Presentations

• "Unix Command-Line Kung Fu", a two-hour short tutorial I give at SANS Conferences and to local user groups. An alternate title could be, "You Don't Know Jack About the Command-Line".

• "Demystifying Sendmail", my new two-day Sendmail course (last update Feb 2006).

• "Detecting Break-ins"-- some simple tricks and freely available utilities for discovering when your Unix systems have been compromised. Given to the Mid Willamette Valley Linux User Group, September 2004.

• "Unix Hacking 101"-- a brief into to breaking into Unix systems and what attackers do once they get in. Given to the Eugene Unix and GNU/Linux User Group, August 2004.

• "The Current Anti-Spam Landscape", given to the Portland Linux User Group, July 2004.

• "DNS and BIND", given to the Eugene Unix and GNU/Linux User Group, March, 2004.

• A talk on the IT aspects of my move to Eugene, given to the Mid Willamette Valley Linux User Group in January, 2004.

• "Solaris Security", webcast by the SANS Institute way back in July, 2002.

• An old version of a full-day tutorial on DNS and Sendmail, last update April, 2002.

• "NTP, the Network Time Protocol", last update February 2001.

• "Solaris Jumpstart", last update January, 2001.

Articles and Other Writing

• "Dealing with <BUTTON>", explains a work-around required because Microsoft Internet Explorer (MSIE) doesn't implement the <BUTTON> tag properly.

• "Solaris Security: Step-by-Step", the definitive guide originally published by The SANS Insitute.

• "Solaris BSM Auditing" (aka kernel-level auditing), originally published in Sys Admin Magazine.

• Instructions on how to build statically-linked executables under Solaris.

• "Improving Sendmail Security by Turning it Off", originally published in Sys Admin Magazine. Also a follow-up article, "Just Can't Get Enough Sendmail".

• "Running Sendmail as an Unprivileged User", originally published in Sys Admin Magazine.

• "The Sendmail greet_pause Feature", originally published in Sys Admin Magazine.

• "Strong Password Enforcement with pam_cracklib", originally published in Sys Admin Magazine.

• "Remote Logging with SSH and Syslog-NG", originally published in Sys Admin Magazine.

• "File Integrity Assessment via SSH", originally published in Sys Admin Magazine. You can find some related configuration files and tools here.

• "A Simple DNS-Based Approach for Blocking Web Advertising", originally published in Sys Admin Magazine. Also, here's a brief update to the original article based on reader feedback.

• "Name Server Security with BIND and chroot()", originally published in 8wire (now defunct). Note that while this article covers chroot()-ing BIND under Solaris, the EUGLUG talk listed above has the details for Linux systems.

• "Great Moments In Customer Service", a humorous editorial originally published in 8wire.

Tools

• h2n, a tool for converting a static hosts file into DNS zone files. Originally written by Cricket Liu for the O'Reilly DNS and BIND book.

• PLOD, my tool for keeping an on-line journal of what you're working on.

• A couple of different Solaris Jumpstart related tools, including an automated hardening tool that performs many of the steps in the "Solaris Security: Step-by-Step" guide mentioned above.

Return to: Deer Run Home > Hal's Homepage >