Lance is a former officer in the Army's Rapid Deployment Force, and the author of numerous Whitepapers on computer security.
In his own words: "I'm a geek who constantly plays with computers, especially network security. I love security because it is a constantly changing environment, your job is to do battle with the bad guys."
Your whitepapers have been a great success. When are you going to release something new? You mentioned getting back to "research mode" for a while.
I'll be releasing something new when I learn something new. I like to share information as I learn it. This tends to happen in spurts. I learned a great deal this summer when the honeypots were compromised by the script kiddie community. Not only did I learn about the tools and tactics of the black-hat community, but I learned a great deal on how to monitor them, such as passive fingerprinting or network traffic analysis. I wrote several papers to share this knowledge.
I and several others are now rebuilding our research, so we can learn more about the more sophisticated black-hats. Once we learn more from that research, we will be sharing our lessons learned once again with the security community.
I always like to be doing research, it keeps me on my toes :)
In your articles you write about Solaris, Linux, etc., but what is the operating system you prefer and why?
Depends on what I am doing, but I feel the most comfortable with both Linux and Solaris. Both have their uses. I like linux for use with my laptop, it also makes a great platform for auditing networks and systems. I find Solaris to be more robust for server use, such as firewalls or application systems.
Which Security Tools you prefer? You mentioned Nessus a couple of times...
I would have to say my three favorite tools are:
All three tools allow you to see what is happening at the network level. They are highly customizable, and the authors of all three tools are extremely helpful. Almost everything I learned from networking is based on these three tools.
Nessus is my tool of choice when I want to take a snapshot of existing vulnerabilities in an organization. It is highly customizable, and the output is simple to query and easy to read.
In your "Know Your Enemy" series you describe script kiddies. What's your opinion on the mass spreading of script kiddies and what influence do you think it will have?
Script kiddies pose a huge risk, and it is only growing. I perceive them as such a threat because:
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.