[10824] in bugtraq
Call for Papers-SANS 1999 Workshop On Securing Linux
daemon@ATHENA.MIT.EDU (Laura LeHew)
Mon Jun 14 20:24:15 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id: <4.1.19990614153415.009a5f00@deer.deer-run.com>
Date: Mon, 14 Jun 1999 15:34:53 -0700
Reply-To: Laura LeHew <laura@DEER-RUN.COM>
From: Laura LeHew <laura@DEER-RUN.COM>
To: BUGTRAQ@NETSPACE.ORG
Call for Papers
SANS 1999 Workshop On Securing Linux
December 15-16, 1999
San Francisco
Deadline June 28, 1999
Note: Best proposal will get a free trip to San Francisco to present their
paper at the conference
Conference Objective
Topics
Who Should Submit a Proposal
How to Submit a Proposal
Questions
Program Sponsors
LINUX is winning! Where other new operating systems failed, LINUX is
gaining converts among users and vendors at an increasing rate, proving
that the
community of computer users can create extraordinarily valuable tools. At the
same time Linux systems are the targets of a huge number of successful
attacks.
There is debate over the causes of storm of Linux security incidents, but
whether it is the operating system's immaturity or the carelessness of its
users, continued growth demands that Linux users and the developer community
meet the security challenges.
An important initiative was launched at SANS99 in Baltimore. Linux experts
from more than a dozen universities are jointly creating a hardened version of
Red Hat Linux, in a project named Bastille Linux. They are fixing the default
configurations and adding security features so the university administrators
will feel safer distributing Linux to students. Information on the project
may be
found at http://www.bastille-linux.org/ . Every person who attends the
Securing
Linux Workshop will be given a copy for adaptation and/or redistribution.
There's more that can and is being done to make Linux systems less
vulnerable. If you are one of the people who have developed home-grown
solutions or are one of the developers of a more secure version of Linux,
please submit a proposal for the Securing Linux Workshop.
If you have solutions (even partial ones) we welcome your input.
The 1999 SANS San Francisco Network Security Conference is being held
concurrently with the Intrusion Detection & Response Training Conference,
where the nation's top network security and intrusion detection experts,
people like Stephen Northcutt, Gene Schultz, Randy Marchany, Ed Skoudis,
and many more will be teaching in-depth, full-day, intense courses for
security practitioners.
We hope that you will consider joining the Securing Linux Workshop to extend
this tradition of quality by submitting a proposal for:
A paper focused on practical solutions (2-10 pages) along with a
presentation (25 or 50 minutes)
other types of presentations (panels, demonstrations, mini-tutorials, etc. -
15-90 minutes in length)
Even if you choose not to submit a short paper and presentation, we hope you
will join us in San Francisco on December 11 - 16, 1999 for the workshops and
courses that you feel will be helpful in meeting your professional needs.
Course titles and a preliminary schedule will be posted to http://www.sans.org
around July 15, 1999.
Topics
Any topic that you feel would provide immediate pragmatic information on
Linux security to an assortment of researchers, practitioners, and observers
coming to the workshop is invited. Here are a few topic groups that might
give you ideas, but submissions are by no means confined to these:
Hardening the Operating System
Improving Practices and Procedures
Risks Particular to Linux Systems
Configuration Errors
Silly Things Users Do
Good New Tools
Bad Tools New or Old
Automating Installation to Reduce Risks
Network-Based Intrusion Detection
Host-Based Intrusion Detection
Vulnerability Analysis
Who Should Submit A Proposal and Why Should You
Anyone who has done useful work in improving the security of Linux systems
is invited to submit a proposal.
The recognition afforded by being chosen to present some of your work can be
a marvelous avenue of professional growth and can yield results throughout
many aspects of your career. If you have a solution that you would like to
share, please consider taking the time to write it up and submit a proposal
to SANS. Being selected to be a part of the SANS faculty gets you more than
just the rare ID&R-Securing Linux polo shirts. It also conveys an
appreciation
of the value you are contributing to the field.
You don't have to be solving the largest problems in order to have your
proposals accepted. We are looking for a wide variety of proposals and
encourage you to submit one even if you are not sure of its worth.
Besides the distinctive polo shirts, authors also earn substantial discounts
on conference and tutorial attendance.
If you are a vendor, please consider joining the SANS evening vendor
presentation
program. Contact daragh@sans.org for opportunities to present technical
aspects of your products to SANS participants in a variety of venues.
How To Submit A Proposal
Send an email to laura@deer-run.com with the subject `Securing Linux
Proposal'.
Submissions will only be accepted in any of the following formats: PDF,
Word '97, PowerPoint '97, ASCII text, or HTML.
Deadline for submission is June 28, 1999.
Please include the following items:
Your Name
Preferred email
Phone
Fax
Employer
Surface mail address
The title of your proposed presentation
The length (25 minute presentation with 2-5 page paper or an alternative
format).
At least three paragraphs containing:
The specific challenges or problems the presentation will help the audience
solve.
The approach you used including any specific tools you created or used
The evidence you have that proves that your approach works well and can be
used by other people.
SANS has made great strides in the past few years and is now recognized as
one of the two most useful learning opportunities in the system
administration, networking, and security field. This year, SANS is
introducing policies that will enable us to continue to earn quality
accolades:
All presentations focus on actual challenges faced by system administrators,
security professionals, and network managers.
All presentations provide practical solutions that can be implemented
immediately.
All daytime presentations are free of vendor bias (except the panels in
which multiple vendors are speaking together and will `correct' one another).
Vendors and their representatives are welcome to present in the SANS evening
program.
All presenters will be given opportunities to ensure their presentation
skills are the best they can be: through pre-conference training
Programs, coaching-on-request for content and speaking, and/or audio tape
exchange.
Questions
Please contact laura@deer-run.com with questions.
Program Committee Chairs
Alan Paller, The SANS Institute
Jon Lasser, University of Maryland Baltimore Campus
