[nylug-announce] NY Linux Users Grp. January Meeting 1/15 Mordy Ovits: Two On Linux Security

Jim Gleason jgleason at nylug.org
Thu Jan 9 02:55:26 EST 2003


                 The New York Linux Users Group presents

                              Mordy Ovits
                       - Two on Linux Security -
          Kernel Packet Filtering and Pluggable Authentication


January 15, 2003
Wednesday
6:30pm-8:00pm
IBM Headquarters Building
590 Madison Avenue at 57th Street
9th Floor, home to the IBM Linux Center of Competency

                        ** RSVP Instructions**
Unless you have already rsvp'ed for a prior meeting, everyone
should RSVP to attend. http://rsvp.nylug.org
Check in with photo ID at the lobby for badge and room number.

Linux Security:
    We all know Linux's security reputation; it's a matter of pride
    in our community.  We all know that Linux can be hardened to a 
    high degree.  We may even know what tools are invoked to bring
    about this hardening.

    But do you understand how they work, their internals?  Mordy will
    cover the internals of two Linux security features, both of which
    remain poorly understood. 

    Therefore, this January 15 NYLUG meeting is going to be more
    technical than usual. 

One:
    The first topic will be the Linux kernel's packet mangling and
    filtering capabilities.

    Linux has an incredibly sophisticated TCP/IP stack.  Capable of
    exceptional perfomance, it also offers unmatched flexibility.  
    It enables you to do nearly any network operation you can 
    conceive of, and then some.  It gets thispower from its internal
    architecture, comprised of softnet and netfilter.

    Mordy will go over how the kernel's networking works, where
    netfilter fits in, how iptables leverages this, and what it can be
    used for.  This will *not* be an iptables HOWTO. A solid knowledge 
    of TCP/IP is a prerequisite to this portion of the talk.

Two:
    The second topic will be Linux's implemenation of Pluggable
    Authentication Modules (PAM).

    PAM, invented by Sun Microsystems, allows for framework-independent
    system authentication.  Linux, like all modern Unixes, uses PAM
    for nearly all authentication, allowing for tremendous flexibility.
    
    You can use PAM to authenticate against a RADIUS server or a
    Windows Domain, or to prevent people from choosing bad passwords.

    Mordy will be going over the PAM architecture and origins.  He will
    discuss how programs interact with PAM, and how to configure it.
    A basic knowledge of the various authentication models and schemes
    will be helpful, but is not required.

For more information, visit:
    http://www.netfilter.org/
    http://www.kernel.org/pub/linux/libs/pam/

About Mordy Ovits:
    Mordy spent three years as a cryptographic engineer, before moving
    into security consulting with Internet Security Systems.  He is
    currently employed at a major financial firm as a Network and
    Information Security Engineer.

Free Stuff!
     Swag of undetermined value and quantity may be distributed on a
     first-come, first-served basis. Arrive early for the best selection

Keysignings
     Immediately after the presentation and continuing at the Old Stand
     pub, we will be gathering for a keysigning. So for those who have
     keys already, please remember to bring hard-copy printouts of your
     40-character key fingerprint. If you haven't created a key yet, our
     howto docs are posted here: http://www.nylug.org/keys

Stammtisch
     And then after the meeting... Join us around 8:15pm or so at the
     Old Stand, 914 3rd Ave. on the corner of 55th Street.
     http://www.irishpubguide.com/html/pubs/old_stand.html

Please see our home page at http://www.nylug.org for the HTMLized
version of this announcement, our archives, and a lot of other
good stuff.

Monthly Reminder!
     Please read the NYLUG-Talk Posting Guidelines at:
     http://www.nylug.org/mlistguide/

________________________________________________________________________
January 2003 - The New York Linux Users Group, NYLUG.org

Special Thanks to Mordy for preparing the announcement!



More information about the nylug-announce mailing list