Date: Tue, 2 Oct 2001 18:52:30 -0700 From: "David O'Brien" <obrien@NUXI.com> To: jobs@FreeBSD.org Subject: Experienced security and specialist Seeking Work Message-ID: <20011002185230.J99930@dragon.nuxi.com>
next in thread | raw e-mail | index | archive | help
Anyone need a security specialist, toolchain specialist, or FreeBSD
generalist in the Bay Area (or via telecommuting)?
David E. O'Brien
obrien@FreeBSD.org - http://seclab.cs.ucdavis.edu/
_________________________________________________________________
SUMMARY
Mr. O'Brien is a computer engineer whose experience encompasses
operating systems development, networking, software engineering,
compiler development, microprocessor applications design, and
system administration. He is well versed and has a thorough
technical understanding of software development and programming
languages, TCP/IP and IPX/SPX communication protocols, and
microprocessor applications/computer architecture design. His
specific experience in software engineering includes design,
development and the integration of software systems dealing with
WAN/LAN inter-process communication. He has extensive system
administrative experience in maintaining heterogeneous Unix,
MS-DOS, VAX/VMS, Macintosh Ethernet LANs and various computer
equipment. He also participated in the design of the network
architecture for the Office of the Secretary of Defense's Secure
Information System-Local Area Network. Mr. O'Brien has been a
member of USENIX and SAGE since 1994.
EDUCATION
* Ph.D. (Computer Science - Security/OS and Architecture),
University of California, Davis. Ph.D. Candidate.
* M.S. (Computer Science - Hardware and Systems), The George
Washington University, Graduated with Distinction (4.0/4.0 GPA),
May 1994
* B.S. (Electrical Engineering and Computer Engineering),
Virginia Polytechnic Institute & State University, 1990
* Virginia registered EIT (Engineer-In-Training).
* Special Seminar in Fiber Optic Network Design and Implementation
offered by Codenoll Technology Corporation, 1990.
* Passed Dr. Kirk McKusick's "Unix Kernel Internals: Data
Structures and Algorithms" course with distinction.
EXPERIENCE
OS Developer - Wind River Systems , May 2001 (WRS bought BSDi's
assets) - present.
* Continued with same responsibilities as at BSDi.
OS Developer - Berkeley Software Design, Inc. (BSDi) , April 2000 -
May 2001 (BSDi's assets bought by Wind River Systems).
* Adapted FSF/GCC to FreeBSD's needs on the PowerPC, UltraSparc,
StrongARM, Intel IA-64, and AMD x86-64platforms.
* Developed cross-compilers for FreeBSD/i386 targeting PowerPC,
UltraSparc, StrongARM, and Intel IA-64.
* Developed Binutils (assembler, linker, binary form library) 2.10
and 2.11's FreeBSD support. Adapted Binutils for FreeBSD on the
PowerPC, UltraSparc, AMD x86-64, and Intel IA-64 platforms.
* Produced and QA'ed the FreeBSD 4.1, 4.1.1, 4.2, and 4.3 DEC
Alpha/AXP releases. Included dealing with DEC Alpha CDROM booting
issues, and merging code from the development branch into the
release branch for these releases.
* Responsible for building the XFree86 X11 software for
FreeBSD/Alpha releases.
* Responsible for building DEC Alpha/AXP snapshot releases and
ensuring buildability on the DEC Alpha (vs. the x386 platform).
* Fixed serial console setup on the DEC Alpha platform.
* Built a DEC Alpha Package Build cluster.
* Responsible for general DEC Alpha/AXP issues.
* Maintains compatibility library collection.
* Continued with my other FreeBSD development responsibilities.
OS Developer - The FreeBSD project , Nov 1995 - present. Member of
the world wide FreeBSD and OpenBSD projects which continues the
development of 4.4BSD Unix. One of 150 developers with code commit
privileges.
* Lead Software Engineer for several subsystems in the base OS
(duties include porting and maintenance):
+ GCC C / C++ / FORTRAN compilers on both the i386 and DEC
Alpha platforms (includes code commit privileges in the
official FSF/GCC source code repository)
+ Binutils (assembler & linker) tools (includes source code
commit privileges within the official FSF/Binutils CVS
repository)
+ YACC / Bison and Lex compiler tools
+ Amd automount daemon
+ DHCP network client
+ Tcsh shell (with commit privileges in the official
repository)
* Ported and maintain over 130 user-land packages to 4.4BSD.
Examples are the Vim editor, EGCS and PGCC Pentium optimizing
compilers, Mutt e-mailer, DHCP software, LSOF, nmap, and many
security-related packages. Also reviewed code submissions from
non-committers.
* Contributed to installation utilities.
Research Assistant and Ph.D. Candidate - Computer Security Lab, CS
department, UC Davis., April 1996 - March 2000.
* Researched Internet bandwidth measurement.
* Wrote a kernel auditing system for FreeBSD. (in-progress)
* Co-System Architect for a correlating IDS (Intrusion Detection
System)
* Performed vulnerabilities analysis and populated a vulnerabilities
database, sysadmin for secure isolated test network. (under the
auspices of Dr. Matt Bishop)
* Member of the GrIDS (Graphical Intrusion Detection System)
development team
* Administered the heterogeneous security research network
consisting of Sun Solaris, FreeBSD, Ultrix, HP-UX, and
Microsoft-NT servers and workstations.
Hewlett-Packard, Cupertino, CA., June 1997 to September 1997.
Engineering SEED (summer intern), Cupertino Open Systems Lab, Open
Systems Software Division.
* Researched potential security vulnerabilities in the HP-UX
Operating System. Also designed processes and tools to automate
the process. Administered several security group test machines.
* Studied HP-UX version 10.10 internals.
Assistant Professorial Lecturer in Engineering. George Washington
University - School of Engineering and Applied Science, Washington
D.C., Jan. 1995 - May 1995.
* Taught graduate Advanced Programming Languages course in Computer
Science (CSci 258)
Integration & Software Engineer. Computer Associates (Legent
Corporation), Herndon, VA., Oct. 1994 to August 1995.
* Designed an Asset & Operational Management product. This system
runs in a heterogeneous, distributed client-server environment
utilizing RPC's and DCE. The system is implemented in the C++
language. Servers included Sun Solaris, Microsoft NT Server, HP/UX
and IBM-AIX operating systems. Clients included Sun Solaris,
Microsoft NT Workstation, MS-Windows 95, and other Unix
workstations.
* Administered the corporate Internet email hub and primary DNS
server. Provided guidance and advice for Internet/SMTP email and
DNS configuration and problems to the divisions within Legent.
Member of the Legent firewall architecture group. Administered the
corporate USENET news server.
* Administered a heterogeneous Ethernet network consisting of Sun
SPARC, HP 9000/700, Microsoft NT-Server and Workstation,
MS-Windows for Workgroups, and Macintosh systems. Other hardware
includes HP network laser printers, 10Base-T hubs, and
X-Terminals. Protocols included TCP/IP, NetBEUI, and IPX/SPX.
Member of the Professional Staff, Software Engineering Division,
Software Development Group. Systems Research and Applications
Corporation, Arlington, VA., Oct. 1990 to September 1994.
* Lead system administrator for a 23-hours/day on-line
operations/data center. On call 24-hours/day.
* Administered a heterogeneous TCP/IP network consisting of various
Sun 3, 386i, and Sparc workstations and personal computers running
Sun's Network Information Service (NIS), Domain Naming System
(DNS), and BOOTP protocol. Duties include network topology design
and network configuration (coax and 10Base-T), router/bridge
administration (Telebit dail-up NetBlazers and 3Com), Internet
gateway configuration, SLIP and PPP protocols, SMTP and cc:Mail
e-mail configuration, USENET news administration, operating system
installations and customizations, value added software
installation and customization, adding new users, backups and
other typical maintenance of a Sun network. Other support
comprised of assisting System Analysts on other platforms, i.e.,
IBM PC's, Macs, and Vax microcomputers communicating with the Sun
TCP/IP and NFS network. Additional duties included SNMP
management, troubleshooting network and software problems,
installing hard disks, modems, printers and memory.
* System Integrator for the Picture Network International (PNI)
development effort, and Image operations center. Duties included
responsibility for hardware sizing, ordering, integrating, and
configuring all hardware. Hardware involved included Sun network
servers, disk subsystems, network routers and hubs, and
telecommunication equipment.
* Programmed several COG (Continuity of Government) systems.
* Ported a major cost benefit analysis system and its database from
a VAX/VMS environment to a Sun Sparc UNIX environment. This system
is written in Vax Fortran with data conversion utility programs in
C. Issues dealt with include, floating-point formats and
Little-Endian vs. Big-Endian issues. Designed and implemented a
layered ISAM file manager in C with a Fortran calling interface
using GNU's GDBM to simulate the VAX/VMS RMS record manager.
* Designed and developed FEMA's ccAMPS -- a multi-process JANAP-128
protocol to ccMail gateway. This gateway allows the popular ccMail
package to be used as the user interface for a JANAP based
messaging system. The C++ language is used for this system. The
resulting gateway is a Microsoft Windows application. Other
development software utilized are Borland's OWL windowing C++
class library, Borland's C++ class library, and cc:Mail-Lotus VIM
Developer's Toolkit. Other duties included configuration task
lead, Novell Netware file server administrator, cc:Mail
administrator, and PVCS administrator/configuration manager.
* Maintained installations of OptiMIS, SRA's optical storage and
retrieval system. Responsibilities included initial installations
and trouble shooting.
* Modified and maintained the Information Management System (IMC), a
combined message system (MHS) and suspense-tracking system
(DC/STS) implemented on Unix workstations using Oracle RDBMS for
the Office of the Secretary of Defence. The software, which was
written in C, uses a client-server architecture running
TCP/IP-based sockets over a large Ethernet LAN. Also worked on
porting the user agents of this system from a Sun 386i to a Sun
SPARC.
* Developed, modified and integrated software programs for FEMA's
Team Management and Rostering Systems (TMARS). TMARS is a
management information system that operates on a LAN/WAN in
server/client mode. The TMARS system has sites connected from
across the Continental U.S. Development software utilized includes
the Novell C Interface API.
* Specific responsibilities and experience with TMARS included
design, development and the integration of modules dealing with
WAN/LAN inter-process communication to insure the integrity of the
TMARS data base and critical error recovery in the event of a loss
in WAN/LAN connectivity. Researched and implemented memory
management techniques under MS-DOS. Also, served as the primary
base line/CM (configuration management) person for the TMARS
system.
* LAN administrator for part of SRA's three building Novell LAN with
18 servers and over 850 workstations. Responsibilities include
hardware and software configuration.
* Administrator for a company wide networked Version
Control/Configuration Management system, Polytron Version Control
System (PVCS). This system is distributed over 9 separate servers
(MS-DOS, OS/2, and Unix) and serves multiple projects.
Engineer, Contel Federal Systems, Government Systems Group. Chantilly
VA., May 1990 - Oct 1990.
* Worked on the initial design of a Motorola 68020 microprocessor
based ISDN sub-system for a NSA communications system (MAGISTRAND
Project). Performed timing analysis on instruction sets and data
paths.
* Designed engineering installation plans for a fiber optic LAN
system for the Office of the Secretary of Defence under the Office
Automation Secure Information System (OASIS) contract. This LAN
system utilizes Codenoll fiber optic repeaters and passive star
hubs to interconnect Sun/Unix workstations, with SRA's optical
storage technology.
PUBLICATIONS
* "Recognizing and Recovering from Rootkit Attacks", Sys Admin, Vol.
5, No. 11 (Nov 1996).
AFFILIATIONS
* USENIX and SAGE
TECHNICAL SKILLS SUMMARY
* LANGUAGES: C, C++, Make, Bourne shell, Lex, YACC, AWK, VHDL,
Eiffel, Ada, various Assembly languages, SNOBOL4, Netware C
Interface.
* OPERATING SYSTEMS: FreeBSD and OpenBSD developer with
code committing rights, Unix (BSD & SysV / Solaris /
HP-UX), Microsoft NT (server and workstation), Novell 386
Netware, Macintosh.
* SOFTWARE: TCP/IP Networking including routing, SLIP and PPP,
DNS, Sendmail, X Windows, Make, Lex, YACC, RCS / CVS / PVCS
(configuration management/version control), HP OpenView SNMP
manager, Novell 386 Netware, various IBM-PC TCP/IP
implementations, MacPPP/TCP, RTLink Plus, various ISAM's, Synopsis
HDL tools.
* HARDWARE: IBM PC / Intel 80x86 (IA-32), Sun Sparc,
DEC Alpha, HP PA-RISC workstations and servers, and
Motorola 680x0 based microprocessor systems, Macintosh;
Twisted-pair, Coax, and Fiber Optic LAN components; Telebit
NetBlazer and 3Com routers; asynchronous modems.
PREVIOUS SECURITY CLEARANCES
Top Secret / SBI / SAP (June 1991 - September 1994)
_________________________________________________________________
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-jobs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011002185230.J99930>