-------------------------------------------------------------------------------- The most recent version of this document can always be found at http://www.ifokr.org/bri/resume/ This document was last updated on Sep 10, 2003. Yes, I know that was ages ago. I'm lazy. Copyright Bri Hatch, 1995-2023. See the Copyright information at the above URL. -------------------------------------------------------------------------------- Bri Hatch bri+resume@ifokr.org Seattle, WA GOAL A position where I can use and enhance my knowledge of Linux/Unix and network security to harden and test hosts and networks, prevent intrusions from within and without, minimize potential damage through advanced kernel models that limit access even by root, and eliminate all cleartext protocols from the face of the planet. EMPLOYMENT Systems and Security Engineer Onsight Inc, Seattle, WA (June 1996 - Present) Linux/Unix administration and security expert, and author of Hacking Linux Exposed and Building Linux VPNs. Host, network, and firewall security and intrusion detection; Host hardening; Advanced Linux kernel security models; Penetration testing; Post-compromise analysis and recovery; Network design and implementation; Unix, security and programming (C/C++/Perl/etc) training course development and delivery; Secure software development and web programming; Cryptography and remote-access solutions; Technical author; Conference Speaker. Adjunct Instructor Northwestern University, Evanston, IL (September 1997 - 1999) Taught C, C++, and Data Structures courses for Northwestern University - University College. Responsible for class development, weekly lectures, creating and grading programming assignments and exams. Consultant Whittman-Hart Consulting, Chicago, IL (September 1995 - June 1996) Computer Consultant specializing in Unix Administration, Internet Connectivity, Firewalls, and Network management. WWW Programming Consultant American Information Systems, Chicago, IL (January 1995 - September 1995) Installed and setup Web servers, program cgi-binaries and write HTML documents. Identified security problems and implement fixes. ACNS Consultant Academic Computing & Network Services, Evanston, IL (September 1994 - June 1995) Consulted on UNIX, Mac, Windows and Dos platforms for users and co-workers. EDUCATION BA from Northwestern University, Evanston, IL, June 1995, triple major in Mathematics, Biology, Integrated Science. COMPUTER SKILL SET Primary Administration and Security Platforms: Linux (multiple distributions - Debian, Owl, Red Hat, Slackware, etc) Solaris and SunOS, OpenBSD, FreeBSD, NetBSD, Mac OSX, Cisco IOS. Secondary Administration and Security Platforms: HP-UX, IRIX, AIX, Network Appliance OnTap, Windows 9x/NT/2K/XP, MacOS. Security Software: OpenSSL programming, Linux Firewalls (Netfilter/iptables,ipchains), Linux Intrusion Detection System (LIDS), Linux Security Module (LSM), Security Enhanced Linux (SElinux), Nessus, Snort, HogWash, OpenSSH, VPNs (IPSec, PPTP, PPP over SSH/SSL, cIPe, tinc), TCP Wrappers, Tcpdump, Ethereal, Ettercap, Dsniff, Tripwire, AIDE, SATAN/SAINT/SARA, OPIE, S/Key, Swatch, Lire, Logwatcher. Internet Software/Servers: Apache Web Server, Squid Proxy Server, Postfix, Sendmail, QMail, Exim, Procmail, DNS (DJBDNS/BIND), Mailman, PPP, IMAP, POP, Syslogd, SyslogNG. Other Unix Services/Software: MySQL, NIS, amd, automount, CVS, OpenLDAP, Samba, Amanda, NetBackup, rsync, rdist, GNU software. Programming: Perl, CGI, mod_perl, C, C++, SQL, Python, TCL/TK, Expect, shell scripting, WML, HTML, PHP, JavaScript, PostScript. TCP/IP Protocols: DNS, SMTP, HTTP, HTTPS, SSH, NFS, CIFS/SMB, SSL/TLS, DHCP/BOOTP, POP, IMAP, FTP, TFTP, PPP, SNMP. Encryption Algorithms and Systems: OpenSSL, Stunnel, PGP/GnuPG, SSL/TLS, RSA, DES, Blowfish, ROT13, ROT26. Commercial Firewalls: Cisco Pix, Gauntlet, SonicWall, Raptor. Holy-War Stances: Linux, /bin/ksh, vim, perl, mutt, GnuPG, w3m, reiserfs, GPL. OUTSIDE COMPUTING ACTIVITIES Created SSL support for Nmap version detection, available in Nmap-3.40 and later (GPL License). Maintainer of Stunnel, Universal SSL Wrapper (GPL License). Very involved in local user groups such as GSLUG (Greater Seattle Linux User Group), SEABUG (Seattle BSD User Group), SPUG (Seattle Perl User Group), and SAGE Seattle, and give talks frequently. Postmaster/Webmaster/Database/Dynamic content architect for several non-profit organizations. Conference speaker at SecureWorld, Real World Linux, etc. PUBLICATIONS Lead author of Hacking Linux Exposed, Linux Security Secrets and Solutions, Osborne/McGraw-Hill, ISBN 0072127732, Mar 2001. Lead author of Hacking Linux Exposed, 2nd edition Osborne/McGraw-Hill, ISBN 0072225645, Nov 2002. Co-Author of Building Linux Virtual Private Networks (VPNs), New Riders Publishing, ISBN 1578702666, Feb 2002. Author of weekly Linux Security: Tips, Tricks, and Hackery newsletter Ad-Hoc Security Focus Columnist. (LIDS - Linux Intrusion Detection System, Blocking Spam, Linux Firewalls/Networking). Technical editor for several unix and security-related books. Client engagement list available upon request.