Introduce yourself.

My name is Avi Rubin. I am a Computer Science Professor at Johns Hopkins University and Technical Director of the JHU Information Security Institute. I came to Hopkins this year from AT&T Labs, where I did research in computer and network security.

How did you gain interest in computer security?

Computer Security first caught my interest when I attended a talk about the Needham and Schroeder protocol by Peter Honeyman at the University of Michigan in 1991. I was a graduate student at the time, and once I saw this talk, I knew that I had found the topic for my dissertation. Honeyman became my thesis advisor, and the rest is history.

Which are your favorite security tools?

SSH is by far my favorite security tool. I use it for remote access and to tunnel all of my mail traffic. It's nice not to have to worry about the insecurity of intermediate networks or wireless networks.

What operating system(s) do you use and why?


I use OS/X on a Mac. There are several things I like about it. Previously, I had a dual boot machine running Windows and Linux. This was a real pain. The Windows side would often crash, and having to reboot in order to view Office documents was a hassle. All of the virtual machine solutions were too slow to be practical. My Mac never crashes. All of my Unix tools and my research prototypes work on it, and all of my office documents work just fine. I enjoy having an xterm running right next to a Word document. I also like the fact that when a new release of the OS comes out, things actually improve. It's basically Unix with a great GUI.

How long did it take you to co-write "Firewalls and Internet Security: Repelling the Wily Hacker 2/e"? Any major difficulties?

Steve and Bill were already working in it for quite some time when I joined the project. I've lost touch on how long it took exactly after I came on board, but it's fair to say that it was somewhere between a year and a half to two years. For me, the project was incredible. The three of us sat around a table in a bump space at AT&T and wrote together. We picked each other's brains and wordsmithed sections in real time. Ches called it study hall. I call it the best learning experience I've ever had.

If you could start working on the book all over again, would you make any major changes?

I can't even imagine working on this all over again.

In your opinion, what are the most important things an administrator has to do in order to keep a network secure?