images from awg ’96 on tour with d y smith u

The Journal of AUUG Inc. Volume 17, Numbers 5 and 6OctobedDecember 1996

UISSN 1035-7521

Images from AWG ’96

On Tour with D y Smith

U

S!

more..

Print post approved by Australia Post - PP2391500002

AUUGNVolume 17, Numbers 5

and 6October/December 1996AUUG Membership & GeneralCorrespondenceThe AUUG SecretaryPO Box 366Kensington NSW 2033Tel: (02) 361 5994Fax: (02) 332 4066Freephone: 1-800-625-655E-mail: [email protected] ExecutivePresident: Michael Paddonmwp @aba.net.auKodak173 Elizabeth St.Coburg VlC 3058Vice President: Glenn Huxtableglenn @ fs.com.auFunctional SoftwarePO Box 192Leederville WA 6903Secretary: Peter [email protected]/GEC MarconiSystemsPO Box 4806Unit 7, 10 Kennedy St.Kingston ACT 2604Treasurer: Stephen Boucherstephen @ mtiame.rntia.oz.auMTIA509 St. Kilda RoadMelbourne VIC 3004Committee Members:Phil McCrea (Past President:)pmc @ syd.dit.csiro.auDivision of InformationTechnologyCSIROBuilding E6BMacquarie University NSW2113Frank Crawfordfrank @ atom.ansto.gov.auANSTOPrivate Mail Bag 1Menai NSW 2234Lucy [email protected] Pty, Ltd.PO Box 305Strawberry Hills NSW 2021Chris Maltbychris @sw. oz.auSoftway Pty. Ltd.PO Box 305Strawberry Hills NSW 2021David PurdueDavid. Purdue @ a us. sun. comSunSoft119 Willoughby Rd.Crows Nest NSW 2065

AUUGN Business ManagerElizabeth [email protected]

Table of Contents

Editorial ................................................................................3

President’s column ................................................................3

Formation of ISOC-AU .........................................................7

On Tour: Security Seminar ....................................................8

Standards groups do not stand still .....................................11

Searching for needles in haystacks:an Internet detective story ....................................................12

Scientific Computing: A forgotten discipline? ......................13

AUUG Key Signing Service ...................................................14

How Do You Make Use of Petaflops? .................................14

How to Handle Spamming ...................................................16

Internet security - what technology can solve! ......................17

Modern Operating Systems UnleashPentium’s Hardware Power ..................................................18

Name.Space vs. DNS ............................................................19

New Products .......................................................................22

Book Reviews ........................................................................24

AUUG News: Canberra ........................................................34

AUUG News: Darwin ..........................................................34

AUUG News: NSW Chapter ................................................35

Images from the Chapter Council Meeting ............................37

UNIX Tricks & Traps ............................................................38

Images from AUUG ’96 .........................................................40

AUUG Inc. acknowledges thegenerous support of its

corporate sponsors...

October/December 1996 1

ContributionAUUGN

Deadlinesin 1997

Vol 18, #1 (February ’97)" January 17 1997

foI"

PO Box 366Kensington NSW 2033AUUGN CorrespondencePlease send all correspondenceregarding AUUGN to:AUUGN EditorPO Box 366Kensington NSW 2033E-mail: auugn @auug.org.auSubmission GuidelinesSubmission guidelines forAUUGN contributions areregularly posted on theaus.org.auug news group.They are also available from theAUUG World Wide Web site athttp://www.auug.org.auAlternately, e-mail to the abovecorrespondence address,requesting a copy.AUUGN Back-issuesA variety of back-issues ofAUUGN are still available; forprice and availability details,please contact the AUUGSecretariat, or write to:AUUG Inc.Back Issues DepartmentPO Box 366Kensington NSW 2033AustraliaConference ProceedingsA limited number of copies ofthe Conference Proceedingsfrom previous AUUGConferences are still available,at $50 each for members, and$60 for non-members. Contactthe AUUG Secretariat fordetails.Mailing ListsInquiries regarding thepurchase of the AUUGN mailinglist should be directed to theAUUG Secretariat. Telephone(02) 361 5994 during businesshours, or Fax (02) 332 4066.DisclaimerOpinions expressed by theauthors and reviewers are notnecessarily those of AUUGIncorporated, its Journal, or itseditorial committee.Copyright InformationCopyright ©1995 AUUGIncorporated. All rightsreserved. AUUGN is the journalof AUUG Incorporated, anorganisation with the aim ofpromoting knowledge andunderstanding of OpenSystems, but notincluding, _restricted to, the UNIX~ system,networking, graphics, userinterfaces and programmingand development environments,and related standards.Copying without fee ispermitted, provided that copiesare made without modification,and are not made or distributedfor commercial advantage.

2 AUUGN: The Journal of AUUG Inc.

EditorialGf)nther Feuereisen <gunther@ibm. net>

The first thing you might have asked when yousaw AUUGN in the mail was "Where’s theOctober issue?". The past few months have seenseveral changes on the Editorial board, includingthe farewell of Phil Anderson from the helm.

In the ensuing chaos, we found that by the time wehad figured out what was going on, October waslong gone. So we decided to sail full steam aheadand bring out the value-packed bumper holidayissue - and that’s what you hold in your handsright now!

Amongst the changes, Matthew Dawson from theNSW branch of AUUG has joined the fray, alongwith Frank Crawford and Liz Egan, and yours trulyat the wheel, we hope to bring fun packedadventures (or if not, some interesting reading) infuture issues. Plans are already afoot for next year -look out for some changes in AUUGN in ’97.

Alas, Phil has had to move on, but I’d like to thankhim on behalf of AUUG members for his work onAUUGN. If not for Phil’s undertaking, AUUGNmay have faded away into nothingness.

So, sit back, pour yourself another glass ofsomething bad-for-your-body and enjoy the issue!

As it’s the festive season - from all of us here, wehope you have a Merry Christmas and a happyNew Year!

See you in ’97! .:,

President’s ColumnMichael Paddon

It can be argued that industry of ours requires acertain commitment, or even obsession, if you trulywish to succeed. Perhaps it is inherent in theexacting nature of the software business, where onemisplaced detail can separate achievement fromdisaster. In any case, whether you are designing,building, explaining or selling, ours is a vocationthat demands focus.

Now, of course, a broad brush assertion such as thisis best debated over a fine wine of some description,

so please take this opportunity to equip yourselfnow before we proceed any further.

Back again? Excellent, let’s forge ahead.

In many ways, it is obsession that makes ourindustry tick over. It is from this motivation thatsprings the finely crafted code, and the urge toshare our labours freely. Only a remarkable single-mindedness can explain the creation of an operatingsystem in which everything is a file, or a globalnetwork built from a single protocol.

It is this level of intent which produces thesoftware that we all admire (a long list isavailable upon request...). But even moreadmirable is the immense purpose and energydisplayed by the creators of the code we love torun; indeed, it is a quality that transcendstechnical merit and engineering philosophy.

Let’s make a leap of faith. We are all creators inour industry, each and every one of us. Sure, we alldo different jobs, and sometimes our contributionsare not as visible as those of, say, Dennis Ritchie orLarry Wall or James Gosling or [insert favouriteicon here]. Nevertheless, we add a piece ofourselves to the world, and change it a bit in theprocess every day. Such is the beauty of outindustry.

As an aside, its is amusing to note that many of uswould probably be doing what we are today, evenif we didn’t get paid. Don’t tell my boss...

So, what the hell is this reflection doing in anAUUG column? Well, quite simply, while we areall creative, obsessed and focused people, our dear-old AUUG hasn’t reflected our temperament. Infact, over the years AUUG has grown fat andcomplacent and, well, kind of comfortable.

Let’s not dwell on examples... I think you all knowwhat I mean.

The news is simple: this has all changed. It hasn’thappened overnight, however. The AUUGexecutive has been working hard for over two yearsto re-orient our organisation, and to give it a good,old fashioned cold boot.

The results are starting to be visible. We ran tworoadshows in 1996:

David Flanagan’s Java tutorial and Danny Smith’ssecurity update. Both were well attended, and

Volume 17, Numbers 5 and 6 3

generated enough income to enable us to plan threesimilar events next year.

In addition, we ensured that every state andterritory hosted at least one of these event. If youonly got to see one, .we truly regret it, but ourgeography makes visiting every chapter in twoweeks a somewhat daunting task. In any case, weremain committed to servicing all of our members,throughout the country, to the limits of ourabilities.

This commitment is also reflected in a new venuefor the Winter Conference. AUUG 97 will be heldin Brisbane, breaking a Melbourne-Sydney duopolyof almost a decade. Generating and substantiatingthe support to hold an AUUG conference in anotherstate has been a personal goal of mine since electionto the executive, and it is with great satisfactionthat I make this announcement.

Another indicator of our new aggressiveness is thetheme of the conference: "Technical Solutions". It’stime for AUUG to remember that it’s raison d’etreis to support and articulate for the technical opensystems community. Encouragingly, our sponsorshave been very supportive of our newly found focus,feeling that a stronger technical AUUG willenhance their marketplace opportunities.

Mark White and George Michaelson are alreadyhard at work on the 1997 conference, as theconference chair and programme chairrespectively. If you wish to volunteer your time totheir endeavours, please don’t hesitate to get intouch with them. Soon, also, you will be seeing thecall for papers, and you will remember mystatement that the best way to help out is to submityour work for consideration.

Another sign of change you’ll see is in the neweditorship of AUUGN. Phil Anderson hasperformed a sterling job of recreating our journal toreflect the priorities of the current executive,without losing continuity with the AUUGN ofyesteryear. The result is a leaner and meanerpublication that will bear Phil’s stamp for manyyears to come.

To our deep regret, Phil has had to relinquish theeditorship of AUUGN due to other commitments (Iwarned you about getting a life, didn’t I?), and therole is being taken up by Gunther Feuereisen,starting with this issue. Thanks for everything,Phil. AUUG would have been a much poorer placewithout your efforts.

As Gunther comes to grips with AUUGN, you willbe seeing more changes again. The executive hasalready discussed the benefits of a quarterlyAUUGN as opposed to the current two-monthlyschedule. We would be most interested in anyopinions you have around AUUGN, schedulerelated or otherwise, and I am sure that Guntherwould be particularly encouraged by submissions forpublication.

There is no doubt that each of these changes that Ihave touched upon will upset some. I, and theAUUG executive, offer no apologies for this. Ourorganisation was running in grave danger ofbecoming less and less relevant to you, the members,and we have been forced to reassess why we existand what we can deliver.

If you feel a resonance with our goals, however; ifyou believe that a strong technical user group has aplace to play in our industry for the betterment ofthe science of design, the engineering of code, theart of management and the plying of commerce,then we are grateful for you continued support.

To round off my report, I’d like to touch upon somerecent activities of interest. The AUUG ChapterCouncil is held once a year, and is a chance for allthe regional groups to get together and do somecombined planning. This year’s council discussedseveral issues: how to stage interesting localmeetings (and entice the you to attend), schedulingthe Chapter Technical Conferences to allow aninternational visitor to be shared around thecountry and, inevitably, finances.

AUUG has roughly the same level of assets as ithad three years ago, however, in the interveningtime we have set up the chapter system and beenvery effective at distributing funds for regional use.The upshot of this is that where we used to haveone big bucket of money, there is now a number ofsmaller buckets. At the Council it was decided tocombine these buckets back together again, witheach chapter’s funds still being accounted forseparately, into a single pool. This will allow amuch more effective use of funds, especially inrespect to cash flow management and interest rates.

Another event of recent note was the formalcreation of ISOC-AU, the Internet Society ofAustralia, and the election of their board ofmanagement. AUUG has actively supported theestablishment of ISOC-AU and we are enormouslypleased to see this process bear fruii. AUUG seesISOC-AU as a sibling body (indeed we share muchthe same membership, and many of the same


concerns) and we look forward to working closelywith them to promote the Internet, open systemsand the interests of our respective memberships.

Last, but certainly not least, please allow me todraw you attention to the re-publication of JohnLion’s 6th Edition Unix book. This famous volumecontains the entire source to 6th Edition as well asdetailed notes and annotations explaining the code.The reprint also contains additional commentaryfrom various well known writers, which addperspective to the original text.

I could go on and on about the cool cover, etc, etc, butlet’s cut to the chase. Once upon a time you had toscrounge a 5th generation photocopy to own one ofthese. Now you can buy a legitimate copy of thispiece of Unix history, and it won’t get all dog earedand fall apart. What are you waiting for?

You’re waiting for the 15% discount AUUG hasarranged of course. Check out this issue of AUUGNor get in touch with us for more information.

Finally, on behalf of AUUG, I’d like to wish you asafe an enjoyable holiday season. See you all nextyear! ":"

is your journal!

Without you, there is noAUUGN: if you’veknowledge to share,share it through AUUG’sbimonthly journal.

You’ll be reaching over700 individuals, and morethan 300 organisationsinvolved in the UNIX/Open Systems world.

We’ re looking for:

Talk to your localChapter contact forideas, and seeelsewhere in thisissue for submissionguidelines.

,Papers-Reviews,Articles,News,Comment

Pauline Van Winsen and Liz Egan (AUUG Business Manager)

showing us their preferred caffeine source :-)

i

Volume 17, Numbers 5 and 6

i

UNIX~AND OPEN SYSTEMS U~RS

The AUUG Technlcl/Conflren~ Ser/e~ will be hell Australia wide in eve~/state ~ territory, betwee~ February and April1997 with the following dates confirmed:

¯ Canberra 12-14 February ’ Sydney 20-21 February ¯ Melbourne 25-26 February¯ Hobart 19 Februaw ¯ Darwin 17-19 February ¯ Brisbane 24 April¯ Perth TBA ¯ Adelaide TBA

Dates for Perth and Adelaide are currently being confirmed and as each city Fmalises their date, it is being posted on the AUUGweb page at http-J/www.auug.org.au along with further infocmation.

AUUG invites proposals for papers and tutorials relating to the technical aspects of Unix and Open systems.

Presentations may be formatted as tutorials or technical papers, and shoull be geared at an audience requiring in-depth knowl-edge.

Technical presentations shoull be approximately 45 minutes, including a 5-10 minute question time.

Tutorials, provlling a more thorough presentation, should be either a haft-day or a full-day in duration.

Submission Guidelines

Those proposing to present papers shoull submit an extended ebsUact (1-3 I:~les) a~l a brief b~raphy.

Those submitting tutorial proposals shoull submit a plan for the tutorial and a brief biography.

Please ind..ate on your proposal whether it is a paper or tutorial, and for tutoriab whether they are half day or full day.

Location

The conference series will be hell Australia wide, so please indicate in which city you wish to present - however, you can do soin more than onell

Speaker Incentive4

Presenters of papers are a~forded complimentary conference registration.

Tutorial Incentives

Tutorial presenters will receive either a flat fee or a negotiated percentage of their tutorial profiL

Formationof ISOC-AUFrank Crawford

Australia is about to enter a new era as far as theInternet is concerned. On the 15th November, theInternet Society of Australia (ISOC-AU) wasformed, and more importantly, their InauguralGeneral Meeting will be held in Sydney onWednesday 27th November, at the HaymarketCampus of UTS. In fact, this is not far from wherethe Interop Exhibition is being held. More detailsof the IGM can be found on the society’s web page athttp://www.isoc-au.org.au/.

Why is this important? It allows Australia tohave a much bigger say in the structure of theInternet world-wide. As far as any group on theInternet can be said to control the Internet, theInternet Society is the governing body, and ISOC-AU is a chapter of the world-wide body.

The roles of the Internet Society are varied, butprimarily to maintain and extend the developmentand availability of the Internet and its associatedtechnologies and applications. It does this bymanaging the standards process, including InternetRFC’s, conference and general dissemination ofinformation.

It is notionally the source of authority for Internetdomain names, although they do not reallyexercise this authority, preferring to delegate it toother groups. This has some relevance to thecurrent debate on domain names within Australia,however, ISOC-AU has no intention of beinginvolved in this at the present time.

What ISOC-AU is more interested in is inestablishing an body that represents the Internetusers in Australia, be they individuals ororganisations, both nationally and overseas.While there are a number of organisations thatrepresent different parts of the Internet community,be they service providers, system and networkadministrators or the general users, there is noorganisation that attempts to represent them all.This is the aim of ISOC-AU.

ISOC-AU currently only accepts individual andstudent members, and fairly obviously, is attractingmost of the influential people in the Internet scene

in Australia. These include Geoff Huston, HughIrvine and Bob Kummerfeld who have acted as thefounding board guiding the organisation through tothe Inaugural General Meeting.

As well it has the declared support of AUUG,SAGE-AU, ACS and the major ISP’s withinAustralia. All these groups can see the advantageof the formation of ISOC-AU, as a means offocusing the Internet work within Australia and toprovide access to the wider global Internetcommunity.

Founding membership is currently available, andwill be until the IGM, on the 27th November. Aswell, a call for nominations for the initial Board ofDirectors has gone out, and is open to anyone who isa member by the time of the IGM. For those whoaren’t able to join before the 27th, membership willbe available at UTS, just prior to the IGM, or at theISOC-AU booth in the Interop Exhibition.

More information about the formation of ISOC-AUcan be found on their Web page, http://www.isoc-au.org.au/, which includes the details ofmembership, a list of the current nominations fordirectors, and other information relevant to theorganisation.

As a final note, ISOC-AU is keen to involve asmany people as possible, with plans for those notable to physically be at the IGM, to be able toparticipate from regional centres, over the Internet.


On Tour:Security SeminarLucy Chubb

Danny Smith, Operational Manager of AUSCERT,is certainty someone whom you would expect toknow what he’s talking about when it comes tocomputer security. Over 150 people aroundAustralia came to hear Danny give his one daytutorial during November on a tour of variouscapital cities organised by AUUG.

In Sydney, his fifth presentation in this series,Danny took the absence of a carousel on theprojector in his stride and spoke directly from theprinted notes until morning tea.

Danny talked about the nature of security and somecommon misbeliefs such as putting effort intocountering accidental threats while not botheringas much about deliberate threats or the belief thata firewall by itself will make a network securewithout worrying about other aspects of security(the "hard crunchy shell with a soft chewyinside").

An overview of the changing nature of securityincidents reflected the changes in the size of theInternet and the type of users making up the bulk ofthat increase. There are many new users and newsites which don’t have any security experience.Moreover, intruders have been working on new andmore sophisticated attacks and communicatingthem amongst their peers very effectively using,for example, anonymous ftp servers. Some verysophisticated attacks based on the analysis ofoperating systems source code and standard Internetprotocols are now being seen.

Effective security requires a security policy. Thatsecurity policy has to have the right things in itand be tested (all software has bugs the first timeit’s run, doesn’t it? Why should the security policybe different? Do you really want to find out whatyou should have done after a disaster happens?).Even if the policy is right for your company at onetime, that doesn’t mean it will stay that way. Thepolicy must make it a policy to update the policyregularly.

Having the right things in a policy will meanbeing able to evaluate the risks that affect yoursite properly. Some risks, like the value of (and

hence the risk of losing) reputation through beingbroken into are very hard to quantify. ForAUSCERT, for example, that reputation is almostpriceless.

One of the drawbacks of password basedauthentication is ensuring that the chosenpasswords cannot be easily cracked. The total keyspace for UNIX is quite large, but often only a tinypart of it is used - making it easy for intruders tosearch. However, there are tools to help enforcegood choice of password and alternatives such asidentity cards and biometrics (for example, fingerprints or retinal scans). Combining more than onetechnique strengthens security further.

There are a number of system administration toolsthat are not shipped by vendors, but which may beuseful for increasing security or tracing an intrusion.Danny went through a number of these anddescribed their use (being careful to point out thatthe risk from using them rests with theorganisation that decides to use them).

The sections on checking for intruders andresponding to an incident gave advice on what tolook for when an intruder is suspected and what todo (particularly as it is easy to panic and dosomething inappropriate which will make therecovery process take longer than it really neededto). AUSCERT plays a role in both preventingintrusions through Security Advisories and inassisting with a response. Anyone interested inwhat AUSCERT does and how to register can havea look at their web page athttp://www.auscert.org.au/

At the end of the tutorial Danny left time forquestions and judging by the response from theattendees at the Sydney tutorial, the question timecould have gone on for quite a bit longer if timehadn’t run out.

This has been another successful tutorial roadshow.Danny is committed to spreading the word aboutcomputer security, so when you see his name againin the future, you should seriously consider going tohear him. o;o


Danny Smith at the Security Seminar.

Danny Smith again. Somethings tells methe guy in the

front row would rather be somewhere else..


Pauline Van Winsen, Lucy Chubb (AUUG Exec) and Danny Smith looking rather angelic

Morning Tea at the Security Seminar. Looks like Frank’s preferred cookie of choice is choc-chip!


Standards groupsdo not stand stillPhil McCrea

It’s interesting to watch the current machinationsin the so-called ’open’ industry consortia groups.There are not so may of these organisations thesedays as there used to be back in the heady days ofthe Unix wars. Remember the Unix International(UI) v Open Software Foundation (OSF) wars, sobeloved by the press? These skirmishes almostsingle-handedly delivered the desktop toMicrosoft, as the opposition was fragmented andbent of demolishing each other. Microsoft didn’thave to adopt a divide-and-conquer approach - theopposition came up with it themselves.!

As time moved on and Unix became accepted as’mainstream’, gradually UI and OSF ran out ofpuff. They merged to form the Open Group earlierthis year, and in fact their new Chairman, Joe deFeo, took up the helm a few weeks ago. De Feo isthe ex chief IT manager from Barclays bank.

The X Consortium, based at MIT was another openorganisation, whose mission was to promote anddevelop the X interface standards, which formsthe basis of windowing environments on Unixworkstations. It was hoped at one stage that Xmight become a true, vendor independentwindowing environment for all workstations andPCs. Alas, whilst X is still alive and well, it haslargely been overwhelmed by the sheer marketpenetration of the Web. The X Consortium hasdecided to call it a day, and it will join the OpenGroup by the end of the year.

The other remaining open organisation which hasbeen around for some time is the Object ManagementGroup (OMG). Since the topic of objects is still ahot area, there is still a fair sized agenda forOMG. And its agenda has become a little bigger inthe past month or so, courtesy of Microsoft.Microsoft, of course, has been the bete noire of the’open’ world, choosing to establish its ownstandards and interfaces, and publishing enoughmaterial to enable third party developers to createprograms that work with their software.

Microsoft has used a plethora of terminology todescribe its interface standards, such as ObjectLinking and Embedding (OLE), Common Object

Model (COM), Distributed Common Object Model(DCOM), MAPI and ActiveX. ActiveX is the wtostrecent term and was supposed to encompass OLE andthe others. In a surprise move several weeks ago,Microsoft decided to hand ActiveX technology overto The Open Group. The Unix standards body nowembracing Microsoft standards?

There are several intriguing aspects to this move byMicrosoft.

Firstly, it’s worth noting what a little healthycompetition from Java can do!

Secondly, it has created an interesting politicalsituation between the Open Group, and OMG.OMG have been promoting its Corba architecture asthe basis of distributed objects, and virtually everysoftware vendor has pledged allegiance. ActiveX,however, is not fully compatible with Corba, andthis creates the interesting political situationwhere the Open Group and OMG are nowsupporting incompatible object standards.

Not surprisingly the non-Microsoft world, led byOracle, has reaffirmed its allegiance to Corba,which forms the basis of its Network ComputerArchitecture, which a host of hardware andsoftware vendors are supporting.

The third interesting aspect is that a recent issue ofClient Server News reports that Microsoft ishaving second thoughts about handing its crownjewels over to a standards body! Microsoft hasdeclared that OLE is apparently not now ofActiveX, and hence OLE will not actually beincluded in the material that will be handed overto the Open Group. How the Open Group reacts tothis will be interesting.

It is still the case that the term ’standards’ and’politics’ are largely synonymous when it comes toindustry bodies. Stay tuned..:.


Searching forneedles in haystacks:an Internet detectivestoryPauline van Winsen

Earlier in the year the router, the device whichconnects our company network to the Internet,started reporting that it was receiving data in theform of packets from the Internet which claimed tobe from a host on our internal network. Sendingpackets to a site with a source IP address of a hostat that site is known as IP spoofing and generallymeans someone on the Internet is up to no good.Many hosts on the Internet use source IP addressesas a means of authentication. If you can forgepackets with a source IP address of a host local to anetwork from the Internet you may gain access toservices which are supposed to be restricted to thelocal network.

At first the packets were thought to have amalicious intent as my company does a lot ofInternet security related work and the packetsstarted appearing on April Fool’s Day. OurManaging Director with his notorious sick sense ofhumour had also announced our own WWW server,http://www.uniq.com.au on the 1st April and itwas thought all these factors might be related.How wrong one can be?

When we started receiving packets from theInternet from not just one but six different hosts,concern mounted. By this time I was running reportson the router violation logs a few times a day and apattern started emerging. The violations appearedmostly between Australian Eastern Standard Timebusiness hours. I started to suspect someone, I’ll callthem "Company X" from now on, out on the Internethad picked our IP address out of the air and hadstarted using our IP address on the Internet.Company X was probably wondering why theirnetwork was performing oddly. If they were usingour IP address all their packets would wind up onour router as this is where the Internet road-mapsends packets destined for our IP address. IfCompany X managed to convince an Internet serviceprovider to change the Internet road-map to pointour IP address to their router, our legitimate trafficwould be sent to their site. This would be disastrous

for our business and presumably this problem wasalready impacting Company X business as well.

connect.com.au, our Internet service provider (ISP),were asked to investigate the packets andunfortunately they told us the packets were comingfrom outside of the connect.com.au network, mostprobably from a Telstra Internet customer or acustomer of an ISP connected to Telstra Internet.

A call was then logged with the AustralianComputer Emergency Response Team (AUSCERT).AUSCERT respond to computer security incidentswithin Australia and are an invaluable resource forany organisation connected to the Internet inAustralia. The AUSCERT staff were supportive butsaid the nature of the packets made it nearimpossible to trace, much like looking for a needlein a haystack.

Luckily we had pretty sensitive magnets and a lotof help, as it turned out, from Microsoft. Thepackets were SMB broadcast packets, the typeflying around most networks running Microsoft’sstandard LAN Manager network implementation.One of my colleagues mentioned that there was aversion of the popular ethernet snooping program,tcpdump, which decoded these packets. I quicklyfound the modified tcpdump source code on an ftpsite on the Internet. We gave a resultant modifiedtcpdump binary to connect.com.au with instructionsand waited. A few days later we obtained a log ofdecoded SMB broadcast packets destined for ournetwork. The decoded SMB packets contained userinformation and a company name. In fact,everything but the draft company report.

I used the Yellow Pages web server,http://www.yellowpages.com.au to look up thecompany name in order to find a phone number. Iwas desperately hoping Company X would be basedin Australia. It must have been my lucky week as Ifound one company in Sydney which matched thecompany name.

It was really comforting to ring Company X andfind the person who answered the phone was one ofthe users mentioned in the decoded packets.Company X was using our IP addresses because theyhad pulled our IP address out of the air when theyset up their network some years in the past.Company X believed they had securitymechanisms in place to stop traffic leaving theirnetwork for the Internet. Company X have sincealtered their network topology so that we no longersee their traffic.


What did we learn? We learnt that it is quiteexpensive when someone does the wrong thing onthe Internet however innocently. Tracking thisproblem down cost our company time and resources.We learnt that seemingly innocuous services leak alot of company information. We hope thatCompany X has learnt that it is extremely unwiseto use IP addresses which are not registered orwhich belong to some other site. If Company X hadmisconfigured other Internet services, such aselectronic mail, we could have started receivingother traffic which should have remained internalto their network.

We learnt that it was valuable to have responsivetechnical staff at the ISP as well as havingtechnical resources in house who could understandand deal with the problem. We learnt thatregistering with bodies like AUSCERT andadhering to AUSCERT advisories was of immenseimportance. We would never have realisedwe hada problem had the AUSCERT recommended antiIP-spoofing filters not been in place on our router.AUSCERT registration information can be obtainedat http://www.auscert.org.au

If you are planning on joining the Internet, makesure you understand the risks, make sure youunderstand your own network topology, make sureyou register with AUSCERT and make sure you areusing your own registered IP addresses or are usingRFC 1918 addresses behind a firewall. RFC 1918lists a large number of IP addresses which are neverto be routed on the Internet, and thus can be safelyused on internal networks with no direct Internetconnectivity. A searchable RFC index can be foundat http://www.cs.rutgers.edu/cgi-bin/rfc.

Given the number of sites which are usingunregistered IP addresses I have seen during thecourse of my work, I can only assume our problem isapparent all over the Internet. If it happens to yoursite good luck in tracking it down. If your site isusing unregistered IP addresses please rethink yournetwork topology for your own security and for thesanity of the poor site administrator whose IPaddress you have stolen. ,:,

The author, Pauline van Winsen, is a SeniorTechnical Consultant for Uniq Professional Servicesand serves on the AUUG executive committee. Shecan be reached by sending email topaul [email protected].

Scientific computing:A forgottendiscipline?Brian Salter-Duke

Phil McCrea’s comment in his the AUUGNewsletter, AUUGN,

"Very few computers are used for numbercrunching these days -

possibly only supercomputers, and the oddspreadsheet calculation"

... is so far off reality that I am beginning to thinkthere is a conspiracy to drive us poor scientificcomputing folk out of the computing world bypretending we do not exist. After all, the ACS hasignored us for years and now seems to thinkcomputing is just a branch of business management. Ithought AUUG would know better.~

It is wrong in two ways. First, lots of computers areused for number crunching. Second, they are not onlysupercomputers. Most number crunching these daysis done on UNIX workstations.

I have used the ANU Supercomputer and may use itagain, but I do not use it now. Last year, threecolleagues and I obtained a DEET Infrastructuregrant that has purchased two DEC Alpha3000/800s. Both are now flat out number crunching. Ialso have a small IBM RISC 6000 and access to alarger university one. I often drive these hardcrunching numbers. My field is computationalchemistry and it is a rapidly growing field. In theUS the number of graduates employed in this areahas been growing exponentially for 10 years. Mostare in industry. Many workstation vendors havespecifically targeted this group in their salesmaterial. Computational chemistry does includesome symbol manipulation and some CAD-likegraphics, but it uses lots of CPU hours crunchingnumbers. Most of it is done on workstations. Some isdone on fast PCs (you should have seen the fuss inour community about the pentium floating point bug

it matters). The supercomputer is often the lastresort for really big tasks. Computationalchemistry is just one of the activities that is stillhappily crunching numbers. What aboutenvironmental modelling, weather forecasting etc.All these activities are growing, not declining. The


very complex modelling of all aspects of ourcomplex world will show a vast expansion in thenext few decades.

The move here to workstations from mainframesand supercomputers has implications for AUUG.People like me are now also system administratorsandwe need to know a lot more about the operatingsystem than we did 20 or more years ago (I go back35 years to Mercury Autocode!). The operatingsystem is now almost always UNIX.

While the major of PCs are text manipulators, Iestimate a majority of workstations spend asignificant part of their time number crunching. Thepeople who run them need the support of AUUG.Just my $0.02 worth. ,:o

Brian Salter-Duke, is from the Northern TerritoryUniversity and can be reached onb_duke@lacebark, ntu. edu.au.

AUUGKey Signing ServicePauline van Winsen

At the AUUG96 and Asia Pacific World Wide WebConference held in Melbourne AUUG was pleasedto announce the provision of a new public service:signing PGP public keys for the purpose ofintroducing people to the PGP "Web of Trust" in asimple and convenient manner.

There is a publicly, and internationally, availableprivacy program called PGP, Pretty Good Privacy.PGP uses public key cryptographic techniques toallow messages to be exchanged between peopleacross public networks, while both protecting theprivacy of the contents and guaranteeingauthenticity of the sender.

One of the problems with public key cryptographicsystems has been one of authentication. How do youknow, for sure, that the person you think you aresending secret messages to is really the person youwanted to send it to? The answer to this problem isto have trusted parties who introduce you to othertrusted parties. This is what the PGPdocumentation calls the "Web of Trust".

The AUUG PGP key signing service aims to spreadthe use of PGP technology by expanding the Web of

Trust, acting as an introducer for PGP keys. AUUG,by virtue of the conferences and meetings it holds,is in a position to physically meet with people,verify their identity, and issue key signaturesattesting to their identity.

To reverse the preparation of key signing AUUGcreated some "shared secrets" which were given topeople who turned up at the AUUG stand at theAUUG96 conference, providing the person hadfilled out an appropriate form and had producedtwo forms of identification (one with aphotograph). When a holder of a shared secretcreates a PGP key they will send the public part ofthis key along with their half of the "sharedsecret" in encrypted form via email to AUUGsigned with their PGP key. If AUUG verify all theinformation they have sent is correct AUUG willsign the and return the key via email.

So what do you have to sign on the form? You statethat you are who you say you are, and indemnifyAUUG from liability if you have misrepresentedthat. You agree to notify AUUG if you revoke (orlose control) of your own key.

When you come along to a future AUUG event orlocal AUUG Chapter activity, sign the form,obtain a secret and thus organise to have your PGPkey signed. Don’t forget to bring two forms ofidentification with you.’ Make sure one of theseforms of identification includes your photograph.More information about the PGP key signing serviceis available at http://www.auug.org.au FuturePGP key signings will be available at localChapter activities and subsequent AUUG events.Please contact your local Chapter for moreinformation..:o

AUUG acknowledges the USENIX Association,whose service this is based on, and the assistance ofQualcomm Australia in implementing the serviceand providing materials.

How Do You MakeUse of Petaflops?Frank Crawford

While Australians have trouble trying to work outhow to make full use of a Pentium Pro, andAustralian industry considers a fast Workstation tobe the fastest computer they need, American


ON-00THE WEB?

WEBMASTER

WEB CLIENT PROGRAMMINGWITH PERL

By Clinton WangISBN 1-56592-214-X, $59.95

Due Date: 12196Teaches you the basics of how browserscommunicate with servers and hmv to

write ),our mvn customised Web clientsto auromare common tasks.

Getting ~Connected

GETTING CONNECTEDBy Kevin Dowd

ISBN 1-56592-203-4, $59.95A complete guide for businesses,

schools, and other organisations whowant to connect their computers ro theInternet. Covers everything you need to

know, from helping you figure outwhich services you really need, ro

providing down-to-earth explanations oftelecommunication options.

UNIX SysProgramming

uu<p

USING & MANAGING UUCIBy Ed Ravin, Tim O’Reilly

Dale Dougherty & Grace TadinoISBH 1-56592-153-4 $59.95

Using &Managing UUCP describes, inone volume, this popular communica~tions and file transfer program. UUGP

is very attractive to computer u~ers Withlimited resources, a small madaine,~md

a dial-up connection.

UNIX SYSTEMS PROGRAMMING::.~FOR SVR4 ~

Byi:David A. Curry::.ISBN 1~56592-163-1, $69A5

A comprel~n~ive look at the~k9, gritLTd~ails Or;lmw UNIX ~t~cs with

alsp!isatior~. If you’re writing an appli-cati6n:from scratch, or if you’re porting

an application to an), System V.4platform, you need this book.

O’RE LLYTM

i. : DNS & BIND, 2ND EDITION: By Paul Albitz & Cricket Liu: 7: ISBN 1-56592-236-0, $65.00

Due Date: 1/97This book is a complete guide to the

Imernet’s Domain Name Sysmm and theBerkeley Interner Name Domain soft-ware. This second edition covers Bind

4.8.3, which is included in most vendorimplementations today, as well as Bind4.9.~, the potential furore standard.

DISTRIBUTED IN AUSTRALIA BY WOODSLANE PTY LTDPhone (02} 9970 5111 Fax (02) 9970 5002 [email protected]

PO Box 935 Mona Vale NSW 2103

researcher’s are looking at developing computersthat run at Petaflop rates.

To understand this, 1 Megaflop is one millionFloating Point Operations per second, and is thestandard measurement used in high performancecomputing, where floating point calculations arefar more important than a simple count of machineinstructions (MIPS). Further, there is no generalrelationship between MIPS and FLOPS, as the thisis very dependent on the machine architecture.

Put in more common terms, a 200MHz Pentium Prohas been rated at 13.733 Mflops, while a 120MHzPentium has been rated at 3.121 Mflops. Looking atmore powerful machines, a Fujitsu VP2200, asupercomputer of five years ago, had a rating ofabout 25 Mflops in scalar mode and 1.25 gigaflops(Gflops) or 1250 Mflops. ANU’s new VPP300 hasthirteen 2.2 Mflops processors, giving atheoretically maximum performance of 28.6 Gflops.

Taken even further, the US Grand Challengeproblems require systems that are capable of 1teraflops (Tflops) or 1000 Gflops. Now, researchersare planning systems that will run at 1 petaflops or1000 Tflops. If all this power could be harnessedfor a single job, then it would be able to perform theequivalent of 2 years of calculations on a PentiumPro in a single second.

However, in reality, this is not how such a systemwould be used. For a start, such performance is onlyachieved through the use of massively parallelarchitectures. It is estimated that a petaflopssystem would require over 10,000 processors, andthe complexity of programming such a systemmakes it unlikely that the theoretical maximumcould be sustained for very long.

Even more importantly, it would be very rare thata single job would have access to the entireresources of such a system, rather a number ofresearchers would have access to a subset of theresources. As an example, while in exceptionalcases it may be possible to get access to all thirteenprocessors on ANU’s system, the most madeavailable for normal jobs is only 8, and for certainclasses of jobs, only a single processor.

Now of more interest in the use of such systems, isthe issue of programming. As has previously beendemonstrated with such systems as ThinkingMachine’s CM2 and CM5, programming massivelyparallel systems is a complicated process, and onlysuitable for a limited range of problems.Programming these systems will be performed by

specialists, who will aim to get the maximumadvantage from the use of the architecture anddesign of the entire system.

The architecture of the petaflops system is just ascomplicated as the details of the individualprocessors. The problem of keeping data flow up tothe system, either from RAM or from even slowerperipherals, will provide challenges both forhardware designers and programmers. Considerhow fast a Pentium would run if it had no RAM,and all data access was directly from the harddisk.

Even more of a problem is the issue of I/O data ratefor those using the system. Imagine how much datacan be generated on a PC in two years, and thencompress that to one second. Presented in atraditional form it would certainly be aninformation overload, and hence, new presentationmechanisms will need to be explored.

Finally, such a system is unlikely ever to be seen inAustralia simply because of the cost. When mostcorporations can fulfill all their needs with apowerful workstation, and those that need a bitmore power are usually part of a multinational,and can use the bigger systems of their overseasparent, none are likely to invest in such computingpower here. o,"o

How to HandleSpammingCatherine Allen

One of my favourite things in the world is email:what better medium to say hi to a friend or to shareimportant work-related information? Email is thekeystone of the paperless office and the tele-commuter’s life-line - I think it’s the best thingssince sliced bread! Unfortunately, I’m not the onlyone who thinks so - hordes of marketing warmabessee email as a great way of reaching thousands (ormillions) of people at almost no cost to themselves.In cyberspace, this sort of email is known as"spam".

What’s so bad about spam?

Firstly, many Internet Service Providers (ISPs)worldwide charge by the amount of informationreceived, so the receiver of the spam pays for it,even though they didn’t want it! Secondly, it’s


very difficult to hang an effective "no junk mail"sign on your electronic mailbox.

Thirdly, and perhaps most importantly, mostspams are not the innocent glossy brochures you findin your mailbox on a Saturday - they’re often make-money-fast scams or highly offensive rhetoric. Themost recent spam I received was an offer to sellchild pornography.

So how can you protect yourself (and your lovedones) from the evil of spam?

1. Check that your ISP’s Acceptable Use Agreementincludes penalties for

Internet abuse like spams.2. Check out the filtering capabilities of yourmailer. If it doesn’t have any,

look into getting a mail filter.3. Many automated address collectors usenewsgroup archives to gain address

lists, so if you post to news, use an email addresslike "NO_JUNK_MAIL@anywhere" or"John. Doe@anISP. ne t. au@remove, this. to. email.me".

These invalid addresses may fool the automatedaddress collectors but

(hopefully) won’t fool real people who want tocontact you.

What should you do if you receive a spam?

1. Do not reply to the sender - spammers often fakethe return address.Do not send email "bombs".Do not make a denial-of-service attack against

the address or site wherethe mail appears to have originated as these may

be fake.

2. Check that your mailer is showing all possibleemail headers.

Lines which start with the following keywordsgive clues about the

identity and location of the spammer (althoughsome may be faked):

From:Sender:X-Sender:Reply-To:Errors-To:Return-path:Path:Received:

3. Make a list of all hostnames and domainsmentioned in the headers and

the body of the message.

4. Contact your system administrator (or the helpdesk of your ISP) with

this list. They can use this information to contactthe spammer’s ISP,

which will hopefully deal with the spammer inan appropriate way.

5. If the spam continues, post a copy with fullheaders to the newsgroup

news.admin.net-abuse.misc

If the spam includes references to pornography orother illegal activity (like pyramid scams or chainletters), it may be worthwhile suggesting that yourISP contacts the Australian Federal Police aboutthe matter. ,:o

For more information, please seeh ttp://kryten, eng. monash.edu.au/gspam, h tml

Internet securitywhat technologycan’t solve!Pauline van Winsen

In the last few months there have been a raft ofnewly exploited Internet attacks. Some of theattacks aim to destroy or ruin an organisation’sreputation by altering their web pages. This attackwas successful against both the CIA and the USDepartment of Justice. Other attacks are basedpurely on denying service to an organisation byflooding their site with particular packets. Thislast attack is known as a "SYN" attack and hasbeen used to put Internet Service Providers offthe air.

The latest version (8.8) of sendmail, the popularimplementation of the mail transport protocol, wasreleased complete with a major securityvulnerability. Unfortunately, another securityvulnerability was found in the patched release sothis was replaced shortly after by sendmail-8.8.2.

These three separate attacks highlight the manyissues owning an Internet presence whichtechnology fails to address. These issues include:

- Cost of ownership - an organisation has to investresources in making sure their security technology is


up to date. History has shown that as soon as onevulnerability is closed, another one will be found.

- The risks of extending trust to an Internet ServiceProvider - how secure is your ISP’s web site and canyou be confident about the integrity of yourorganisation’s web pages?

- What is secure today will probably be insecuretomorrow - what processes does your organisationgo through to ensure that the Internet technology isresistant to known attacks?

- Intruder detection and incident response - Howdoes your organisation know when it has suffered asecurity breach and how does it respond when abreach is discovered?

Unfortunately many of the decisions surroundingthese issues are not addressed at all or are left to besolved by systems administrators, externalcontractors or security technology vendors. Thesepeople will no doubt have the organisation’s bestinterests in mind, however they may not be awareof all the requirements to protect data andinfrastructure. Typically they do not address legalrequirements to protect information.

It is also an unfortunate fact that manyorganisations do not invest in developing policiesand procedures to address non-technical securityissues until they have been successfully attacked. Arecent survey has also shown that manyorganisations also are attacked by insiders.

However, there are a large number of steps anorganisation can take to minimise the risks of asuccessful attack:

- Assessing the risks involved with having anInternet presence.

- Developing a site security policy and incidentresponse plan.

- Providing adequate training and backup for keypersonnel.

- Ensuring that key personnel are kept up to datewith security vulnerability information. E.g. byreading security related mailing lists.

- Registering with a body such as AUSCERT, theAustralian Computer Emergency Response Team,which can provide invaluable help with incidentresponse as well as detailed information ondefeating known vulnerabilities.

One of the best resources for computer securityrelated material on the Internet can be found athttp://www.cs.purdue.edu/coast/. COAST isComputer Operations, Audit and SecurityTechnology, a multiple project, multipleinvestigator laboratory in computer securityresearch.

The O’Reilly & Associates books, ’BuildingInternet Firewalls’ by Chapman & Zwicky and’Practical UNIX and Internet Security’ byGarfinkel & Spafford provide invaluablereferences to anyone involved in the computersecurity field, o:o

Modern OperatingSystems UnleashPentium HardwarePowerRob KolstadPresident of Berkeley Software Design, Inc.

Too often, users install shiny new computer systemswhose processors run twice as fast as their oldsystems only to find that their applications run justa bit faster than before. They install more RAM,more disk, more swap space yet still find marginalimprovement.

Intel Pentium systems and the new Pentium Prosystems have incredible computing power that canbe unleashed by modern operating systems.Clocking in at 100 and 200 MIPS respectively, userscan harness these engines to deliver incredibleperformance for networking, file serving, and otherapplications.

Why do users so often observe less than dramaticspeedups? Because their operating systems are notoptimized for performance. The popular MicroSoftoperating systems are optimized for backwardcompatibility, ease of new device addition, and foruse by novices who make problems when theypower down the computer while it is running, forinstance. This eliminates certain strategies whichcan improve performance. Likewise, generic devicedrivers rob systems of their power. Backwardcompatibility adds overhead every time thesystem is used (for instance, for input/output ornetworking).


Alternatively, operating systems written in thestyle of UNIX provide astounding performance.Device drivers are optimized to achieve maximumthroughput, disk operations are conserved bykeeping often-used disk blocks in memory, andsystem services are streamlined to offer the bestpossible performance.

So what does "written in the style of UNIX’ imply?It means that:

All vendors have an opportunity to createblazingly fast applications (unlike Windowssystems where MicroSoft uses certain undocumentedWindows NT features to speed their Web server).

Users can purchase hardware at the level theyneed, without buying extra power they can neverharness.

Off-the-shelf PC’s can fill roles normallyreserved for their far more expensive workstationcousins.

By way of example, my company’s BSD/OSoperating system, when operating on a Pentium-Proprocessor (200 MIPS), can serve web pages at therate of over 43,000,000 per day! This hardwarecosts about A$7,500. Of course, a web server runningthat fast requires a 45,000,000 bit/second line -- 30times faster than the high speed T-1 lines that runat 1,540,000 bits/second (just under 200,000bytes/second).

When operating on an off-the-shelf P5/133processor, the BSDI-based server fulfills over1,200,000 HTML requests per hour, over 28 millionhits/day.

How do these systems deliver such incrediblepower? They implement the wisdom of 25 years ofoperating system development.

When a web page is used with any frequency at all,it is kept in high speed RAM. Likewise, diskblocks. Disk device drivers are written to squeezeevery nanosecond out of the critical code thatdetermines which block to readnext. By saving revolutions of the disk and"chaining’ operations quickly, BSD/OS can run newhigh-speed disks at their full 5 MB/secondcapacity. That’s 50 times faster than the mid-1980’s when 0.1 MB/second was considered high.speed. Processors are also 50 times faster. Thisbalance, when coupled with ever-growing andever-cheaper RAM (4x cheaper than one year ago),

enable super-servers to be constructed fromcommodity-priced run-of-the-mill PCs.

Good software can make all the difference.Consider all the options before opting for expensiveservers from workstation companies. High-end (butlow cost) Pentium processors can beat all but themost expensive workstations at their own game. o~o

Name.Space vs DNSDavid Purdue

On the 12th of November an Article entitled "Yes,we can all win the Internet Name Game" appearedon the front page of The Australian’s Computers &High Technology Section.

The article lauded the achievements of one PaulGarrin, who has set up "Name.Space", analternative implementation of the Internet DomainName Service.

The Domain Name Service (DNS) is themechanism used by the Internet to translate easy toremember names (e.g. www.auug.org.au) into hardto remember IP addresses (e.g. 203.10.76.35).

DNS functions as a distributed database, organisedin a hierarchical fashion. At the top of the DNShierarchy there are designated root servers. (Incomputing, roots are always at the top.) These rootserver delegate responsibility for top leveldomains (such as .corn or .edu or .au) to otherservers, and they in turn delegate responsibility forlower level domains to other servers.

Recently the DNS system has received somecriticism, for two main reasons.

One is that it is getting increasingly difficult toregister the name you want, especially in the .comor .com.au domains.

The other is that the government agencies andvolunteers who used to administrate the top leveldomains have passed this responsibility over toprivate companies, who are charging for themaintenance of domain names.

Unless you an administrator at an ISP or the ownerof one of these domain names the whole process isprobably invisible to you.


What Mr Garrin has done is set up a new andseparate Domain Name Service. This is easyenough to do - all you need is your own set of rootlevel servers and enough people willing torecognise their authority to delegate parts of theDNS name space.

The Australian article claimed that this was agood thing, because Name.Space charge less fordomain registration, and because they havereplaced the boring InterNIC top level domains(like .com, .edu and .au) with racier and jucier oneslike .zone, .cafe and .sex.

Mr Garrin encourages others to set up similar DNSname spaces in the spirit of competition and freeenterprise.

I, however, would argue that a plethora ofcompeting Domain Name Services is a bad thing -and my argument is based on the overridingprinciples of the Internet and indeed the principlesof AUUG.

The Internet works only because those who connectto it agree to communicate with each other using astandard, well defined and published set ofcommunication protocols, usually referred to asTCP/IP, and defined in the Internet RFC’s.

AUUG is interested in and promotes the Internetbecause it is based on open standards.

One of the things we agree upon when wecommunicate is how to translate domain names intoIP addresses. The Internet RFC’s say that theauthority to determine domain names liesultimately with the Internet Assigned NumbersAuthority (IANA).

Just as it is IANA’s responsibility to ensure thatevery machine on the Internet is allocated a uniqueIP address, it is also ultimately theirresponsibility to ensure there are no clashes in thename space.

However if people go around setting up their ownDNS systems, then this is impossible to enforce.The independent DNS’s can only exist if usersignore IANA’s authority to delegate domainnames.

There are two ways competing DNS systems couldoperate - they could either be totally separate or.they could exchange information about each other’sname spaces.

If they are separate, then it could become nearlyimpossible to send e-mail. To receive e-mail youwould need an address in each name space, so thatmy InterNIC address would [email protected], my Name.Space addresswould be [email protected], while in Joe’sDiscount Names I am known [email protected] (Joe’s names aren’tvery good, which is why they are cheap). Youdon’t know which name space the sender will beusing to send you mail, and it is not always easy tochange name spaces mid-stream. My business cardwill have to .be a foot long!

If all the DNS’s do exchange information, then itjust shifts one of the problems with the existingDNS up a level. Instead of slugging it out for yourfavourite domain in .com, you will slug it out at theroot level.

Remember that while you can register whatevername you like in Name.Space, your name will onlybe seen by those who agree to use Name.Space’sroot DNS servers rather than those designated bythe IANA.

I do not claim that the current DNS system is.perfect. It is experiencing problems that have beenbrought on by the changing nature of the Internet,and it will be some time before the Internetcommunity can come to an agreement on the bestway to solve these problems.

However I do not believe that setting up a plethoraof competing domain name systems, however "freemarket" and "competitive" that may be, is thesolution to the Internet’s naming woes. o~o


NEW! from Addison Wesley Longman

The Complete PC Upgrade & Maintenance Guide 7th Ed.

This completely revised, rewritten andupdated edition~i~:~ontains 2 fantastic CDs.

The first CD includes professionalupgrade video clips from Mark Minasi’sown seminars. Also included arevaluable diagnostic and utility programs.

The second CD is an exclusive, commer-cial multimedia product called PCtuning, which merges videos, hypertext,sound and jargon free steps on how tosuccesfully upgrade and maintain yourcomputer.

ISBN: 0 7821 1956 5 RRP $109.95

This edition also contains a new, 115-page Hardware Dictionary!

A UUG Members

Please post or fax to Alison Barr, Trade Marketing Coordinator at Addison Wesley Longman95 Coventry Street, South Melbourne Victoria 3205 Ph (03) 9697 0664 Fax: (03) 9699 2041.

Title Price

Title Price

Total less 20%

P~staqe and handling charges 1 book $4.00 2 or more books $7.00

Send your order with a cheque, or bill your credit card.

ca~"°CIQCICI QQQQ CICIQQ QQQQExpiry Date

Name

Address

Suburb

Plus Postaae

L.q Bankcard CI MastercardL.3 Visa ~ Annex

Amount

Signature

State PostcodePrices are correct al lime Of Df~nhrlQ. bul are subleCl to chancre wllhOut notlce

New ProductsSOFTWARE INTELLIGENCE

Contact: Julie SmythTel: (03) 9431 0133Fax: (03) 9431 2045Email: julie @sLcom.au

Software Intelligence is a leading Australianpr-ovider of enterprise-wide information securitysolutions for client/server computing environments.The OmniGuard suite of software products enablesorganisations to centrally manage informationsecurity policy across a wide variety ofclient/server platforms. In addition, OmniGuardprovides enhanced data confidentiality, accesscontrol, user administration, and intrusion detectionfor PC,s, PC-LANs, UNIX, Windows NT, and mid-range systems.

For further details on any of the OmniGuardproducts, contact Software Intelligence by email [email protected] or visit our Web Site athttp://www.si.com.au.

OMNIGUARD:INTRUDER ALERTREAL-TIMEMONITORING AND INTRUSIONDETECTIONNow Available for Windows NT

Software Intelligence today announced theavailability of AXENT Technologies,OmniGuard/Intruder Alert (ITA) version 2.3 forWindows NT. This release of ITA gives users theability to monitor security-related events acrossUNIX, NetWare, and Windows NT and correlatethose events to detect intruders, suspicious activity,or unauthorised uses of computing resources. ITAversion 2.3 runs on Novell NetWare versions 3.xand 4.x, including NDS, Windows NT versions 3.51and 4.0 platforms and most major UNIX operatingsystems including HP-UX, AIX, Digital UNIX,Solaris, SunOS, IRIX on Silicon Graphics, and NCRMPRAS. Also included in this release is aWindows-based GUI that runs on Windows 3.1,Windows 95 and Windows NT.

Today, most IT organisations have lots of auditlogs, the problem is they don, t have enough peopleto review those logs. In addition, because theselogs are produced by multiple servers running

multiple operating systems, it is difficult tocorrelate audit events across different platforms.Even if suspicious activity is discovered in theaudit logs, it is often too late to do anything aboutit, Yoo said Pete Privateer, AXENT,s senior vicepresident of product operations. AXENT is veryexcited about this release of ITA because it willenable security managers to easily detect andautomatically respond to unauthorised activity ina multi-platform LAN environment.

As more and more corporations connect theirnetworks to the Internet, the opportunity forinternal abuse and external intrusions is increasingdramatically. In a recent US Department ofDefense penetration test, attacks were mounted on9,000 systems. Of those 9,000 attacks, 7,900 weresuccessful and only 320 were detected. Of the 320that were detected, only 15 systems responded tothe attack. While Internet firewalls provide aperimeter defense against external intruders,firewalls are far from foolproof and, if theperimeter defense is breached, the internal systemsbehind the firewall are vulnerable. ITA addsanother layer of defense that can detect suspiciousactivity and stop intruders before they can gainaccess to the internal systems.

Not all threats are from external sources. A recentstudy by the American Society for IndustrialSecurity indicates that most security incidents arethe result of abuse by insiders. Unfortunately, intoday, s distributed computing environment it isquite possible for authorised users to dounauthorised things. ITA monitors all UNIX,NetWare, and Windows NT servers in the networkfor abuse and unauthorised activity. If abuse isdetected, ITA can take automated actions includingalerting the security administrator through theITA console or by electronic mail or pager. ITA cantake additional actions such as disable the user, saccount, stop a program from running, block access toa system, or a wide range of other operations.

OmniGuard/ITA,s intrusion detection capabilityenables users to watch for real-time patterns ofabuse across their entire enterprise via a powerful,rule-based engine that analyses a wide variety ofdata streams in each operating system as well asapplication audit trails, noted Robert Parker,product manager for Intruder Alert. ITA is designedto recognise internal or external threats to yournetwork based on attack signatures known aspolicies. These policies can be constructed tomonitor not only external attacks and probes, butcan also be configured to watch for unauthorised


activity patterns, which are a bigger threat to anetwork, o~o

OMNIGUARD:UNIX PRIVILEGE MANAGERA new software product that provides control andpartitioning of root privilege on UNIX systems

Software Intelligence announces the availabilityof OmniGuard/UNIX Privilege Manager (UPM),from AXENT Technologies, Inc. UPM will be thenewest addition to the OmniGuard suite ofenterprise security solutions. UPM will enablesystems managers to regain control of root privilegeon their UNIX systems. The new product isavailable for most major UNIX operating systems,including HP-UX, Sun Solaris, IBM AIX, DigitalUNIX, and Silicon Graphics, IRIX.

Technical Specifications

UPM solves a serious UNIX security problem whichis caused when too many users are given privilegedroot access in order to perform routine job functions.When the root password is granted to a user forsuch routine activities as starting and stoppingprint queues or running backup jobs, that same usercan have access to any file on the system, includingsensitive salary, financial, or operationalinformation. A user with root privilege canmanipulate any system data area, set upunauthorized user accounts, or even take overoperational control of the entire system. To reducethis security risk, UNIX shops must hireadditional expensive UNIX systemsadministrators to perform routine operationalactivities.

OmniGuard/UNIX Privilege Manager (UPM)offers a way to address this problem with minimumimpact on end users and UNIX systemsadministrators, without modifications to theUNIX operating system. With UPM,administrators can grant users the ability to runprograms or commands that ordinarily require rootaccess without giving the user full root privileges.Furthermore, the ability to run these commands canbe restricted by machine, by location, and even bytime of day.

"With UPM, we can now provide a UNIX systemsmanager with the ability to control authority andprivilege levels at an acceptable cost, and with thecritical auditability needed in a productionenvironment", remarked James R. Bowerman, vice

president and general manager of the resourcemanagement business unit at AXENT.

In addition to root partitioning and control, UPMgives administrators the ability to audit who isrunning privileged UNIX commands. This ensuresthat the users who have the authority to affectsystem operations are using their authority inaccordance with corporate goals and policies.Other users are prevented from taking actionswhich might disrupt the production systems oraccessing sensitive data.

UPM works without requiring modification to theunderlying operating system, which eliminates thereliability and support problems inherent incompeting products that modify the UNIX kernelor replace native UNIX file access controls.

UPM supports OmniGuard,s manager/agentarchitecture. UPM allows UNIX administrators todefine privilege policy on one or more centrallylocated managers and ensure that this policy isenforced at multiple agent nodes. Multiplemanagers provide the ability to provideredundancy for high reliability, or alternativelyallow partitioning of the network so thatauthority can be effectively delegated at thedepartmental level.

UPM is integrated with 6ther OmniGuard modulesincluding OmniGuard / Enterprise Access Control®for UNIX and OmniGuard/Intruder Alert® forUNIX. Using Intruder Alert, unauthorized actionscan be detected and prevented. Enterprise AccessControl for UNIX facilitates UNIX useradministration and allows user profile informationto be accessed by UPM for authentication purposes.

General Availability

UPM is scheduled for general commercialavailability on October 31, 1996, and is availabledirectly from Software Intelligence.


Book ReviewsSub-editor: Frank Crawford

Well, the Internet, the World-Wide-Web and Javaare certainly big in the computing industry, as canbe seen by the assortment of books we have thisissue. We have reviews of books which range fromhow to program in Java, to how to create Javaapplets, onto VRML, and finally onto networks, theInternet and Firewalls. For those who don’t careabout the Internet, there is also a review of a bookon LaTeX, a text formatting package.

I have to thank Danny Yee, who has offered a fewof his reviews, without any coaxing. He has noconnection with any of the publishers, but doesreviews of a number of books, for everyones benefits.His reviews can be read on the web fromhttp://www.anatomy.su.oz.au / danny/book-reviews/.

As many of you have noticed, we currently havelots of books coming for review. The currentpractice is to post a note to the mailing list <[email protected]> and the newsgroupaus.org.auug when we have new books available.Unfortunately, this disadvantages memberswithout network connections, or on the end of a lowspeed link. For people in such a position, eithermail, via the AUUG PO Box, or fax me on (02) 97179273, with your contact details and preferences, o~o

JAVA IN A NUTSHELL

by David FlanaganO’Reilly and Associates1996, 438 pages, $29.95ISBN 1-56592-183-6

Reviewed byPeter GrayInformation Technology ServicesUniversity of Wollongong<pdg @ uow.edu.au>

This book describes itself as a desktop reference forJava programmers. People thinking of buying thisbook should bear that in mind. This is a not a bookaimed at teaching you the Java language.

The book is divided into five sections. The first istitled "Introducing Java" and gives an introductionto the language aimed atthe C or C++ programmer. This section onlyoccupies about 80 pages and goes through adescription of the language at a rapid pace.Although terse, the information presented is welllaid out and quite easy to follow for people in thetarget audience.

Part 2 is entitled "Programming with the JavaAPI" and introduces the reader to most of thepackages needed to write Java applets. Topics.covered include applets, GUI building, I/O,networking animation, and threads. The section isalso around 80 pages in length. It includes largeamounts of code as examples.

Part 3 is the "Java Language Reference". Here wefind detailed information about the Java syntaxpresented in a straightforward and relativelycompact manner. This section also includes a ratherbrief descriptions of events font and colourhandling, and applet parameters. There is also ashort but quite good summary of Java securityfeatures. The last few chapters, in this section coverJava related HTML syntax and the JavaDevelopment Kit (version 1.0).

Part 4 is the Java API quick reference organised on apackage by package basis. This reviewer did haveone major complaint with this section. Thedescription of the objects found in the JDK packagesoften lacked the detail needed for seriousprogramming. It is no replacement for the JDKdocumentation. This may have been a deliberatechoice on the part of the author to restrict the sizeof the book. It is easy to imagine a future series of


Java books with a complete volume devoted to eachof the standard Java packages.

The final section of the book is a series of indexes.Some examples of the indexes provided are; a"class to package" index, a "method to class"index, an "implemented by" index for interfaces,and a "thrown by" index for exceptions. There are 7indexes in all totaling 28 highly useful pages.

"Java in a NutShell" is based on version 1.0 of theJava API. The reader should be aware thatsubsequent releases of the API have containedminor changes from version 1.0

All in all this reviewer would say the book livesup to its promise of being a useful desktop reference.

ACTIVE JAVA: OBJECT-ORIENTEDPROGRAMMING FOR THE WORLDWIDE WEB

by Adam Freeman and Darrel InceAddison-Wesley1996, 235 pages, US$25.95ISBN 0-201-40370-6

and

EXPLORING JAVA

by Patrick Niemeyer and Joshua PeckO’Reilly & Associates1996, 407 pagesISBN 1-56592-184-4

Reviewed byDanny Yee<danny @ cs.su, oz.au>

Somewhat bemused by the marketing frenzy and inno particular hurry to learn yet anotherprogramming language, I have refrained fromasking for review copies of any books on Java. But anumber turned up on my doorstep anyway and Ifound it hard to resist finding out what all the fusswas about.

The first book to arrive, and the only one I readright through, was Active Java. This is anintroduction to Java aimed at those with basicprogramming competence but no experience with anobject-oriented language. It works its way throughthe basics of the language, explains how to use the

awt and net libraries, then introduces the JavaDevelopment Kit and the basics of writing appletsand applications. It concludes with a chapter onJava internals. The stress is on covering all theimportant ideas and concepts rather than onproviding details. Active Java is an easilyfollowed and clearly laid out volume which Irecommend for anyone wanting a broad overview ofJava: I think it would also make a good textbook foran undergraduate course, though it lacks exercisesand is perhaps not repetitive enough.

As a supplement to Active Java and a source of moredetailed information, I used Exploring Java. Thisbegins with a brief look at internals and securityissues and then launches straight into a basic"Hello Web!" applet. It contains detaileddescriptions of the basic classes and standardlibraries and is clearly aimed at experiencedprogrammers who want to learn Java in order towrite serious applications.

I have only glanced at the three other books onJava that turned up: Java in a Nutshell (O’Reilly)looks like a reference for the serious Javaprogrammer; On To Java (Addison-Wesley) is atextbook with an unusual layout, usingpoints/paragraphs numbered sequentiallythroughout; and Learn Java on the Macintosh(Addison-Wesley) comes with a Mac version of theJava Development Kit on CDROM. But anyoneafter a book on Java should look around carefully:as even this small sample illustrates, there arebooks on Java for all sorts of niche markets. Iwouldn’t be at all surprised to see titles like FromCommon Lisp to Java for Amiga Users and 101Implementations of Tetris in Java appearing! ,:,

CREATING COOL WEB APPLETS WITHJAVA

by Paul J. PerryIDG Books Worldwide, Inc.1996, 360 pages + CD-ROMISBN 1-56884-881-1

Reviewed byLawrie Brown<Lawrie. Brown @ adfa. oz. a u>

This is another contribution to the ever growing~pile of books jumping on the Java bandwagon. Itdoes however have a more specific focus, namelyintroducing with the aid of many examples how towrite some simple but useful Java applets for use inweb pages, particularly by using existing objectsand classes. Consequently, [ think it is more


successful as a result. Although the book claims theonly background needed is a familiarity with usingDOS and Windows, I think you’d be strugglingwithout some background in proceduralprogramming languages, especially in C. The mainfocus of the book is a series of chapters illustratingby example how Java applets can be used forcertain tasks. ,

In more detail the books contents are as follows:

Ch 1 is a brief introduction to the Internet, theWeb, and to Java.

Ch 2 discusses how to use the Netscape Navigatorweb browser in particular.

Ch 3 provides a brief overview of the basic HTMLconstructs used to construct static web pages. Then itmoves on to the main focus.

Ch 4 introduces Java, the concept of OOprogramming, all the basic language constructs, andthe use of the Java Developers Kit (JDK). The bookskates very quickly over the fundamental languageconstructs in this chapter, which would pose noproblems for a competent programmer, but maycause difficulties otherwise.

Next come a series of chapters of applets byexamples.

Ch 5 discusses how text and graphics can bedisplayed, in different fonts and colors, and thevarious graphic primitives.

Ch 6 looks at incorporating images and animations.The latter using a sequential display of a set ofgraphic images, via the Animator class (which isdistributed as part of the JDK).

Ch 7 describes how sound clips can be loaded fromAU files and played by applets, including arandom play example.

Ch 8 discusses handling input events from thekeyboard and mouse, including a very simple paintapplet.

Ch 9 briefly documents all the demo classesprovided with the JDK, which can be used assupplied, in web pages. It describes them, anditemises the parameters to each.

Ch 10 looks at network communications, at loadinga new URL, accessing a file on the server, andbriefly mentions the existence of sockets. It also

discusses the use of exceptions and exceptionhandlers.

Ch 11 describes the AWT GUI toolkit which iscurrently provided for Java applets. It describesthe types of controls available, briefly discussesthe various geometry managers used to layout thecontrols, how controls are added, how eventsgenerated by them are handled, and how thebrowser status line can be modified.

Finally Ch 12 continues the development of userinterfaces by discussing how to create separatewindows, dialog boxes, and menu bars.

The book ends with several reference appendices.

The book comes with an associated CDROM. Thiscontains the source for all the examples in the book,as well as a copy of the JDK for Win95 or WinNT,and a copy of an issue of the JavaWorld magazine.The files on the CDROM use standard 8.3 DOSnames, however batch files are provided to expandthem to the long names actually used. A major flawis the fact that the expanded long names are alllowercase when the the HTML and Java sourcefiles assume mixed case names.. Consequently on acase-sensitive file system such as Unix, nothingworked when first unpacked. Particularly whenthe author actually warned about the need for carewith filenames several times in the text, this wasquite annoying. Its a times like these that the-underlying PC focus becomes apparent, though thevast majority of the book would be applicable onmost platforms.

The major strength of this book are its numerousexamples illustrating the techniques beingdiscussed. Mostly these relate well to theassociated chapter content. I would have liked tohave seen some suggested exercises though, toencourage the reader to try some of the techniquesout. As it is, you’re left very much on your own indeciding what to try, and where to go next.

In conclusion, I think this book make a reasonableattempt at satisfying its goal, illustrating byexample how to use Java to enhance web pages. It iscertainly not a comprehensive reference, and Ithink you do need some programming background tomake the most of it, but its worth considering ifyour interest is primarily in writing simple appletsfor your web pages, o$o


VRML: BROWSING AND BUILDINGCYBERSPACE

by Mark PesceNew Riders Publishing1995, 424 PagesISBN 1-56205-498-8

Reviewed byKirk BarrettBHP Information Technology<barrett.kirk.kh @ bhp.com.au>

I offered to review this book as someone who hasbeen working with Web technology for a couple ofyears but had very little background in VRML(pronounced ’vermal’). In fact until I began readingthe book I had not even browsed a VRML world.

The book was written by one of the founders of theVRML language, Mark Pesce, and contains awealth of information for those wishing to getstarted in Virtual reality on the web or Cyberspaceas it has become known. The "Road Map to VRML"at the start of the book indicates that the targetaudience is anyone "from the novice Web user to anaccomplished programmer". To facilitate thisMark Pesce has suggested three possible pathsthrough the book, the ’novice’ path, the ’hackers’path and the ’designers’ path. The ’novice’ path isaimed at the reader who is not familiar with theweb or VRML a includes the chapters that cover anintroduction to the web, VRML browsers, VI(MLtools. It provides a good introduction for thosereaders that want to get up and running quickly butto be honest it wouldn’t be worth buying the book itthis was all you were interested in.

The ’hackers’ path is aimed at the reader withexperience with the web and a knowledge of 3dgraphics and who is interested in getting intocutting VRML code as soon as possible. It runsthrough the chapters that comprise the booksVRML Primer and those that cover importanttechnical publishing issues as well as a look atimpending future developments with VRML. Thispath also covers server scripting for VRML usingPerl and a high level chapter on how to write aVRML browser..The designers path is aimed atthose readers who are designing their own VRMLsite and includes all chapter except those in theVRML primer and the chapter writing your ownerVRML browser. As you can imagine this path isprobably most useful if you are planning a VRMLsite but not going to be getting your hands dirtywith VRML coding.

The book is divided into five parts each containinga number of chapters.

Chapters 1 to 4 make up Part 1 which is titled"Colonizing Cyberspace". Chapters 1 and 2 providean overview and background of the development ofelectronic communications and the Web as well as abrief history of VRML. Chapter 3 gives a shortdescription of how VRML works and how it fitsinto the Web. Chapter 4 covers Web browsers withdetailed examples based on demonstration copies ofbrowsers provided on the book’s companion CD.Ample screen snapshots are provided but the b/wpictures are very dark and fail to assist the readerin any great way. I felt greater benefit was gainedby reading this chapter while using the browsers.

Chapters 5 through 8 make up Part 2 entitled "TheComplete VRML Primer". Chapter 5 contains a 3dgraphics primer written for the novice reader or onewho wished to refresh their knowledge on thistopic. There is little technical detail but it doesprovide an easy to read introduction to "the basiccomponents of three-dimensional graphics and howwe use a computer to create realistic images.".Chapters 6,7 and 8 provide a complete primer onVRML 1.0 at the end of which you should be able todevelop your own VRML worlds. An example isbuilt up through these chapters that starts with asimple yellow sphere and ends with a completeheliocentric clock that enables you to view in 3dthe position of the Sun, Earth and Moon at anypoint in time. The complete code for this includingPerl scripts is included on the companion CD.

Part 3 only contains a single chapter coveringVRML style guidelines and a couple of the VRMLworld building tools included on the companion CD.A walkthrough of the VRML building tools isprovided enabling the reader to build a simple 3droom with windows and a door, play with texturemapping and create hyperlinks from 3d objectsother VRML worlds or web pages.

Chapters 10 through to 13 make up Part 4 entitled"The Road to Know Where". Chapter 10 coversVRML optimization an publishing issues like levelof detail and inline inclusion of VRML objects fromother servers. Chapter 11 provides a high leveldescription of what is required to write a VRMLbrowser. Chapter 12 details the thoughts of theauthor and three other major players in the VRMLarena on style and design issues for cyberspace. Thischapter made for a very interesting read and manyof the concepts covered also have directapplication in the design of Web sites. Chapter 13wraps up the book with a look into the future for


20% DISCOUNT TO AUUG MEMBERSPlease send me a copy/copies of the following book ~

Special Edition Using SAP/R 3ISBN 078970689X Cloth

Behavioral Synthesis: Digital System DesignISBN 0135692520 Cloth

Perl 5 Interactive CourseISBN 1571690646 Book with CD

The Best of AIXtra: An Eclectic UNIX AnthologyISBN 0134944445 Paper

Upgrading & Repairing Pcs 6th EditionISBN 0789710536 Cloth

Building a Data Warehouse for Decision SupportISBN 0135906628 Cloth

Linux CompanionISBN 0132318385 Paper

ISDN ConsultantISBN 0132590522 Paper

$9995 $79.95

$8995 $71.95

$9995 $79.95

$65.95

$95.95

$69v95 $47.95

$39=°.95 $31.95

$5995 $47.95

Java Developers ResourceISBN 0135707897 Paper ~,_,.-,. ~.., $43.95

AUUG members receive 20% discount below recommended retail pricePlease send me the selected book/s on 30-Day approval

Name:

Company:

Address:

Expiry Date:

Signature:

Position:

Telephone:

f--I Enclosed cheque for $ (Payable to’Prentice Hall Australia’)

[--I Charge to me OR I--I Company purchase Order No.Please charge my: I--1Bankcard I--I Visa I---] MasterCard 1--’1AMEX

Credit CardNo:l I I I 11 I I I II I I I II I I I I

Mail or fax completed order form to Prentice Hall Australia,PO Box 151, Brookvale NSW 2100

OR ’~ Use our PHONE SERVICE by callingJan Blenkinsop SYDNEY (02) 9907 5693

PRENTICE

r~,A L L

AUSTRALIA7 Grosvenor Place, B kvale NSW 2100Tel: (02) 9939 1333 Fax: (02) 9905 7934 A.C.N. 0003e3406

I---] Please add my name to your mailing list in thefollowing areas: (please list subject areas)

VRML talking about immediate enhancements thatwere planned at the time the book was publishedas well as many long term plans from VRML 2.0.Around mid August this year it was announce thatthe basic standard for VRML 2.0 was agreed to atSIGGRAPH’96 with some of the sticking pointslike 3d Avatars left to be resolved separately.

The 3 appendices at the end of the book contain acomplete specification for VRML 1.0, an extremelyuseful list of VRML resources and a full descriptionof the contents of the companion CD that comeswith the book.

Overall the book was interesting and easy to read.I did not follow any of the suggested reading pathselecting instead to read through it sequentially. Bythe end of the book I was able to fairly easily puttogether a simple world containing a giant 3dversion of my business card, a transparent GIFimage texture mapped onto a sphere hyperlinkedto my personal home page and some 3d text floatingat various places. One point to note thought is thatwith the recent release of the VRML 2.0 standard Iwould expect that.an updated version of this bookwill be re-released in the near future, o;o

A GUIDE TO LATEX 2E:DOCUMENT PREPARATION FORBEGINNERS AND ADVANCED USERS

by Helmut Kopka and Patrick W Daly,Addison-Wesley1995, 554 pages, $49.95ISDN 0-201-42777-x

Reviewed byJagoda CrawfordAustralian Nuclear Science and Technology Organization<jc @ ansto, gov. au>

This guide is based on Helmut Kopka’s Germanbook on LaTeX, and according to the preface wasinspired by the number of requests for an Englishtranslation. This second edition presents both theclassical version (designated 2.09) and the nowofficial standard, named LaTeX 2e.

For those who are not familiar with TeX, it is atext formatting package (similar in concept to troff)designed by Donald E Knuth for the formatting ofscientific and technical documents/books. LaTeX isa macro package designed for use with TeX. It hasbeen widely accepted in the scientific community,.with many scientific journals and conferences now

requesting that contributions be submitted in LaTeXformat.

The book is purely aimed at the users of LaTeX, andrequires little experience with computers. It doesnot cover in any depth the installation andconfiguration. For those interested in installationthe O’Reilly book, Making TeX Work, by NormanWalsh, is a good reference. Kopka and Dalyexplain the basic elements of the standarddistribution of LaTeX, giving examples andexercises.

The authors start by giving an overview of textformatting and TeX, then on to LaTeX and finallyleading to LaTeX2e. After presenting such things asenvironments and special characters, documentlayout is presented. It describes how to set up thepage style and the various parts of the documente.g. title page, abstract, various sections,appendices, table of contents etc. This, I found avery useful section as it sets the scene for documentformatting.

The introductory section is then followed by achapter on the different ways of displaying text,covering such topics as changing fonts and fontsizes, underlining, centering, indenting, lists,tables, boxes etc. A chapter on each of thefollowing is also provided:

- formatting of mathematical formulas,

- pictures, building blocks from which pictures areconstructed, text, straight lines of variousinclinations, arrows, circles and ovals,

- defining user commands,

- advanced features - subjects included here are thesplitting of a document into several files, selectiveprocessing of parts of a document, cross-references tosections, figures and equations, automatedproduction of bibliographies, indices andglossaries, handling different sets of fonts andpreparing presentation materials (slides).

- basic structure of error messages, some sampleerrors and a list of error messages with adescription of possible causes and solutions.

A number of appendices are also included coveringsuch subjects as the formatting of correspondence,creating bibliographic databases and using them indocuments, programming LaTeX extensions and alist of commands.


The material covered by the book is well presentedand I believe that this book is a must for newcomersto LaTeX as well as for use by more experiencedusers. It provides a thorough listing of all the basicconcepts and reference for key ideas, o$o

ZEN AND THE ART OF THE INTERNET(4TH ED).

by Brendan P. KehoePrentice Hall1996, 255 pagesISBN 0-13-452914-6

Reviewed byJon WrightGuru Software Services<job @ UNS. com. au>

Zen and the Art of the Internet is a relatively wellknown book. It is often referenced in on-lineconversations, particularly in Usenet news groups.Having heard so often about it’s wonderfulqualities and also being somewhat interested in thestrange concept of combining Zen and the Internet,made the chance to review this book almostirresistible. Unfortunately, as often happens inlife, the actual book was initially a bigdisappointment. Apart from the mention of the factthat the author was inspired by two books: Zen andthe art of Motorcycle Maintenance & Zen and theArt of Archery, and a brief definition of Zen onpage 229, there appears to be no particularly goodreason for even having the word Zen in the title. Tomake things worse, trying to use the index for cross-reference purposes was almost impossible (some ofthe page numbers are wrong).

At this stage, the book was almost returnedunreviewed until the idea of fairness began tosurface. The book had been disappointing becauseof expectations built up over a long period of time.It would be more appropriate to try and view thebook as if it was totally unknown. From thisperspective, Zen and the Art of the Internet is yetanother internet introduction. The differenceprobably comes from the easy flowing style andsuccinct coverage of the major topics. The bookquickly introduces the major subsections of the net,(mail, ftp, news, www) and then covers the varioustools and commercial providers before moving on tothe most interesting chapter which providesbackground information for newcomers to the net(e.g. the internet coke machine, the worm, etc.).The book is then completed with a series of specificindexes, including one on creating home pages.Naturally the commercial provider section is US-

centric like most books published in the US, toreplace this section try another book likeOzlnternet (Goodheart & Crawford).

After this section read of the book, the reason forZen in the title began to appear. Zen Buddhistsbelieve that enlightenment can arise from intuitionrather than from the study of scripture or history.In the same way, this book is trying to providemake the internet more intuitive for newcomers.

The final question is how this book stacks upagainst the competition? Basically the only othercomprehensive quality introduction that coverssimilar ground is probably the O’Reilly WholeInternet Guide. Zen is probably an easierintroduction and it is also a lot easier to carryaround. That means it is probably the bestbackground internet book for newcomers, o~o

COMPUTER NETWORKS:A SYSTEMS APPROACH

by Larry L. Peterson and Bruce S. DavieMorgan Kaufmann1996, 552 pages, US$69.95ISBN 1-55860-368-9

Reviewed byDanny Yee<danny@ cs.su.oz.au>

In many ways Computer Networks: A SystemsApproach contains just what one would expect tofind in a serious introduction to networking.Peterson and Davie begin with a quick introductionto basic networking concepts, then look at abstractprotocol implementation in the context of the x-kernel system (fragments of code from which areused throughout to illustrate implementationissues). They very broadly follow the standardnetwork layers upwards, with chapters on host andlink issues (ethernets and token-rings, encoding,framing, and error detection); on packet switchingand routing; on bridges, internetworking, IP andIPv6, DNS, and multicast; on end.-to-end protocols(UDP, TCP, RPC, and performance issues); and onend-to-end data (presentation, encryption,compression). Chapters on congestion control(especially in TCP implementations) and high-speed networking (including real-time services andquality of service guarantees) complete the volume.

Each chapter begins by describing one centralproblem that motivates it, and ends with adiscussion of an "open question" -- the relationshipbetween IP and ATM, for example, or the balance

3O AUUGN: The Journal of AUUG Inc.

between handling congestion control inside andoutside networks. The effect is to convey a feel fornetworking as a dynamic and evolving field. Sideboxes contain digressions, a device which worksquite well here.

It’s hard to put my finger on exactly what setsPeterson and Davie’s offering apart from the manyother introductions to networking available. Thedepth of their coverage, certainly, and also theirgood coverage of implementation and architectureissues. But the key to their success is what theycall a "systems approach", a concentration on firstpri_hciples and basic building blocks and concepts.So there are no lengthy descriptions of protocols fortheir own sake -- they are used instead to illustratefundamental ideas. (Protocols are, after all,merely solutions to problems.) If the focus is verymuch on the Internet and internet protocols, that isbecause they are the only systems which addresssome problems.

A Systems Approach really does manage tohighlight the most important ideas. It is also anattractive and clearly laid out volume and, despitethe price, one which is good value for money. It iseasily the best general networking textbook I haveseen. Though it may daunt weaker students, itwould be suitable as a text for higherundergraduate courses; it is the first book I wouldrecommend to computing professionals approachingnetworking for the first time or seeking to refreshtheir knowledge of the field, o:o

INTERNET FIREWALLSAND NETWORK SECURITY

by Karanjit Siyan and Chris HareNew Riders Publishing1995, 410 pages.ISBN 1-56205-437-6

Reviewed byCraig Macbride<craig @ rmit. edu. a u>

I’m glad to say that this was one of the mostreadable technical books I’ve encountered in quitesome time. Many books on highly technical mattersfall into several traps, particularly of notproviding background information or of notproviding good examples. Too often, referenceworks provide examples for only one Unix variant,leaving users of other variants wondering. InternetFirewalls and Network Security provides copiousbackground material and the examples are aimedbroadly at Sys V or BSD machines with specific

notes on SunOS and SCO Unix at various points.From there, it should be possible for networkadministrators to make sense of this book in mostUnix environments.

The book starts with a detailed section on TCP/IP,particularly the parts relevant to low-level setupand security, subnets, .rhosts files, the daemons andso on. Next it goes into the Unix security side as itrelated to networking, the meanings of the US"Orange Book" levels, password controls, NFS,encryption and Kerberos. The background sectionends with an in-depth discussion of networksecurity planning and policies and includesreference to worthwhile news groups and mailinglists on Usenet.

The second part is where it gets interesting,starting by covering screening routers and packetfiltering. The authors cover in some detail how towork out packet filtering rules for your securityrequirements, the problems involved with packetfiltering with FTP, and some case-study examplesfor different filter setups. Cisco routers are coveredin particular, as regards the syntax for setting upfilter rules.

They go on to cover firewall architecture andimplementation, using TCP Wrapper, FireWall-1for Suns, ANS Interlock for Suns and IBM AIXmachines, TIS Gauntlet which runs on a speciallymodified BSD Unix kernel on an Intel box, andfinally the free TIS Firewall Toolkit.

One thing that did surprise me was that the figuresreferring to packet dumps use LANalyzer forWindows, rather than using a familiar Unix tool,such as tcpdump. Given that the whole of the restof the book is devoted to Unix variants, exceptwhere PC packet filter software is covered, the useof an MSDOS machine sitting on the network tomonitor traffic is a little surprising.

It also surprised me that some typos had crept intodiagrams, but the reader who doesn’t spot thoseprobably shouldn’t be trying to set up a firewallanyhow.

If you are looking for information on TCP/IPnetworking and how to make it secure whenconnecting to the outside world, this seems like agood reference source. It takes a methodicalapproach to the whole problem, from working outyour security requirements to implementing themwith a router doing packet-filtering and/or abastion host.


LIONS’ COMMENTARY ON UNIX6TH EDITION WITH SOURCE CODE

by John Lions

Re vie we d byLucy Chubb

My acquaintance with the original orange and red(well, it fades to pink) covered books that were theversion 6 source code and commentary began in 1981when I did John Lion’s operating systems course. Iboth loved it and had a mild dislike of it -- adislike arose because it drove me to work (OK, I’mlazy), and love because it opened the world ofoperating systems to me, one that has delighted meever since. Later, while doing a port of version 7UNIX (what else!?) and rewriting its memorymanagement for a masters degree, I tutored fromthose same books and even had the privilege ofgiving some lectures for John while he was awayfor a number of weeks. During those years my copyhas suffered from having naive undergraduatenotes written into it, rubbed out and repeatedlyreplaced by other penciled notes as myunderstanding grew.

This book contains the two original "Lions’ books"(the first being a source code listing of UNIX level6, complete with the original warning againstdisclosure, and a separate commentary), variousnotes, forwards, and appreciations by DennisRitchie, Ken Thompson, Micheal Tilson, PeterSalus, Mike O’Dell, Greg Rose, Berny Goodheart,Peter Collinson, and Peter Reintjes.

The line numbered source code listing contains thekernel routines with the exception of devicedrivers, where only a few example ones are given.The commentary includes information about thePDP11, which is necessary for understanding someparts of the code, and an explanation of thedifferent subsystems such as process managementwhich which gives an overview but goes down to aline by line commentary where appropriate. Thelast chapter gives exercises for those who want tothink further about the code.

Ken Thompson and Dennis Ritchie published apaper "The Unix Time-Sharing System" in May1974 in the Communications of the ACM. Afterfellow lecturer Ken Robinson wrote away to get thenew operating system, John Lions decided to basehis Operating Systems course around reading thesource code. In 1977 he completed his commentary toaccompany it.

The UNIX source code fumed out to be a good choicefor study; it was both small and elegant and theLions commentary made an excellent companion.Michael Tilson writes in his prefatory notes "TheUNIX operating system kernel code was itself anelegant work, and even today it remains worthy ofstudy. John added a line-by-line analysis that wasequally elegant." ... "It is part of our technicalhistory, and we can still learn from it today." Itwas so much appreciated by the growing UNIXcommunity that they were often photocopied inspite of restrictions on their distribution. As KenThompson says in the forward, "finally -- one ofthe most widely distributed underground computerscience documents is freely available." And DennisRitchie, "The document reproduced here educated ageneration. It’s notoriously one of the most-copiedmanuscripts of computerdom, and it’s good to haveit in the open record".

While UNIX has grown massively in size andcomplexity in the intervening years, reading theversion 6 source code gave me a foundation that isstill firm. One of the things that I reallyappreciated is that the version 6 source code issmall enough to be understood as a whole(although that takes some work) but at the sametime is a real operating system that could (andwas) used for real applications. As chapter one ofthe Commentary says "it is accessible in a waythat most other systems are not: the amount ofmaterial which must be mastered in order to gain areasonably deep understanding of the system is notimpossibly large. By way of comparison, OS/360and its successors are far too complex to becompletely understood by any one individual."

Whether it’s to replace your many generationedphotocopy or just to find out what it’s all about,have a look at this book. The operating systemsconcepts are still valid today, and even theskeleton of UNIX version 6 still bears somerelationship with modern versions. If you wish togo further than this, Warren Toomey recentlyposted that SCO has issued free b~ary licenses forthis version (in which case this book would be agreat companion to the binary). Details of how toget it and several simulators which can run it can befound at http://minnie.cs.adfa.oz.au/PUPS/(where PUPS stands for "PDP Unix PreservationSociety").


ISBN 1-57398-013-7"The Lions’ book",cherished by UNIX hackersand widely circulated as aphotocopied bootleg docu-ment since the late 1970s, isfinally available in an unre-stricted edition. This leg-endary underground classic,

reproduced without modification, is really two works in one:~ the source code to an early version of the UNIX operating system~ a brilliant commentary, on that code by John Lions.

Dennis Ritchie, Ken Thompson, and other UNIX luminaries have con-tributed new essays on the enduring value of this Computer Science mas-terpiece.

Lions’ marriage of source code with commentary was originally used as anoperating systems textbook, a purpose for which it remains well-suited. Asa self-study UNIX conceptual tutorial, it has informed and inspired com-puter professionals and advanced operating system students for overtwenty years.

High PerfoHnance CommunicationsNetworksH/arland, J. & I/araiya, P,Morgan Kaufinann1-55860-341-7$115.00"

Intranet Firewalls: Planning & ImplementingYour Network Security SystemFuller; S. & Pagan, K.Ventana1-56604-506-1$69.95*

Source Code Secrets seriesVolume 3: Sockets Operating SystemJolitz, 1~. & Jolitz, L.Peer-to-Peer1-57398-003-X$90.00*

Source Code Secrets seriesVolume 4: TCP/IP Networking Protocoldolitz, ~ & dolitz, L.Peer-to-Peer1-57398-007-2$90.00~

The UNIX Web Server Book, 2nd ed.Magid, J. et al.Ventana1-56604-480-4$95.00*

Principles of Object-Oriented Programmingin JAVANa, ~Ventana (due Jar,. "9721-56604-530-4

Before the InternetVolume 1: Planning the ARPANETSalus, P. (ed.)Peer-to-Peer1-57398-008-0 $80.00*

Volume 2: Building the ARPANET1-57398-014-5 $80.00*

|I

,,

TITLE:

TEL:

F~: (~RI)#:

~/~II.: SISflATUR[:

POIT(O~E:(ABDflOLDEB: [~PIRY:

I

I!

I would like your latelt catalogue in the following areal: AUUG_9612 IReturn to: tlell0n ITP, 10z D0dds St., South Nelb0urne, Yic. ]z05 or fax to. (0~)qbq6 0SH Enquiries to (uit0mer Service:(o3)qbSS 4~ !

*RRPs shown - deduct 15% for member discount. Offer valid until 31/03197. Prices given correct when prinfed, but are subject to change without notice.

AUUG News:

CanberraCALL FOR PRESENTATIONSAND WORKSHOPS

John Wrightjohnw @ canb.auug, org.auCanberra AUUG Summer Conference Programme Chair

AUUG in Canberra is holding its 8th annualconference and workshops on the 12th, 13th and14th of February 1997. There will be two days ofworkshops, followed by the one day conference.The venue will again be the Australian NationalUniversity.

As well as national speakers, we are looking forpresentations from local individuals andorganisations in any area of UNIX, Open Systemsor Networking. Presenters for half or full dayworkshops on any subject are also welcome(workshop presenters receive a modesthonorarium).

Any organisations interested in sponsoring theconference and/or workshop are most welcome. Theconference and workshops always attract a goodattendance, with over 100 people from throughoutthe Canberra region attending the 1996 conferenceand workshops.

We look forward to hearing from you with yourideas for the 1997 conference and workshops.

For further details, please contact:

Programme Chair:John Wrightj wright@nla, gov. au

Workshop Organiser:David [email protected]

Some additional notes for AUUG Chapter contacts(hopefully to persuade at least one or two of you topresent a paper and/or workshop) ...

Workshop presenters receive an ex gratiapayment of $200 for each half-day workshop theypresent.

- Those presenting a paper at the conference willreceive free conference registration (so what’s new:-)?).

- We will pay for your return airfare to Canberra.You’ll be billeted with a local AUUG memberduring your stay.

So what are you waiting for? We’re open to ideas,so if you have any favourite topic you’d like to talkabout, or if you have a burning desire to hear apaper or workshop presented on a particularUnix/Open Systems/Networking issue, get in touchwith the Canberra AUUG Committee [email protected].

All suggestions andcontributions greatlyappreciated.

AUUG News:

DarwinMalcolm Caldwell

The Darwin Chapter of AUUG hosted a one-on-onedebate on the theme A variation of the gun debate:"Computers don’t kill people, people kill people."

The protagonists were Dr. Perry Morrison,Consultant and former lecturer, and Mr Phil Maker,Lecturer in IT at NTU, and a former pacemakersoftware developer for Telectronics.

Phil lead off with the "yes" case, after a shortinterval of confusion in which moderator, and localAUUG president, Alan Cowie assisted all partiesto work out who was "yes" and who was "no"(tricky things debate titles!).

Phil ran a "straw man" line, first articulating thelikely opposition logic then demolishing it.STRAW MAN: "Software is unreliable...Unreliable things kill people... Killing people isbad... Therefore never use software in life criticalsituations." MAKER: This is the wrong kind oflogic. Probability is the correct approach. Philgave an example from his own experience indesigning software for use in heart defibrillators. Ifthe chances of dying without the defibrillator are50% then even a 5% improvement using risk pronesoftware is worth it.

Perry, unki-ndly, took a different, ratherwhimsical, tack...relying for the "no" case onexamples of what he termed Folk Sense.


He put forward three separate "lifelike"hypotheticals involving bulldozers, video remotecontrols, lawnmowers, and strawberry jam (or wasit raspberry?) which illustrated the common senseimpulse to blame the machines themselves forshortcomings.

The formal debate served its purpose of stimulatinga floor discussion on his central theme, systemcomplexity and the limits it places upon ourcapacity to control system behaviour. This a majorissue with digital systems because complex systemswith "an untestable number of system states" can beeasily built.

A number of reasonably well known cases werebriefly discussed; the Airbus and X31 incidents;Space Shuttle reliability (It was not Challenger’scomputers which failed, but an O-ring failure).Perry raised the issue of possible software errors inBlackhawk fly-by-wire helicopters, a logical lineof discussion after the recent Queensland disaster.It was only after the debate whilst researchingsome of his old material that I discovered he hasbeen raising concerns about Blackhawks since thelate 1980’s ....... Very interesting.

The discussion continued apace at the post debatepizza session. Our thanks to the two debaters for aspirited and thought provoking evening.

Phil Maker has placed a special Web page on thedebate at:http://www.cs.ntu.edu.au/s taft/pjm / auug-debate/homepage.html

In addition to his own thoughts he has includedlinks to other places. Having followed some ofthese links I would recommend the followingarticles on Perry Morisson’s work:

http: //catless.ncl.ac.uk/Risks/9.15.html#subj4You will find here a synopsis of a paper co-authored by Perry Morrison and Tom Foresterentitled "Computer Ethics: Cautionary Tales andEthical Dilemmas in Computing". Its publicationseems to have been something of ’cause celebre’ atthe time.

http://catless.ncl.ac.uk / Risks/10.40.htmlIncluded here is a reflection by Perry Morrison onthe discussion raised by the publication of theabove paper (and some follow through in thepopular press). The views of one Phil Maker of theNTU are singled out for particular comment; in fact

they seem to have caused Dr Morrison to modifyhis original tough views, o:o

AUUG News:

NSW ChapterWayne Bellwayneb @sydney. dialix

NSW Chapter has monthly meetings on the thirdthursday of each month upstairs at the OccidentalHotel, York St, Wynyard

The October meeting featured a talk on Unix to non-Unix connectivity by Frank Crawford and IanCrackenthorp. The discussion covered a wide rangeof connectivity tools, especially SAMBA andnetatalk. Frank and Ian talked about theirexperiences with connectivity tools and invitedcomments and discussion from the floor on ourexperiences.

The November meeting Dr Bruce Howarth, a seniorlecturer at the University of Technology, Sydney,gave an entertaining and informative talk aboutSGML - the Standardised General MarkupLanguage.

The talk was prompted by a comment one companymanager made to Bruce, "I don’t employ computerscience graduates because they know nothing abouttext." It transpired that by text he meant SGMLand related ISO standards for documentpresentation.

Bruce gave an overview of the history of SGML,and a feel for the flavour of the tagged text syntaxused in SGML. He stressed its importantance incurrent computing, mainly because of HTML, whichis an SGML DTD (Document Type Description).

Bruce concluded with the question, "Should a courseon SGML be included in the UTS computer sciencedegree?" This sparked a lively debate among theattendees (approximately 30 AUUG and SAGE-AUmembers attended). One overriding conclusion wasthat computer science students needed to learn towrite, but that learning about the structure ofdocuments (which is reflected in SGML) could turnthem in to better writers.


SUMMER CONFERENCE

AUUG NSW will be holding our Summer TechnicalConference on the 20th and 21st of February, atCharles Sturt University, Bathurst.

We will have a day of tutorials on the 20th, andthe conference proper on Friday the 21st. We hopeto have an international speaker for the conference.AUUG NSW have arranged 32 student rooms, foraccomodation on a first come first served basis.These rooms are cheaper than motel/hotelaccomodation so book early.

More information including registration forms willbe coming to you shortly.

CONTACTS

Wayne BellChairwayneb @sydney. dialix, oz. au

David [email protected]

auug nsw [email protected]

Images from AUUG ’96:

It’s JEOPARDY!! With your host Rob Kalstad,

and contestants Joan McGilliard, Rolf Jester (Digital)

and our own David Purdue (AUUG Secretary).


Images from theChapter CouncilMeeting

The Chapter Council Meeting was held in Sydney,on Saturday December 6th, 1996. A successfulmeeting, with many ideas and views exchangedbetween the representatives.

[ Of course, the real story is they were all therereceiving councelling .. ;-) - Ed. ]

(L to R) Someone’s knee, S0meone elses knee, the back of a chair, Malcolm Caldwell (NT), Stephen Boucher (AUUGTreasurer), Lucy Chubb (AUUG Vice President), Wayne Bell (NSW), Mark White (QId), Patrick Ko (WA), John Terpstra(NSW)

(L to R) David Purdue (AUUG Exec + NSW), Michael Paddon (AUUG President), Alan Cowie (NT), James Patterson (Tas),Enno Davids (Vic)

Volume 17, Number’s 5 and 6 37

UNIX Tricks & TrapsSub-editor: G~nther Feuereisen <[email protected]>

Its’ been a busy month, having taken over the helm ofAUUGN, I haven’t had a chance to write any Tricks & Trapsthis time around. Fortunately Peter Tumbull dropped me a notewith some more ideas about the tar(l) command.

As it is that time again, and as this is the Christmas issue, Ithought we might get into the holiday spirit by looking atsome UNIX Christmas humour.

ITo all those who dropped me a note - thank you! It’s nice toknow someone’s checking up on me :-) Keep those contributionscoming in!

Happy Holidays! o;o

[ Last issue we looked at the tar(l) command and useful ways in which it could be used. Here, PeterTumbull highlights some other ways of using the tar(l) command. - Ed ]

TAR- THE STORY CONTINUES

Peter rurnbull <petert @ daedalus.com.au>

Using ’rsh’, ’rcp’ and ’tar’ to copy files and directories to remote systems can be an easy one liner. But whenthose remote systems are on a slow WAN (ie: <10MB), the time it takes to copy the files can become morecritical. Here in order from slowest to fastest are the commands to copy files to a remote system. (Note,that order assumes you are transfering a reasonable large amount of data)

Method 1

$ tar cvf /tmp/files.tar /var/somefiles

$ rcp -p /tmp/files.tar otherside:/tmp/files.tar

$ rsh otherside "tar xvf /tmp/files.tar"

Method 2

$ tar cf - /var/somefileslrsh otherside "tar xvf -"

Method 3


$ gzip /tmp/files.tar

$ rcp -p /tmp/files.tar.gz otherside:/tmp/files.tar.gz

$ rsh otherside "gzip -d /tmp/files.tar.gz"

$ rsh otherside "tar xvf /tmp/files.tar"

38 AUUGN: The Joumal of AUUG Inc.

Method 4


$ gzip /tmp/files.tar

$ rcp -p /tmp/files.tar.gz otherside:/tmp/files.tar.gz

$ rsh otherside "gzip -dc /tmp/files.tar.gzltar xvf -"

Method 5

$ tar cf - /var/somefileslgzip -clrsh otherside "gzip -dc

SANTA CLAUS IS COMING TO TOWNin C-shell

Author Unknown

[sing]

better !pout !crybetter watchouttelnet whysanta claus <north pole >town

cat/etc/passwd >listncheck listncheck listcat list I grep naughty > no_gift_listcat list I grep nice > gift_listsanta claus <north pole >town

who I grep sleepingwho I awakewho I egrep ’badlgood’for ( goodness sake)

be good}

tar xvf -"


ImagesAUUG

flTom

Photography by Liz Egan

El President~ (Michael Paddon)

The Secretariat’s Wael Foda, and a subtle

reminder as to who is providing the $$.


After a hard dat at AUUG,

Stephen Boucher (AUUG Treasurer)

goes for the OSF approved food

of choice.

The new high-tech method

for advertising web pages.


Enno Davids, Neil Murray, a camera and some guys orange shirt.

Lucy (Stephen Spielberg) Chubb behind the camera, with

Greg (God of USENIX) Rose in the chair of honour.


UNIXeAND OPEN SYB1EMS U~l~To apply for AUUG membership, complete this form and return it with payment in Australian dollars to:

REPLY PAID 66, AUUG MEMBERSHIP SECRETARY,P.O. BOX 366, KENSINGTON, NSW 2033, AUSTRALIA T~.k ~is box if you wish you~ nameTel: +61 2 9361-5994 or 1 800 625 655 ¯ Fax: +61 2 9332-4066 withheld from mailing lists made

available Io vendors. [~

draw~ o~ ~’t Au=tr~ia~ batik.

’::

ii! INI~VIDUAL OR STUDENT MEMBERSHIP:

Renewal/New membership of AUUGRenewal/New Student membershipInternational air mail

do hereby apply for:I agree that this membership will be subject to theru/es and by4aws oI AUUG as in fo,’ce from tim~to time, and that this membership wilt run fromtime of joining/renewal until the end of thecalendar ~ financial year.

TOTAL REMITTED: AUD$.

~ L~L CHA~ER DES,~TE:YOU ~n ~ici~te in t~ activi~es of a Io~1 AUUG C~pter. Pad of yourdefault a regio~ ~apter will ~ selected for you. If you wou~ ~t~r ~mi~te a ~ter., ~a~ s~

(i~i~te NONE for ~ ~pter).

i!To BETTER SERVE YOU, PLEASE PRINT YOUR CONTACT INFORMATION:

ii Name/Contact: I,

ili Position/Tilde:::

iComNny:

Address:":i

ii! Postcode:il Tel: BH AH:i

ii Fa~: BH AH::

ii amail address:i Over fo~ Institutional Membership:.°:~~~~~~‘~~~~~‘~~~~~~~~.~~~~~~~~~~~.~~~~~~~~‘~~°~~~~~~~~~~~~~~~~~~~~~~~~°~~~.°~~~~.~*~~~.¯¯°°~~..~~~~*.~°’~~.¯~~¯~.~~°~¯~~~~~~~.~.~~~.~~~~~~¯~~‘’~~’. ’~~~°°~~~~~°~~~.¯~°~.¯¯’~~~~~~~~~~°~~~~~~~~~~~~~~~~~.°~.~°~‘~~°~°.~°°.~~~~~*~~.~~~’°°~~°~¯°‘~~~° ~°~~~

c~rtify t~t

is a full time student at

and is expected to

graduate approximately

Please charge $I~1 Bankcard,Account number:Expiry date:Name on ~rd:Signature:

to myVisa, [~1 Mastercard

ilDate: $::

’::: Initial:i! Date processed:::

ii ............................................................................................

AUUG Inc. as a user group, exists to provide UNIX@ and open systemsusers with relevant and practical information, services, and educationthrough cooperation among users.

UNtXeAN0 OPEN SYSTEMS U~R~To apply for AUUG membership, complete this form and return it with payment in Australian dollars to:

REPLY PAID 66, AUUG MEMBERSHIP SECRETARY,P.O. BOX 366, KENSINGTON, NSW 2033, AUSTRALIA "r~ ~is ~ if yo~ wish yo~ name

w~lhheld from mailing lisls madeTel: +61 2 9361-5994 or 1 800 625 655 ¯ Fax: +61 2 9332-4066

do hereby apply ~:Renewal/New* Inst. membership of AUUGInterna~ionaJ air mail

TOTAL REMfl’rED

[~1 $35o.0o~ $120.00

AUD$

::Signed O~te

1st Rep.

Address

2nd Rop. ,,,,

Address

Title Bus. Tel:

INSTITUTIONAL MEMBER DETAILS..

Bus. Fax:

Fo!lowingare o_ur sbed .f’~d contacts. The i~’im .a~/contact holds the lull meml:~’vofinqrights, lhe two designated re~ will also 15e given membe~ip r"aes tg~AUUG actiy~ies indu,d, ing cSap!~ ad. ivities. By default a r~ional chapter wiltoe selec~ !or ,.y~u:. =~ you wou~a rather.nominate a ct~oter, please specify in Please charge $spa~e prov~ unama~e NONE lot noPrimary Contact [~ Bankcatd,

PositioW~=tleAddress

Bus. Tel:Poslcode

8us. Fax:

to myI~1 Visa,,

Account number:Expiry date:Name on card:.Signature:

e-mail addressLocal Chap/er Pref.

i Chq: bank~ alc~ Date::Initial:

: Date processed:Membership #

AUUG Inc. as a user group, exists to provide UNIX@ and open systemsusers with relevant and practical information, services, and educationthrough cooperation among users.

Notification ofChange

You can help us! If you have changed your mailing address,phone, title, or any other contact information, please keep usupdated. Complete the following information and either fax it tothe AUUG Membership Secretary on (02) 9332-4066 or post it to.:

AUUG Membership SecretaryP.O. Box 366Kensington, NSW 2033Australia

(Please allow at least 4 weeks for the change of address to take effect..)

I~1 The following changes are for my personal details, member #:

UNIX~AND OPEN SYSTEMS USERS

The following changes are for our Institutional Member, primary contact.

The following changes are for our Institutional Member, representative 1.

The following changes are for our Institutional~ Member, representative 2.

PLEASE PRINT YOUR OLD CONTACT INFORMATION (OR ATTAOH A MAILING LABEL):

Name/Contact:

Position/Title:

Company:

Address:

]el: BH

Fax: BH

email address:

Postcode

AH

AH

PLEASE PRINT YOUR NEW CONTAC~ INFORMATION:

Name/Contact:

Positlonfritle:

Company:

Address:

Tel: BH

Fax: BH

email address:

PostcodeAH

AH

Date:Initial’.Date processed:

iMembership #

images from awg ’96 on tour with d y smith u

Documents