I am an Information Security Architect at Hewlett-Packard. I've been with HP eighteen years; most of that time I have spent in the area of information security. I help customers before a security incident by evaluating their security and, after there has been a security breach. I help them in recovering their systems. I design security into solutions which salesmen are presenting to customers. Today I spend most of my time increasing security awareness and explaining security in business terms. I am the author of "Halting the Hacker: A Practical Guide to Computer Security" and "Information Security: Protecting the Global Enterprise." "Halting the Hacker" provides technical details on how systems are attacked and what to do to protect yourself from those attacks with an emphasis on HP-UX and Linux systems. "Information Security" provides a broad view of information security beyond the data center. It addresses the business issues of information security and how to build security into all aspects of an organization.
How did you gain interest in computer security?
In the early years of HP-UX, most of our customers had little or no experience with Unix systems and had many questions about proper administration and security. So, I spent a lot of time helping customers enhance their disaster recovery plans and security and administrative policies to include their new HP-UX systems, as well as assisting them in evaluating the security implementations.
I have worked with most of the divisions and organizations within HP that are involved with providing security features on HP-UX, and have provided pre-sales and post-sales support and consulting. I have worked with customers in the development of their security policies, assisted them in the evaluation of the implementation of their security procedures, and provided guidance in post-incident forensics.
How did you become a computer book author and how long did it take you to write "Halting the Hacker: A Practical Guide to Computer Security, 2/e"? What was it like?
I started writing the first edition of "Halting the Hacker" in the early nineties when the criminal hacking was a new phenomenon. At that time, it was difficult for a small-to medium-sized company to get any information from the information security industry about the threat from hacking and the processes required to secure the systems. There were some security books, but most of them were cookbooks listing specific steps to secure a system without any detail on why the steps were necessary. My goal with this book is to give administrators an understanding of what hackers do and how they think, so that they can understand why they need to take specific security steps. This new edition updates the tools and processes and goes into detail on securing HP-UX and Linux. I thought it was time to remind people that security requires more understanding than just a checklist.
What operating systems and security tools do you use?
I try to use the right tool for the job. Sometimes that tool is an out-of-the-box tool, other times it is a group of tools scripted together. I'll use "hacker tools" if they perform the function I need and I'll write it myself if I need to. I use the operating system which best supports the tools I need to use and makes my job easiest. I have a long history with Unix, so I prefer it, when I have a choice.
What are the most important things an administrator has to do in order to keep his network secure?