Posts Tagged ‘oisf’

Available for contract work

Monday, January 5th, 2009

This year there will be a lot of work that needs to be done for the Open Infosec Foundation. And like I wrote a few days ago, a lot of work is already being done. However, most of it is unpaid at this time as it will be some months before our funding comes in. So at least until then I’m available and looking for contract work.

For the last two years I’ve been doing work as a contractor in the (open source) security field. My experience is mostly in coding in C and Perl, primarily on Snort and Snort_inline. Recently I created the (Perl language) SidReporter program for Emerging Threats. Areas I worked in: IPv6 IDS/IPS coding, signature writing, Web Application Firewalls, threading, bandwidth accounting, and more…

Checkout my LinkedIn profile for more info. My resume is available on request.

If you have some work or know someone that does, please let me know!

Tags: , , , , , , ,
Posted in IPS, IPv6, Personal, SidReporter, Snort, Snort_inline, ids, oisf | 1 Comment »

Looking forward to 2009: Open Infosec Foundation

Monday, December 29th, 2008

The year 2008 was an exciting year to me. The biggest thing going on the infosec side was the formation of the Open Infosec Foundation. We’ve been working on it behind the scenes for more than a year now, and it’s cool that we’ve finally announced our plans. Of course, the work is just getting started. Next year, we expect to finalize our foundation setup. We’re working with the Software Freedom Law Center for setting up the foundation charter and consortium rules. While the US government is funding us initially, we hope the consortium will guarantee our long term funding. We are talking to some interesting companies already, both big and small.

The last year I’ve been working on a prototype of the engine we’re building as well. It’s private for now as the foundation licensing terms & conditions haven’t been determined yet. I’m writing it mostly to learn. While I’ve been working as a developer on the Snort_inline project for a number of years already and as a contractor on several Snort related projects, I never learned so much about IDS/IPS technology as I’m doing now. The prototype may or may not be used (partly) for the engine once we got our feature list complete. We’ll see about that when the time is there. I plan to blog more about this codebase in the new year.

In 2008 we had our first brainstorming session, and to us it was very successful. In 2009 we’re hoping to do a few more. Stay tuned for the dates and places. I hope we can continue our feature discussions in the new year and give the foundation further shape. And don’t forget to suggest us a name for the engine… “OISF engine” just doesn’t sound cool enough! ;-)

Tags: , ,
Posted in IPS, ids, oisf | 1 Comment »

DeepSec

Sunday, November 30th, 2008

Last month I attended the DeepSec conference in Vienna. I enjoyed it a great deal. It was good to be back in Vienna. Had a few good meetings with my friend Adi with who I work on the Vuurmuur project.

I assisted Matt Jonkman in his Snort Signature writing class. We had a nice group of people and using the Emerging Threats SandNet we could deal with pretty interesting samples to write signatures for. Even though my expertise is more on the code level of Snort I felt I could still contribute something to the sessions.

On the last day Matt and I did the first Open Infosec Foundation brainstorm session. I think it was very useful and the crowd was very responsive. After this encouraging experience we are planning to attend more conferences to do similar sessions. Suggestions about which conferences would be interesting (and why) are very welcome!

Tags: , ,
Posted in oisf | No Comments »

First OISF brainstorming session on Deepsec

Thursday, October 23rd, 2008

Next November I will be attending Deepsec in Vienna. Matt Jonkman is giving a workshop there and I will be helping/assisting him with it, it’s called ‘Protocol Analysis for Writing Snort Signatures’. If you’re interested, sign up for it! While we are there we will also host the first brainstorming session for OISF. The idea is to get together with everyone thats interested and talk about how our next generation IDS/IPS should look like. But it’s not just about the technology, we also seek input about how to organize the project, about licensing, etc. So if you’re at Deepsec and got some time to spare, be sure to join us in the brainstorming session!

Tags: , ,
Posted in oisf | No Comments »

Open Infosec Foundation founded!

Saturday, October 18th, 2008

Last week Matt Jonkman announced the formation of the Open Infosec Foundation. This foundation has been grant funded to create a new open source IDS/IPS engine. Together with Will Metcalf and of course Matt himself, I will be working on this. We want this to be a real community effort where there is a role for everyone in the infosec community. Developers, admins, vendors, goverments, research, education, everyone. There is a lot of work ahead, but that should be great fun and very inspiring. So far things are interesting already. The discussion mailinglist is growing rapidly with many ppl from the community and industry. A #oisf IRC channel was created today on freenode. Join us there to participate in discussion about this project!

Tags: , ,
Posted in IPS, ids, oisf | No Comments »