******************************************************************

                   The Sys Admin Newsletter
                          News for the
            August 2002 issue of Sys Admin Magazine

******************************************************************
                            CONTENTS

1. Note from the Editor
2. Highlights of the August issue 
3. Call for Papers
4. Links
5. Subscription Information
------------------------------------------------------------------
Sponsored by PROGNOSIS from Integrated Research
============================================================
Manage UNIX, Linux and Windows servers with one product 

PROGNOSIS from Integrated Research gives you the power to 
manage any server or application, from any point on your 
network - seamlessly across UNIX, Linux and Windows. It's 
ideal for larger environments - from 25 servers to thousands 
- yet it doesn't cost a fortune and it won't take you a 
lifetime to implement.

Check it out:
www.prognosis.com/samag_enews.htm
------------------------------------------------------------------
NOTE FROM THE EDITOR:

Several articles in this issue of Sys Admin describe tools and 
techniques 
for detecting whether your system has been cracked, and if so, what to 
do. 
A common thread throughout these articles is that much can be learned 
from 
analyzing the features of such attacks. A company called Dshield.org, 
whose 
efforts are described in an article in this issue, assembles and 
analyzes 
detection log data from networks all over the world. The organization 
studies the data for unusual activity and attempts to identify patterns 
in Internet attacks. 

The upcoming September issue will include The Perl Journal and will 
feature 
articles from Sean M. Burke, who describes a recent localization 
project, 
Derek Vadala on parsing RSS files with XML::RSS, and Dan Brian 
discussing 
Web services, Google, and the "What-Sucks-O-Meter". 

Sincerely,
Amber Ankerholz
Editor in Chief
------------------------------------------------------------------
Brought to you by PerlMX from ActiveState
============================================================

Stop over 98% of spam at the server level.

http://click.sysadmin.email-publisher.com/maaardTaaSMlsa2sokSb/

Find out how!
------------------------------------------------------------------
		The August issue contains:
SNAREing Intruders in Linux by Kristy Westphal  
http://click.sysadmin.email-publisher.com/maaardTaaSMlta2sokSb/
Westphal shows how to install SNARE, a host-based Linux Intrusion 
Detection System. She describes how to test it and suggest some 
practical uses for it.

Auditing Your Airspace by Tony Howlett 
Howlett describes Kismet, an open source auditing program that can 
help you catalog and test the security of all the wireless LANs within 
your company's perimeter.

Root Access Intrusion - A Suite of Tools by Rhonda Thorne  
Thorne presents a simple set of tools that can be implemented as a 
proactive measure of intrusion notification and investigation.

Administering a Distributed Intrusion Detection System 
by Johannes B. Ullrich and Wayne Larmon 
The authors describe Dshield.org's efforts to build a distributed 
intrusion detection system to gather and analyze logs from around 
the world. They address issues such as the scalability and agility 
of such a vast system. 

Detecting and Removing Trojan Horses on Linux by Rich Paredes  
This article shows how to detect Trojan horses on a Linux system and 
provides common-sense suggestions for dealing with them.

     Columns

SNIPS by Ron McCarty  
http://click.sysadmin.email-publisher.com/maaardTaaSMlua2sokSb/

Questions and Answers by Amy Rich 
http://click.sysadmin.email-publisher.com/maaardTaaSMlva2sokSb/

Volume Management and File Systems Usage and Implementation by Henry 
Newman 
http://click.sysadmin.email-publisher.com/maaardTaaSMlwa2sokSb/

Storage Consolidation - Part 3 - Implementation Details by Peter Baer 
Galvin
http://click.sysadmin.email-publisher.com/maaardTaaSMlxa2sokSb/
------------------------------------------------------------------
Need Performance & Availability Monitoring ?

up.time is an easy-to-install, easy-to-use, low cost, browser-based,
yet powerful realtime server performance and availability monitoring 
and
graphical reporting tool, which enables rapid: Historical Trend 
Analysis,
Granular Root-Cause Analysis and Capacity Planning.

Buy or Rent up.time from $79/month per server

Visit http://click.sysadmin.email-publisher.com/maaardTaaSMlya2sokSb/ 
for
your FREE  evaluation copy.
------------------------------------------------------------------
   CALL FOR PAPERS  

     Networking -- December 2002
Proposals Due: August 1, 2002
Manuscripts Due: September 2, 2002

* Unheralded Freeware Troubleshooting Tools for the Network
* Homegrown Solutions for Enterprise Integration
* Tools for Emulating a Windows Domain Controller
* Why I Really Needed IPv6
* Implementing Secure Wireless Solutions

     Open Source -- January 2003
Proposals Due: September 2, 2002
Manuscripts Due: October 1, 2002

* Open Source in the Enterprise
* New Tips for Securing Linux
* Tuning Apache
* Advanced Open Source Techniques for Network Installation
* Undocumented (or Rarely Documented) Solutions with BSD
* My Favorite Unknown Open Source Utility (and How to Use It)

     Web Admin -- February 2003
Proposals Due: October 1, 2002
Manuscripts Due: November 1, 2002

* An Apache Trick You Haven't Seen
* Useful (and Secure) Scripts for Web Administration
* A Problem I Solved Using PHP
* Studies in Low-Budget E-Commerce
* Web Optimization: Practical Solutions You Won't Find in the Books
------------------------------------------------------------------
Suffering from performance bottlenecks?  Would you like to find out 
where
they are and how to fix them for FREE?  We've been improving system
performance for companies for over 20 years.  Try Imperial's FREE
performance measurement software to see if your existing system can be
liberated from performance-robbing bottlenecks at
http://click.sysadmin.email-publisher.com/maaardTaaSMlza2sokSb/
------------------------------------------------------------------
  LINKS

If UNIX were Elvis, we'd be Graceland:
http://click.sysadmin.email-publisher.com/maaardTaaSMlAa2sokSb/

Nothing but Unix.
http://click.sysadmin.email-publisher.com/maaardTaaSMlBa2sokSb/  

User Friendly:
http://click.sysadmin.email-publisher.com/maaardTaaSMlCa2sokSb/

C/C++ Users Journal
Advanced Solutions for C/C++ Programmers
http://click.sysadmin.email-publisher.com/maaardTaaSMlDa2sokSb/
------------------------------------------------------------------
LINUXWORLD CONFERENCE & EXPO

BENEFIT from the world's best Linux and Open Source education and 
training
program.
DEVELOP skills and gain knowledge that will enable you to implement 
tactics
and strategies immediately.
ACHIEVE higher profits, reduce development costs and discover why 
leading
companies such as Amazon.com, DreamWorks, Merrill Lynch and Boeing are
coming to LinuxWorld.
When Registering, enter priority code LSUR
http://click.sysadmin.email-publisher.com/maaardTaaSMlEa2sokSb/
------------------------------------------------------------------
   Newsletter Subscription Information

Please feel free to share this newsletter with interested parties
via email (not on bulletin boards).  To subscribe, see:
http://click.sysadmin.email-publisher.com/maaardTaaSMlFa2sokSb/

Email comments to: aankerholz@cmp.com