## BIO
Resume of Jonathan Stuart, CISSP ([login to view URL]) 406 E. Sagebrush Street Litchfield Park, AZ 85340 Home: [login to view URL] Mobile: [login to view URL] Objective: To work in a challenging, high tech environment that will allow me to utilize my current skills while learning about and keeping up to date with new and emerging technologies, particularly operating systems kernels and related low-level technologies. Operating Systems: As an administrator - Linux 1.2.3-2.x.x, Free/Net/OpenBSD, SunOS 4.x.x (sun4c, sun4m, 386i), Solaris 2.x, Solaris 7/8/9/10, BSDI/BSDOS, HP/UX, Win3.x/DOS, Win95/98/NT/2000/XP, IRIX 6.x, Digital UNIX, Tru64 UNIX, Ultrix (VAX/MIPS), 4.3 BSD UNIX As a user/auditor/programmer, in-depth knowledge of - Linux 1.2.3-2.x.x, AIX 4.3.3-5.2L, SunOS 4.1.x, Solaris 2.x, Solaris 7/8/9/10, Free/Net/OpenBSD, BSDI/BSDOS, IRIX 5.x, 6.x, HP/UX, OSF/1, Win95/98/NT, Win3.x/DOS, 4.3 BSD UNIX, VMS/OpenVMS Programming languages: C, assembly (80x86 including x64, PowerPC 601-G5 including Altivec, POWER3-5, MIPS, SPARC, VAX, Alpha, PA-RISC, m68k), C++, Java Scripting languages: /bin/*sh, expect/tcl, python, perl, Batch (.bat, .cmd) Security packages: nmap, snort, Openwall (Owl), PaX, Tripwire, COPS, SATAN, SSH, various cryptographically strong checksum algorithm implementations, Crack, TCPwrappers, and various hand/custom-written utilities and kernel patches. Most popular (free and commercial) NIDS, including RealSecure, Network Flight Recorder (now NFR), Dragon, and others. Many non-IDS sniffer/passive monitoring tools, including tcpdump, AbirNet SessionWall, and NAI SnifferPro. Experienced in writing programs using LBL's libpcap for purposes of network auditing/security and accounting. Experienced in writing programs without LBL's libpcap which directly access the packet sniffing mechanism of various Operating Systems: including Free/Net/OpenBSD (bpf), Linux (SOCK_PACKET), Solaris/SVR4 (DLPI), SunOS 4 (NIT). Experienced in writing programs using both raw sockets and libnet from Infonexus which allows the easy creation of low-level network packets. In the case of libnet, this is highly geared towards IP. In-depth knowledge of UNIX kernel and userland with regard to functionality and network security. Experienced in debugging programs and analyzing core dumps/system crashes with DTrace, truss, dbx, adb, mdb, ptrace(), ktrace, strace, ltrace, gdb, and AIX's "syscalls" and "trace". In-depth knowledge of 4.3BSD, 4.4BSD, Linux 1.x.x - 2.x.x, and Solaris [1,2,7,8,9,10] kernels. General knowledge of UNIX internals, including kernels which are monolithic, those which are microkernels or use microkernels (Mach, QNX, Minix), as well as the low-level mechanisms which applications use to interface with the kernel. Regarding the above UNIX kernel internels knowledge: Applied this knowledge in many ways by writing my own patches to various UNIX/Linux Operating Systems, including enhancements, security fixes, and hardware drivers. Commercial vulnerability scanners, including CyberCop/Ballista and ISS. Various Network Protocols Ethernet, X.25, Datakit, ATM Various Layer Protocols: TCP/IP, TCP/UDP/ICMP, IGMP, IP-IP (4), DNS(BIND 4/8/9), NAT, DHCP/BOOTP, SLIP/PPP, Firewalls/packet filters: Checkpoint Firewall-1, Cisco Packet Internet eXchange, SunScreen SPF & EFS, Gauntlet, IPFilter, IPFW, IPF, IPChains, IPTables. Routers: Cisco 2500s-Current & various releases of IOS from 9.14-Current. Miscellanious: Experienced in administering Oracle, SQL servers. Knowledge of BSD sockets API, X/Open Transport Layer Interface. Knowledge of Apache web server. Computer experience: Nov 2005-Feb 2007 Pegasus Solutions Scottsdale, AZ Software Engineer Was an engineer on the team that developed the company's flagship product, Rezview(tm). Rezview is a Central Reservation System (CRS) for the hospitality industry, particularly chains of hotels, which runs on UNIX (currently Sun Solaris). Pegasus, through Rezview, processes and handles around 46 percent of hotel bookings and reservations in the world. I was personally responsible for adding new functionality to the CRS, as well as fixing defects, some of which were core-dumps requiring somewhat low-level analysis of SPARCv9 assembly code, call stacks, and Solaris process structure (credentials, signals, file descriptors, address space).. I also repeatedly assisted the systems administration group, even being present at the office during the customer rollovers to new versions of the CRS or the Solaris operating system. During several of these occasions which would last from 10pm to 9am, I was highly instrumental in solving the issues which threatened a complete abandonment of the procedure, notably one incident that occured in the project manager was literally 5 minutes away from calling for a cancellation of the operation, in which I assumed the job of the System Administrators present and solved the problem, using some kernel and network analysis tools that I had written. Jun 2002-Sep 2005 [login to view URL] Consulting Firm and Hosting Provider Phoenix, AZ Network Security Engineer Administered, maintained, and setup new services on LOD's network. Was leader of a team that did security consulting for mid-tier clients. Wrote many custom UNIX and Linux applications which increased overall system security. Hardened Solaris, BSD, and Linux kernels for security purposes. With Linux, moved all user authentication mechanisms to the kernel via operating system calls & removed the need for any SUID or SGID binaries. Also did remote administration of clients' networks, which involved managing accounts, NFS&NIS, Oracle/SQL, DNS, NNTP, Sendmail, POP, IMAP & web servers. Lead every security audit, vulnerability assessment, and penetration test. Maintained a one-hundred percent penetration test success rate. Discovered several root-yielding, remotely exploitable, security holes in UNIX operating systems which I disclosed to the vendor as well as Bugtraq ([login to view URL]). Jul 2000-Mar 2001: Entercept Security Technologies Inc. (Formerly Clicknet Software Inc.) San Jose, CA Security Researcher/Developer UNIX Division (U.S.) Researched, found, documented, and developed exploits for various security holes and problems in Solaris 2.5.x-8. Assisted other researchers in replicating attacks and writing signatures for them. The protection mechanism involved interception of system calls. Worked with developers in Israel in order to harden and improve both low and high-level design of Clicknet's host-based IDS software product (Entercept(tm)). Was a main researcher/developer for the content side of the Solaris Entercept(tm) agent. O
## Area of Expertise
UNIX Linux C Kernel development Security Telephony Device Drivers Assembly x86 SPARC MIPS VAX Cryptography
