E-mail
Sun's Bay Area Datacentre Consolidation & Modular Datacenter S20
Sam K Tan
A presentation on how Sun consolidated over 100+ datacentre in the Bay Area down to less than 20, reducing our operating costs while also increasing total compute power and availability.
IBM's Big Green Strategy
Nicole O'Conner
IBM's Big Green Strategy, including material on our IGF remarketing strategy and an overall understanding on what IBM as a global organisation is doing to drive our own corporate policies in this area. This will feed into a short discussion on specific solution sets we have which can guide our clients in the same direction.
Embodied and recurrent energy - computing the carbon cost
Leonard Cohen
Bio
Leonard Cohen is the founder of the Australian Carbon Biosequestration Initiative, founded in 2003. In 2004, Leonard began to design radically new types of carbon-offset programs, among which was a carbon neutral 20-storey CBD tower for the Commonwealth Bank. In 2005, Leonard designed the carbon offset program for Mitsubishi's new 380 and began assisting SA Premier Mike Rann's Climate Change Office on biosequestration. In 2007, Leonard and CEO Noel McArdle addressed the Urban Development Institute of Australia conference on embodied energy in buildings.
In 2008 Leonard and Monica Oliphant advised the Land Management Corporation on the level of carbon reductions likely to be achieved by the Lochiel Park urban development, the GHG emissions generated in the likely transport use by the residents of Lochiel Park and the onsite capacity for further greenhouse gas emission reductions through bio-sequestration from the parkland area. Lochiel Park is the first housing development in Australia to have commissioned a report on its capacity to achieve carbon neutrality.
Strategic Human Resource Management
Taking a Walk on the Wild Side
Kristy A. Bennett
When it comes to completing a degree in Computer Science, Engineering, or Information Technology the notion of studying management units doesn't rate very highly and it certainly often rated as one of the less useful subjects. But what about Human Resources Management? This presentation is pieced together to help you get inside the mindsets of your CEO and their HR Director by examining the techniques they employ.
Understanding their mindset can help you work out what attitude, work ethic and level of output will best equip you for that promotion or sideways move you may be looking for in the future. It will also help you understand some of those weird recruiting decisions that are made within organisations as well. Want to know the best bit? Many CEOs and HR Management staff don't even know why they push for the recruiting agendas that they do - so, in some instances, you'll understand some of these people better than they know themselves!
Large Scale Systems Administration
Dougal Scott
Looking after a sizable network of servers is not like looking after a handful, just with more servers. The usual range of ad-hoc system administration techniques that can work well with a handful of hosts will not scale to a multitude of hosts. Conversely while the techniques that work with a large network of hosts and team system administrators will still work in smaller networks and teams, the extra effort might not be worth it. This paper will cover a number of fundamental techniques and concepts that can transform how you manage a large network of systems.
Information Security in a Generation-Y World
Phil Kernick
Traditional information security has relied on barriers, controls and
hierarchy to enforce protection of information. This paradigm is being
supplanted by the Generation Y workforce who are demanding access in any
way, at any time and from any place. This presentation will look at the
threats and benefits of living - and working - in the brave new world.
Securing your voice over IP
Phillip Pudney
If you're not already using Voice over IP (VoIP), you're probably at least thinking about it. However with convergence comes new challenges. Unfortunately many organisations are deploying VoIP without considering the security threats, which can be extremely expensive and difficult to correct retrospectively.
This talk will present some of the common threats and vulnerabilities that affect VoIP and discuss some of the ways to mitigate them. A live VoIP demo will show just how easy it is for an attacker to intercept your calls.
What Time Is It Now?
Frank Crawford
Most modern systems implement a mechanism to synchronise time with an external source, the most common being NTP. Further, most SysAdmins probably know that this synchronisation includes the provision to include a leap second, or even to miss a second. What is probably less widely known is that this sychronisation is based on a time standard called UTC, and is effectively based on solar time, etc. There is a competing standard called TAI, which is based primarily on atomic clocks, and does not include the provision of leap seconds.
There is a proposal from the ITU (International Telecommunications Union) that future time broadcasts be based on TAI rather than UTC. While at first this sounds like a simplification, in fact the differences quickly become noticeable, and have profound effects on computer based timing, including timestamps, etc.
Worse still, when investigating the basis for any of the time standards (and there are far more than the two listed above) it becomes a very tangled web with different assumptions and results for each one.
This presentation will go through this complex topic and show the various alternatives, what they really mean both short term and long term. It will touch on classical physics, quantum physics, relativity, astronomy, geoscience and history.
Ultimately it will show that there is no single answer to the question "What time is it now?".
OpenSolaris - Enterprise OS for free
Sam Tan
OpenSolaris is Sun's open source release of Solaris, the enterprise UNIX operating system used by the world's largest companies. With OpenSolaris, users can get the latest and greatest innovations like DTrace, ZFS, zones, predictive self-healing, and military-grade security.
Managing your Email and Task Overload
Arjen Lentz
Many people have to cope with large quantities of incoming mail. And it keeps growing! Eeks... Arjen will help you ease your stress by presenting some practical methods to deal with your mail effectively. And no, we won't be dropping mails. In fact, we'll even add your TODOs to the party.
This is not some techno magic, we'll simply discuss ways of organising your work differently. The ideas and methods were researched and developed by other smart people, while Arjen himself is still busy adjusting his ways. There's no quick fix, just gradual enlightenment.
Less spam through prevention of email address collection
Tobias Eggendorfer
You probably get too much spam. No matter how viciously you filter it, some still gets through. This is because filtering only helps to treat the symptom, not the cause. Worse, the more stringent your filters, the more likely you'll lose legitimate mail due to false positives.
How can you get less spam? First you need to think about how the spammer got your email address in the first place. The most common method is to use email address harvesters. These search the web for email addresses just like a search engine's spider indexes site content. If you could avoid publishing your email address, you'd get less spam.
Unfortunately, we often need to publish our email addresses so that we can be contacted by non-spammers. Fortunately, human visitors are more intelligent than the harvesters and usually can deal with obfuscated addresses. Studies have shown that some obfuscation methods are just as efficient as not publishing the email address at all.
This talk discusses several methods to obfuscate email addresses. It further suggests an output filter which can be used with the Apache web server to obfuscate mail addresses even on dynamically generated web pages without the need for any manual modification.
System Administration and The Economics of Plenty
Tom A. Limoncelli
Over the years IT resources (disk space, CPU, bandwidth) have gone from being scarce to nearly infinitely plentiful. Why do our IT policies still reflect the days of scarcity? Seeing the world in terms of "the economics of plenty" brings about a paradigm shift that changes the way we treat our users, manage our systems, and take care of ourselves. Believing in the false world of scarcity leads to mistrust, secrecy and closed-source software.
Tom will explain the economics of plenty, how much of what we believe to be scarce is actually plentiful, and how the open source movement benefits when we see the world through through the paradigm of a plentiful world. This new thinking is the philosophy behind the newly released second edition of "The Practice of System and Network Administration" (Addison-Wesley) by Limoncelli, Hogan and Chalup.
Bio.
Tom is an internationally recognized author and speaker. His books include the (recently released) 2nd edition of "The Practice of System and Network Administration" (Addison-Wesley), "Time Management for System Administrators" (O'Reilly) and "The Complete April Fools RFCs" (Peer-To-Peer). Tom works at Google's NYC office and previously worked for large and small companies including Bell Labs and Cibernet. He is the joint recipient of USENIX/SAGE's 2005 Outstanding Achievement Award. He blogs at www.EverythingSysadmin.com
An Illustrated History of Failure, Part II
Paul Fenwick
Software failure is an ancient and time-honored tradition which dates back to the ancient world. Ever since we've been programming computers, we've been programming them to fail. Join us as we laugh and learn from some of history's biggest software blunders.
Bio
Paul Fenwick is the managing director of Perl Training Australia, and is an experienced speaker at technical conferences worldwide. His interests include security, mycology, cycling, coffee, scuba diving, and lexically scoped user pragmata.
Rules of Thumb of System Administration
Elizabeth Zwicky
Every profession accumulates some condensed wisdom, whether it's in the form of Zen koans or laws of engineering. This presentation is a tour through the condensed wisdom of system administration, in the form of pithy sayings supported by educational stories (some of them, of course, stolen from other professions, including Zen koans and laws of engineering).
Bio
Elizabeth Zwicky has accumulated experience, if not wisdom, in more than 20 years in and around system administration. She has worked as a system administrator in education, government, and corporate environments, has worked in three countries and two languages, and has been an author, educator, developer, manager, system designer, and consultant. Her smallest employer had under 10 employees, and her largest over 10,000. She is a founding member of SAGE-AU.
SharePoint - What Does it mean for System Administrators?
Daniel William Brown
Business is adopting SharePoint at an alarming rate. High skilled SharePoint professionals are coming in and implementing SharePoint and business process.
But what should the system administrator be aware of when it comes to SharePoint on servers which system administrators are responsible for?
In this session and presentation, System Administrators will learn key skills to take away and apply in their business which will help ease the fear of dealing with SharePoint and its technologies to better their selfs and skills in dealing with environments where SharePoint is deployed.
Running security devices on bridges
Tobias Eggendorfer
Running a firewall on a router is nothing special, as this is an ISO/OSI-Level 3 device, capable of working with IP addresses. It is also pretty straight forward to run an application level content filter, such as a virus scanner, on this router.
But running the same technology on a bridge seems impossible, because a bridge is not more than a two port switch. It does not know hot to handle IP. It is only interested in MAC addresses. Even though this sounds implausible, running a stateful firewall on a bridge, is not that new.
We, however, managed to run a spam filter and a virus filter for HTTP on a bridge. We also implemented a port-forwarding router style device on a bridge, that, according to the destination port or on an existing connection forwards data to two devices sharing the same IP. Thereby, we were able to share one IP for multiple systems without the hassles of net address translation (NAT).
Top Reasons for Successful WLAN Penetrations in the Past Year
David Ross
This is a 20-minute presentation on the most common vulnerabilities actually exploited to gain access to networks during wireless network penetration tests. This will detail the practicalities of real wireless network security testing, the things that never cease to amaze you and the things that can literally bite you!
Without spending too much time regurgitating just how trivial it really is to break WEP encryption or lightning fast compromises on dictionary WPA2 PSK installations, this will focus on the all the other aspects that destroy a sites security. Organisations that make themselves a target; that rely only on secrecy of a broadcast medium; that rely on the wireless devices to provide security; that secure only the perimeter; that dont secure the hardware itself; that dont turn off unnecessary services; that leave default passwords in place; that use generic superuser account names.
It will also cover the practicalities of actually doing these tests. Authorisation, hard-ware and software tools, flat laptop batteries, solo war-driving on busy arterials, vehicle choice, target employees, passers-by, air-conditioning and inclement weather.
Some of this is sourced from a academic papers I presented at AusCERT and a recent Ozeconference, with most of the academic bits cut out and lots more practical sysadmin bits added in.
David Ross is a Chartered Professional Engineer (Electrical) and IT security consultant with the ANTACS Group in Brisbane. He is currently also undertaking a PhD in wireless network security, with the Information Security Institute at the Queensland University of Technology. He has worked in the computer industry for 20 years and specifically in IT security for over half of that. He also undertakes casual teaching with the Universtity of Queensland and the Queensland University of Technology from time to time. His consulting roles typically involve security infrastructure development, commissioning and review, as well as enterprise architecture and policy development for the finance, resources and government sectors.
The Hand Over: Managing system administrator transitions
Tim Bell and Geoff Crompton
Although organisations may have change management policies which govern services and servers, they may not have policies which cover the changing of system administrators. Arguably, replacing a departing sysadmin can be one of the riskiest processes in IT, particularly in small organisations with just the one sysadmin. Therefore it's important that the process is managed well, for the sake of the sysadmins involved as well as the organisation itself.
In late 2007 and early 2008, we have been involved in three separate transitions: Geoff leaving Strategic Data, Tim handing over to Geoff at Trinity College, and Tim starting at Austhink Software. Each of those transitions brought its own challenges and requirements, and left us with a variety of lessons.
This paper will address the requirements of a smooth transition when one sysadmin leaves and hands over to a new sysadmin, identify the prerequisites and planning required to achieve the transition, and look at ways of dealing with issues remaining afterwards.
80% less spam at the mailserver
Tobias Eggendorfer
More than 90% of all emails sent are spam. Filtering spam the classic way puts a massive work load on the mail server. Our tests show, that using an SMTP tar pit simulator to protect the mail server from spam is very effective. Because this concept reacts to typical spammer behaviour, we were able to reduce the spam load on the mail server by 80%.
This talk explains the idea of how the SMTP tar pit simulator works, why we believe it is efficient and reasons for why it is unlikely to break its concept. The talk involves discussing how an SMTP tar pit works, too.
Oracle VM Life-Cycle Management
Dean C. Samuels
Virtualisation is a hot topic in the industry today. There are many offerings and players in the virtualisation market. This presentation takes a look at Oracle's virtualisation offering, Oracle VM, and the value proposition it has over competitors including how it fits into Oracles Unbreakable Linux program. The talk will also discuss the management capabilities and features of Oracle Enterprise Linux and Oracle VM via the Oracle Enterprise Manager management suite and the Management pack for Linux.
Express Tutorial: Introduction to Business Analysis Tools
Kristy Bennett
This express tutorial is extracted from Kristy's tutorials in business practice. In no way related to Business Needs Analysis, this presentation is a must see for the technology practitioner who is moving into a supervisory, decision-making or managerial role. This will be and extremely intensive, short and sharp presentation introducing the essential business analysis tools used in management decision making processes. Included in the presentation will be SWOT analysis, the Five Forces Model, Environmental Analysis (PEST).
Developing an Enterprise Security Architecture
David Ross
This is a presentation for senior system administrators and IT managers on the reasoning, considerations and outline of the process of developing an Enterprise Security Architecture (ESA) as part of an overall Enterprise Architecture (EA).
The presentation will cover the need for information security, the reasoning for developing an ESA, the SABSA framework and the SABSA model for developing an ESA as part of a business-oriented approach. This approach focuses on the business need for information security rather than security for the sake of information security itself and will outline information security strategy and how the SABSA model is applied to develop an information security framework.
Express Tutorial: SWOT then what? Hitting the Sand Hills of Marketing Hard and Fast
Kristy Bennett
So many times business owners can recite the times they have been told 'if you fail to plan you plan to fail'. As a result many start-uppers draw up a business plan which gives them idea of where they want to be but does not lay out the path to get there. Promptly thereafter it collects dust in a pile of bedtime reading, disappears to the bottom of a filing cabinet drawer or is filed under 'trash'.
This small and condensed extract from one of Kristy's tutorials is designed to very quickly find a use for that dusty, coffee-stained business plan, not as a coaster or fire lighter but as something that can be turned into tangible approaches to managing and conducting your business. This snappy introduction to the P's of marketing can revolutionise they way you identify your markets and how you target them. Use this session to springboard your next marketing planning session.
This presentation builds upon the concepts introduced in the 'Introduction to Business Analysis Tools' and it is advisable that you also attend the this session beforehand if you are not familiar with SWOT analysis.
From "Petting Penguins" to "Bring out your Dead"! Apple and the Environment.
Jen Walbank
Jen Walbank overviews Apple's efforts for a "greener" computing environment. The session will be covering hardware efforts, software considerations and how good practice can assist with managing these devices in a greener and more cost efficient way. We will also review Apple's local efforts in environmental awareness.
State of the Broadband Nation
Simon Hackett
In this session, we'll take a look at the current state of play in Australian broadband, and see what is approaching on the horizon.
Bio
Simon Hackett founded and runs both Internode, a broadband services provider, and Agile, a broadband network building company. He helped to put AARNet v1 together many moons ago. He likes making good and cool technical things happen in the broadband space.