[NTLUG:Discuss] Usenix 03 Brief Summary

[Chris Cox]

Had a blast in San Antonio!

I took 3 tutorials:

1. LDAP
2. Networking (Bridges, Switches and Routers)
3. WiFi Security

Gerald Carter gave a less than interesting presentation on LDAP which
turned out to be more of a "here are the differences in OpenLDAP v3"
presentation.  IMHO, LDAP is still baking... you can smell it, but
the chefs still aren't done with the recipe and have almost promised
a rewrite.  Implement at your own risk.  I can tell that Gerald
is much more interested on Unix taking over LDAP from M$... which
is a recipe for disaster.

Radia Perlman gave the talk on Networking.  It was very good, but
sort of scary when you consider how stupid most of the protocols
really are.  Blame humanity I suppose... they really, really don't
make any sense.  I have a deeper appreciation for IPX.

William (Bill) Arbaugh gave the class on WiFi security.  In short,
there is no such thing.  I am now more than ready to destroy
any WiFi network at will... VERY SCARY.  He demonstrated by
using the Usenix WiFi as his target (he practiced on the avaiable
Access Points visible from his hotel room!!).... btw, for those who
think that WPA is going to change things... I'm afraid
you're wrong.  The next generation WiFi, which has yet
to be even be drafted by the 802.11i task force, might
have enough security for me to consider deployment.  If you
run WiFi today you might as well just stick a hub outside
your front door with a sign - "Open Connection to Our Network!".

However, on the fun side, he did show us a homemade
Access Point:
http://www.soekris.com/

He was using the net4501 with a PCI wireless card with a Prism2
chip.  Very spiffy.  I figure if you're going to deploy
WiFi (i.e. hole in your network), might as well do it custom!
His team at the college did there own software for it, but
he just downloaded a pre-built (BSD) package from:
http://m0n0.ch/wall/
Didn't have the WPA/RSN stuff in it (not that anyone really
has that "officially" yet... though he was running a
beta Cisco AP with WPA on it).

This was by far the best class!  Highly recommended.

I was surprised to see some of the typical Linux luminaries there...
Ted T'so
John "maddog" Hall
Don Marti

... of course there were the BSD folks and normal Unix
luminaries (which is more expected at a Usenix conference).

I manged to get a couple of autographed books for giveaways:

Firewalls and Internet Security (2nd ed)
    Repelling the Wily Hacker
Bill Cheswick
Steven Bellovin (not there to sign)
Aviel D. Rubin

White-Hat Security Arsenal
Aviel D. Rubin

Nice part about Usenix is that it was all a pretty casual
setting.  I spent many minutes talking with Dr. Peter Salus
on a couch outside the conference rooms.  I don't think
many people recognized him.  Nobody knows the history
of Unix better than Dr. Salus.

"maddog" continues to lose weight...

The main exhibit was from the Portland State Aerospace
Society ... they launch rockets and brought a couple.
Microsoft's table was manned by a couple of really, really
bored folks that were probably told to go at the last
minute.  M$ brought NO collateral materials AT ALL.  Just
had the plain table with a couple of chairs IN FRONT
on which they sat and watched everyone pass by :-).

Sun Microsystems had a table... but it was pretty boring.
Best table (apart from the rocket) was the Addison Wesley/Prentice
Hall table... esp. when the authors were signing.  Free beer and
wine (?) was another primary attraction for many.

Finally, while Linux is still pretty muched shunned
at Usenix... it's starting to change somewhat.  Almost
everyone who presented would say something like "I
don't like Linux" and follow it with "here's how I
did this with Linux"... usually because the tool they
needed was NOT available in BSD :-)

I think it was a big mistake when the Atlanta Linux Showcase
joined up with Usenix and was later disbanned... Dr. Salus
even told me he wished he had $50K to try to get ALS
back going again.


Hope everyone can make the CTS in Plano coming up!
Chris