts. 

Learn how to:                                                                                    
* Add the most powerful online encryption - 128-bit  
* Quickly authenticate your site
Get your FREE Guide now at:                                                                       
		The March issue contains:

Cisco IOS HTTP Authorization Vulnerability by Karen Kent Frederick 
Frederick discusses Cisco IOS security and how implementing best 
security practices can prevent many attacks from being successful. 
The article focuses on the Cisco IOS HTTP Authorization Vulnerability, 
which could allow attackers to easily gain administrative-level access 
to vulnerable Cisco devices.

Web-Enabled Filesystem-Based Databases by Leo Liberti  
Liberti presents a scheme for constructing a Web-enabled database that 
circumvents using a true database engine, thereby simplifying 

Administering Linux IPSec Virtual Private Networks by Duncan Napier  
In a previous article, "Introducing FreeS/WAN and IPsec", Napier 
the basics of setting up IPSec for Linux using the FreeS/WAN package. 
article describes some of the more advanced features of FreeS/WAN that 
be leveraged to implement flexible and reliable IPSec VPNs.

Encrypted NFS with OpenSSH and Linux by James Strandboge  
The main weaknesses of NFS are its reliance on the inherently insecure 
UDP protocol, unencrypted transactions, problems authenticating hosts 
and users, and difficulties in firewalling. Strandboge supplies 
to most of these problems for Linux clients and servers, which can be 
applied to any UNIX server with ssh installed.

Securing Public-Access Networks: Stopping the IP Thieves by Walt Jones  
Jones presents a solution to automating and securing the process of 
assigning IP addresses and configuring students' machines in a 
university environment.

Creating Black Box Functions in the Korn and Bash Shells by Ed Schaefer  
"Creating Global Functions with the Korn Shell" by Rainer Raab 
(Sys Admin, March 2001) describes using and autoloading global Korn 
shell functions. Although global functions are useful and definitely 
a purpose, good software design dictates using loosely coupled, "black 
user-defined functions. Building on Raab's article, Schaefer presents 
some function examples.


Questions and Answers by Amy Rich


Solaris Companion by Peter Baer Galvin

   The Perl Journal 

...And Now for Something Completely Similar  by  Damian Conway  
Resource Locking with Semaphore Files by Sean M. Burke 
Easy COM-Web Services Gateways by Cameron Laird
March 18-20, 2002, Orlando, FL

Now in its 9th year, InfoSec World delivers real-world solutions to 
toughest security challenges: mastering e-mail security, implementing 
thwarting hacker attacks, securing DSL and cable modems, performing 
investigations, safeguarding wireless devices, and much more.

For details and to register:

Tools -- July 2002
Proposals Due: March 4, 2002
Manuscripts Due: April 1 2002

* Homegrown Tools for Managing Linux
* My Favorite Unheralded Shareware or Freeware Tool (and How to Use It)
* Unusual Uses for Well Known Unix Tools
* I had a Strange Problem and Found a Unix Tool to Fix It
* UNIX/Linux Tools for Windows Integration

Intrusion Detection -- August 2002
Proposals Due: April 1, 2002
Manuscripts Due: May 1, 2002

* How I Trapped an Intruder
* A Firewall Vulnerability Most Admins Don't Know About
* Detecting a Trojan Horse in UNIX (or Linux)
* High-End Subtleties of Securing Apache
* My Favorite Shareware or Freeware Intrusion Detection Utility 
(but not Snort -- we've covered Snort sufficiently)

Storage -- September 2002
Proposals Due: May 1, 2002
Manuscripts Due: June 3, 2002

* Low-Budget Data Storage Innovations 
* Unsung Techniques for Securing Archived Data 
* How I Solved a Complex Remote Storage Problem Without Spending 
* All My Employer's Money 
* Undocumented Techniques for Cross-Platform Data Storage 
* Highly Original Approaches to Fault Tolerance 

If UNIX were Elvis, we'd be Graceland:

Nothing but Unix.  

User Friendly:
   Newsletter Subscription Information

Please feel free to share this newsletter with interested parties
via email (not on bulletin boards).  To subscribe, see:

Email comments to: