Christopher A. Mooney
abpvna@r.postjobfree.com
Chris Mooney
San Jose, CA. 95125
Objective:
I'm a software engineer who is always looking for an opportunity to
explore more fully the problem space of computer security, secure
software engineering, efficient programming, and cryptology.
Over the years my background has familiarized me with techniques to
better understanding the process of efficiency and security, secure
software engineering, and how one applies this process to real world
problems (where theory meets practice). I believe that a better
understanding of security theory can facilitate innumerable social and
technological benefits when used properly. I am also interested in
working in high load environments with an interesting solution space
for fast and efficient programming. Any chance I can get to research
or develop in these fields, especially those related to cryptography,
is both desirable and welcome.
Qualifications:
Operating Systems:
The various Windows operating systems although I prefer to use a UNIX
variant. The various MAC operating systems 7.1 to 10.x, and Cisco IOS.
I have extremely thorough concentration in UNIX flavored operating
systems: Solaris, Linux, and Free/Open BSD. I am also a Sun Solaris certified
systems administrator.
Programming and Protocols:
C and C++ although I prefer C, Sockets API, POSIX threads, casual Java,
SQL, shell scripting in csh/sh, M4, casual PHP/HTML, functional language
programming in ML, understanding of data structures and algorithms,
kernel development in both Linux and FreeBSD, Curses API,
the UDP/TCP/IP protocol, and casual knowledge of IPV6.
Tools/Utilities:
Apache, PHP, Mod Perl, Tomcat, SSH, Sendmail, Postfix, Procmail,
Qpopper, Courier IMAP, Courier POP, IPTables, LIDS, MySQL, Automake,
Autoconf, Libtool, IPFilter, PF, Satan/Saint, Tripwire, LPRng, NIS,
NFS, WuFTPD, ProFTPD, Samba, Solstice Disk Suite,
Veritas Volume Manager, DNS and BIND, Subversion, Perforce,
Projects:
- This is best described on the page. Briefly, it is a resource for
people to learn cryptology by reading and working on projects. I
am the main poster and have worked on some interesting things like a break for the basic XOR cipher.
Final Note:
I believe one of the most important characteristics of humanity is the
endless quest for knowledge. To this end please check my personal
development and education sections below for more information on my
interests and qualifications.
The skills I've learned through my experiences, education, and personal
development would be useful to any organization that has a need for
computer technology and security.
Faults:
I am never as strong in probability theory as I would like, and my brain
is incapable of spelling correctly.
Experience:
Project DoD, Inc.
http://home.dod.net/
Treasurer/Founder
06/1998
to Present
Project DoD is best described on the
. James Luedke and myself
started this collectively run 501(c)(3) nonprofit in 1998. Project DoD
501(c)(3) status was obtained in 2003. the organization is constructed
with a balanced job complex, which requires each volunteer or employee
to make use of an array of skills. Since Project DoD is organized
into sub-projects I must describe the type of work I do accordingly.
Hosting and Email Project:
For example, the web hosting and e-mail projects require above average
knowledge of Solaris, Linux, LIDS, Bind and DNS,
Apache + SSL + ModPHP + ModPerl + ModGzip, SSH, Sendmail, Postfix,
Qpopper, Courier IMAP, Courier POP, Procmail, disk quotas, TCP/IP
networking, C/C++ and shell programming for utilities and daemons,
Backups using UNIX utilities, Solstice Disk Suite, IPTables, IPFilter,
Mailman, Majordomo, and many other tools which make come and go as time
passes. The most important qualification any volunteer or employee
working on this project possesses, is an ability to act and react
dynamically to changing information and technology. Project
DoD has proven a high target for network based intrusion and requires
significant attention to network and host security.
XO Communications
http://www.xo.com/
Software Engineer
08/2006
to Present
I work for a division of XO called
.
Concentric is a high availability clustered hosting provider. One can
get a better description of both XO and Concentric on the respective
websites. Basically, the hosting platform does such a large volume of
traffic that both the commercial and open source solutions are often
too slow. I am part of the development team that allows Concentric to
manage this load. We often need to write custom solutions to web
servers, mail servers, and disk storage, and traffic management. The
following is a list of projects I have worked on. The details are slim
for obvious reasons.
Load Balancers:Hacked up PF and the FreeBSD kernel to balance traffic with layer 2
rewrites. Basically incoming traffic is routed to the best candidate
machine in the cluster.
SONY
http://www.sony.com/
UNIX
Systems Administrator
07/1999
to 07/2002
This
position required three major duties: UNIX Systems Administration:Our network was based on a System V UNIX backbone.
I set up the systems to do DNS, SMTP, NIS, NFS, DHCP, HTTP, POP3,
and IMAP as well as interoperate with the Windows side of the network
through SAMBA. The network provided a number of services that you
would expect from any infrastructure. There is a laundry-list of things
like LP printing services that had to be set up. The servers were
Solaris enterprise class machines using Veritas Disk Suite and Solstice
Disk Manager for disk redundancy. This included RAID 5 and RAID 0+1.
In this time I migrated the backup system from Legato to Veritas Netbackup
and built a onsite and offsite backup policy.
Network Administration:This network was a TCP/IP network within the corporate
infrastructure. In November 2000 I was put in charge of moving this
network to a newly connected fractional DS3 line. This included provisioning
firewalls and a site security policy. The new network was to help
the research lab be more functional and meet our Internet connectivity
needs. This took more then a basic understanding of TCP/IP networking
to complete. The network IP space required that it be subneted to
meet our needs. I also configured a Cisco 2600 class router to connect
up to a T1.
Network and Systems Security:Because the Internet is a hostile environment, and
we had an obligation to keep our work a secret, I had to maintain
our sites security. This included a policy boarder router rejecting
things like static source routed IP packets. A redundant Checkpoint
firewall running on top of a hardened Solaris operating system. A
screened subnet or DMZ so our bastion hosts could talk to the Internet.
A hardware based VPN solution so our remote employees could access
our internal infrastructure. And, in addition, each network was
equipped with a honeypot to detect intrusions.
My time at Sony was spent maintaining the complexity of each one of
these job duties. It was an amazing and educational experience
allowing me to play with such a full range of technologies it would
be hard to list them all here. I finally left Sony to pursue an
educational path that I hope will result in either a masters or Ph.D.
in cryptology. For more information see the education section below.
cyberTours
Inc.
http://www.cybertours.com/
Assistant
Internal LAN Administrator
01/1998
to 05/1999
Actively
participated in helping one of the most rapidly growing Internet Service
Providersin
Maine maintain its customer service department. Also
I was chosen as one of the top employees to take part in a
network management and administration apprenticeship program. Job duties
included configuring and maintaining three Internal NT domains and
numerous print servers, knowledge of basic TCP/IP and NETBIOS protocols,
as well as proficiency in UNIX with tools such as BIND and Sendmail. Here
is my .
Education:
University
of Southern Maine
Portland,
Me.
College Degree
09/2002
to 05/2006
Bachelor-Science Computer Science with a minor in Mathematics.
I was also the president of the University of Southern Maine chapter
of the
Association for Computing Machinery, where we work on community
building and information sharing. Furthermore, I am a recipient of the
2003/2004,
the 2004/2005
Governor's Computer Science Scholarship,
the 2005/2006,
and the 2005/2006
Governor's Computer Science Scholarship.
For more information see my
.
SANS
Institute
New
Orleans, La.
Network
Intrusion Detection
2001
I took the full network
intrusion detection class with SANS. This was a five day course consisting
of Advanced Intrusion Detection Snort Style, Intrusion Detection and Packet
Filtering - how it works, TCP/IP for Firewalls and Intrusion Detection,
IDS Signature and Analysis, and Network Traffic Analysis using TCPDump.
The Snort section was taught by Martin Roesh the author of Snort.
Sun
Microsystems
Milpitas,
Ca.
Solaris
Systems Administrator Cert
2000
I took four classes
with Sun; Fundamentals of Solaris, Solaris Systems Administration 1, Solaris
Systems Administration 2, and Shell Programming. After completion of these
courses I took, and passed, the certification exam to become a certified
Solaris systems administrator.
Thornton
Academy
Saco,
Me. 04072
High
School Diploma
1997
Additional courses in computer
programming for True basic.
Personal Development:
All Crypto-Gram Newsletters
All Current IPV6 RFC's
Index
of IPV6 RFC's
Applied Cryptography (2nd edition)
ISBN:
Artificial Intelligence: A Modern Approach
ISBN:
Beginning and Intermediate Algebra (5th edition)
ISBN:
Beyond Fear
ISBN:
Building Internet Firewalls
ISBN:
Building Wireless Community Networks
ISBN:
C: A Reference Manual (5th Edition)
ISBN:
C++ How To Program
ISBN:
C++ Plus Data Structures (2nd edition)
ISBN:
Calculus (8th Edition)
ISBN:
Cisco IOS Essentials
ISBN:
Computer Networks: A Systems Approach
ISBN:
Contemporary Linear Algebra
ISBN:
Core Java 2 Vol. 1 (5th Ed.)
ISBN:
Computer Systems (2nd edition)
ISBN:
Database Management
ISBN:
Data Structures With C++ Using STL
ISBN:
Discrete Mathematics with Applications
ISBN:
DNS and BIND (2nd edition)
ISBN:
Elements of ML Programming, ML97 (2nd ed.)
ISBN:
Essential System Administration (2nd edition)
ISBN:
Foundations of Algorithms (3rd edition)
ISBN:
Fundamentals of Precalculus
ISBN:
GNU Autoconf, Automake, and Libtool
ISBN:
Learning the vi Editor
ISBN:
Linux Kernel Development
ISBN:
Managing Mailing Lists
ISBN:
Mathematical Statistics with Applications
ISBN:
Managing NFS and NIS
ISBN:
Modern Physics for Scientists and Engineers
ISBN:
Modern Programming Languages
ISBN:
MySQL (2nd edition)
ISBN:
Operating System Concepts with Java (6th edition)
ISBN:
Physics for Scientists and Engineers (3rd edition)
ISBN:
Practical C Programming (3rd edition)
ISBN:
Practical UNIX and Internet Security (2nd edition)
ISBN:
Probability and Statistics with ...
ISBN:
Programming In C++
ISBN:
Programming With Curses
ISBN:
Programming With POSIX Threads
ISBN:
Secrets and Lies
ISBN:
Secrets of a Super Hacker
ISBN:
Structure and Interpretation of C.P.
ISBN:
TCP/IP Sockets In C
ISBN:
TCP/IP Illustrated Volume 1 (2nd edition)
ISBN:
Trigonometry: The Easy Way (2nd edition)
ISBN:
Understanding UNIX/LINUX Programming
ISBN:
Version Control with Subversion
ISBN:
abpvna@r.postjobfree.com
Christopher A. Mooney