I grew up in Maryland and attended the University at the College Park campus. I enjoyed psychology, physics, and computer science courses almost as much as the anti-Vietnam war demonstrations. The occasional riots taught me more about group behavior than any psych course, and marketing people who weren't there really missed something.

In the late seventies, after two consecutive winters featuring weeks of freezing rain, I moved to San Francisco. There I lived in a commune, worked for North Star Computer, and built my first computer from a kit. Later, I worked as a consultant, getting exposed to UNIX by working with Dual Systems, an early (System III) multiuser (four serial ports) UNIX system vendor. By 1984, I was running UNIX at home.

Tiring of the city's noise and lack of parking, I settled in Marin county, with a creek and a hot tub in the back yard. There I met my wife, Rose Moon, and worked with Becca Thomas on my first book, Unix Administration Guide to System V (Prentice-Hall, 1989). Besides the hot tub, Marin offered many miles of bicycle trails, which forced me to replace my racing bike with a mountain bike. Later, I wrote Unix System Security (Addison-Wesley, 1991).

In 1991, realizing that California was a bit crowded, I moved my family to Sedona, in Northern Arizona, where my office looks out over the red rocks and the Mogollon Rim to the North. I still enjoy mountain biking (try Mountain Bike Heaven in Sedona for info and rentals), flying small aircraft, and peace and quiet when not on the road teaching or consulting.

Rik Farrow's On-site Internet and Unix Security Courses

Rik Farrow is available as an on-site instructor for Internet and UNIX security, particularly in the Western United States. Farrow has been teaching courses in UNIX security since 1987, and has presented courses for UniForum, Usenix, Interex (HP users), UNIX Expo, Danish, Norwegian, and Swedish UNIX user groups, Europen, NSA, US West, the IRS, the US Courts, and US Dept. of Agriculture. He is the author of UNIX System Security (Addison-Wesley, 1991, ISBN XXX). He has also been Technical Editor of UNIXWorld's Open Computing magazine, a McGraw-Hill publication.

Farrow can provide either a short (two hour) management overview of the Internet with a focus on security issues, or a one to three day course on Internet and UNIX security. The Internet and UNIX security course provides in-depth information about improving the security of UNIX systems, auditing UNIX system security, network security, and information about setting up firewalls.

Mr. Farrow is also available for consulting on the security of Internet connections.

The Internet and Security

Management Overview

The Internet has been around in some form for over twenty years, but has only gained prominence recently. What was once the domain of researchers has become a testing ground for the National Information Infrastructure, with businesses starting to dominate Internet use. The current administration has encouraged agencies of the U.S. Government to connect to the Internet, and to provide on-line services today.

With an organizational structure best described as an anarchy, the Internet can most easily be understood by examining its overall structure and the basis of its communication principles. As a low cost, international networking infrastructure, the Internet has become as attractive to many businesses as it already is to hackers. It costs no more to communicate with a local university than it does with a business overseas.

This high-level presentation examines both the promise and the threat of Internet connectivity, with a focus on the ``dark side.'' When the Internet was a research network, hackers were a minor nuisance. But that is no longer true. Technologies for making Internet connectivity safer and more secure are available, and groups are working on the next generation of the Internet, which will include much better security.

The presentation includes:

• Organization of the Internet
• Practical uses
• Hackers and their attacks
• Defending Internet connections
• Authentication and encryption
• The future of Internet security

UNIX and Internet Security

This course can be presented in two days, or easily take place over three days, depending on the level of the attendees. Designed for the UNIX-literate, the course proceeds from basic UNIX security (file permissions, ownership, passwords, set-user-id), to defending entire networks with firewalls. Tools for securing and testing UNIX systems and TCP/IP networks, which are freely available from the Internet, are emphasized. Commercial security software is also listed and described.

Course attendees will leave this course not only with a better understanding of security issues, but also with an action list. The tools described in the course provide a means for improving site security, and for securely connecting a network to the Internet.

Topics include:

• Basic UNIX security
• Recent attack strategies
• Security within local networks
• Identifying/testing for dangerous network services
• Network security policy
• Auditing UNIX systems with COPS, Tripwire and other tools
• TCP/IP services and protecting individual hosts with wrappers
• Firewalls--screening routers, bastion hosts, proxy and application servers
• Hiding internal networks
• Responding to attacks

Advanced UNIX and TCP/IP Security

Course Outline:

Introduction

Motivation and Network Security Policy

Network probes

Using DNS to probe networks

Using software to probe addresses

Network-based attacks

Gaining entry using network utilities

Using sendmail to gain entry

Recent exploits (NFS, Binmail, Rootkit)

Mitnik's attacks, SATAN

Hardening UNIX systems to prevent successful attacks

Login accounts and the passwd file

Restricted accounts

User and system file permissions and ownership

Setting up and Using COPS and Tripwire

Securing Individual Systems Network Configuration

Configuring /etc/inetd.conf

Setting up and using TCP Wrappers

Portmapper replacement

Detecting intruders and watching logs

Understanding TCP/IP Protocols

Internet Protocols and Network Layer

IP layer and related security issues

The transport layer and sequence number attack

Application layer protocols and problems

The future of TCP/IP

Firewalls

Firewall designs

Using routers in firewalls

Other packet filtering solutions

Bastion hosts, application and proxy servers

Monitoring tools, getting help

Encryption and authentication

References

Appendix

A: Example of simple TIS proxy server