Skills

 

Consulting

  • Analyze business processes, systems and networks to determine long term security strategies at minimal cost.
  • Implement replacements for legacy services, with emphasis on efficiency, security, and reliability.
  • Devise technical, social and political solutions for compliance with industry regulations.
  • Conduct feasibility studies and pilot programs for potential implementations.
  • Present findings to business owners, managers and technical leads.

 

Platforms

  • Linux: SLES, OpenSUSE, RedHat, RHEL, Fedora, Mandrake, CentOS, Ubuntu, Backtrack, Debian, Knoppix, Slackware
  • Microsoft: DOS 3.3 – 6.2, Windows 3.1, 95, 98, NT, ME, 2000, and XP, 2000, 2003, 2008
  • Unix: Solaris, SCO OpenServer, FreeBSD, OpenBSD, NetBSD, OSX, HP/UX, Irix, TRU64
  • Other: Mac Classic, Cisco IOS, PalmOS, OpenVMS
  • Web: Google Apps, Mediawiki, Joomla, WordPress, Drupal

 

Security Tools

  • Unified Threat Management: Fortinet, Astaro, Watchguard, CheckPoint, Barrier1, Cisco, IPCop
  • Web Protection: Imperva, CloudFlare, Sophos UTM, mod_security2, php-suhosin, Apache2, IIS
  • Managed Services: Alert Logic, Solutionary Activeguard, Google Message Security, ShadowServer Alerting
  • Endpoint Protection: Sophos, Bit9, Safeguard, Symantec, ClamAV, iptables, tcpwrappers, AppArmor
  • Network Assessment: Nessus, OpenVAS, Core Impact, nmap, kismet, metasploit, Zenmap, ExploitDB
  • Monitoring: mon, n-able, monit, nagios, collectd, tcpdump, ethereal, wireshark
  • Public Analysis: Paterva Maltego, SearchDiggity, pipl.com, snoopstation, many custom scripts
  • Private Analysis: John the Ripper, Ophcrack, CheckRootKit, RKhunter, Exiftool
  • Web Assessment: Burpsuite, NetSparker, nikto, Rat Proxy, Skipfish, Accunetix

 

Software

  • Web: Apache 1.3.x-2.x, mod_perl, PHP, ruby, mongrel_cluster, squid, Tomcat/J2EE
  • Web Systems:, Gallery, eWiki, Twiki, SugarCRM, dotProject, dokuwiki
  • Email Systems: Qmail, GroupWise, Vpopmail, Squirrelmail, Courier IMAP, ezmlm, Sendmail, Postfix
  • Database Services: PostgreSQL, MySQL, Berkley DB, SQL Relay
  • File Services: ProFTPd, Vsftpd, NFS, samba, Novell file services
  • System Administration: OpenSSH, NFS, cron, subversion, VNC, CUPS, OpenLDAP, yum, eDirectory
  • Web Clients: Firefox, Mozilla / Netscape, Firefox, Opera, Internet Explorer, elinks, w3m, telnet
  • Graphic: Gimp, Inkscape, Bibble, ImageMagick, PaintshopPro, Photoshop, POVray, Ghostscript/PCL
  • Backup Tools: SyncSort Backup Express, amanda, LoneTar, bacula, tar, zip, bzip, gzip
  • Virtualization: VMWare, VirtualBox, Xen, Solaris Containers/Zones

 

Languages

  • Scripting: Perl, Unix Shell, Javascript, PHP, Ruby, Python, SQL, Expect, DCL, Windows Batch
  • Compiled: C, C++, Java, Scheme, Pascal, Fortran, Basic, POVray, Logo
  • Descriptive: HTML, DHTML, XHTML, XML, CSS, YAML, TEX

 

Networking Protocols

  • Standard: HTTP, FTP, SMTP, Telnet, TCP/IP, POP3, IMAP, NTP, DNS, IRC, SMB
  • Secured: HTTPS, FTPS, IPsec, SSH, IMAPS, POP3S

 

Data Sources

  • Industries: Municipalities, Banks, Credit Unions, Utilities, Medical, Development, Collections, Health Care, Trucking, Insurance, Nonprofits, Political Parties, Retail, Manufacturing, Retirement, Software, Publishing, Distributing, Utilities
  • Formats: Delimited, Mainframe extractions, IBM and AS400 spools, Word, Excel, Access, DBase, Foxpro, PDF, Postscript, PCL, XML, Raster graphics, Mailspools