MS with 18 years UNIX, 15 years networking / security, 10 years Microsoft experience specialist, software / hardware troubleshooting, and system / security analysis.

EMPLOYMENT HISTORY

1/2001-current ABBI Ontario, Toronto, Canada.

Manager. Senior System/Security Consultant.

Cisco Systems, Inc., Sun Microsystem, San Jose, USA

Solaris 2.6/2.8, Java, Perl, appcert.

Q1 Labs, Fredericton, Canada

· I helped Q1 Labs to add new security feature to their QRadar product (make resolvers of their Intrusion Prevention System). Wrote prototypes of TCP Reset, ARP Poisoning, Cisco Switch Resolvers.

· Made Vulnerability Assessment Project

· Made ITIL project. Used Knowledge - Artificial Intelligence technology designed by UNB.

· Worked with:

o Nessus 2.0.10, Nessus Transfer Protocol, NASL2, NessusWeb 1.0.1

o BRO 0.8

o VmWare 4.5, SuSE 9.0, Windows 2000/ XP / 2003, Fedora, RedHat, Solaris, AIX, HP-UX

o QRADAR 3.0 installation and configuration

o Perl 5.8.1

o libpcap, Net::Pcap, Net::PcapUtils, Net::RawIP, libnet, libnids, NetPacket::Ethernet, NetPacket::ARP, NetPacket::IP, Net::Telnet, Net::Ping, Net::Ifconfig::Wrapper

o iptables 1.2.8

o MIMIC, IOS 12.1 / 12.2 / 12.3, Catalyst 3550

o Eclipse 3.1, Java2 1.4, Apache, Tomcat, Ant, JUnit, Sun Java System Message Queue Platform Edition 3.5 SP1, jta 2.0 (Java Telnet/Ssh), Secure iNet Factory (by Jscape), Fast BugTrack, Progress, XML.

Wireless IP Video Monitoring Project.

Made RingSurf project for EZD Consulting Inc., Toronto. Used: PHP, Perl, MySQL, HTTP / HTML / SMTP modules, multithreading, Linux, FreeBSD, RedHat..

Technical Operations Manager. Sinsational Intertaiment Inc. Antigua.

· Cisco PIX, NetScaler, IIS, SQL Server, Game applications, FreeBSD SMTP, MS Exchange Server, WMI scripting, etc.

· Planned VPN and VoIP architecture (Avaya).

· Made Threat Risk, Vulnerability and Privacy Impact Assessments ( TRA / VA / PIA ),

· Ethical Hacking through encrypted (SSL) channel.

· Managed IT division.

· Planned Business Continuity, made Enterprise Resource Planning (ERP).

IT Security Analyst. McGill University, Montreal, Canada.

· Tripwire v.4 Project. Internal sale project.

· Cisco Secure PIX Firewall (Cisco 7600). Planned McGill VLAN and VoIP architecture.

· VMware Project. Security, internal sale.

· Knoppix project.

· Made Forensic, collected evidences, made network scanning for vulnerable and infected (hacked) hosts.

· Developed Perl program for Computer Statistic Reports.

· Participated in Threat Risk and Vulnerability Assessments ( TRA / VA ), Sarbanes-Oxley compliance project. Used COSO and COBIT methodologies.

· Mitigated effects of RPC DCOM based exploits.

· Retina scanner project.

· McGill Wireless Zone Project, wireless laptop connection, BlackBerry.

· Participated in McGill Anti-Spam Project.

· Solaris, Windows XP, Windows 2000, RedHat, HP-UX, AIX.

Blade System Developing Project.

Perl CGI Project.

Look Communication Wireless Services Sub-contract.

Axis Embedded Linux Project for Direct Leap Technologies, Inc. Managed outsourcing development.

Developed Web Robot - MIME Message Robot Project. Based on shell scripting.

Developed IT Security courses for Seneca and CITC colleges.

Security analysis for CIBC World Markets Inc. By client wish only standard system tools were used (they especially asked don't use any "hacker" technique). Made system review, analyzed results and prepared recommendations. For example I checked DNS, NIS+, nsswitch, samba, eeprom, network parameters (ndd), and etc. configuration. Made Threat Risk Assessment.

Performed Penetration test/analysis (IT Audit) for CIBC Inc. Used nmap, nessus, saint, tcpdump, snoop, dsniff, openssl, nc and shell scripting.

Mitigated the effects of the Nimda Virus and Prevented Further Infection for Photon Dynamics. Made special Firewall-1 configuration to prevent further infection during browsing infected site.

Provided Support for Public Anti-terror Service Project (for Ministry of Transport).

Strong Authentication Project using biometric.

Sunscreen to Firewall-1 migration + firewall hardening using yassp for RT Capital.

Returned ISP under management control from former employee control for Odyssey, London, Ontario.

Made ipchains firewall, slapd (LDAP) for IntrusionCheck.com, Toronto.

Worked with PGP e-Biz Server v 7.1 on hardened Windows 2000 platform for IntrusionCheck.com, Toronto.

Installed and configured McAfee personal firewall for different clients.

Performed different PC based UNIX's: Linux (Corel, RedHat, Slackware, Mandrake), FreeBSD and Solaris, desktop/laptop installations and configurations

4/2000-8/2001 Circadence Corp., Toronto, Canada. Security Specialist. I provided security decisions for more than 750 computers located in extremely complex network environment. For example 700 computers were Internet Backbones and we had dynamic DNS resolution depended on user location and request type. Estimated QoS project value was $15 million.

Made security analysis, data classification, architecture, design, developing and testing for QoS subprojects (mainly Web applications).

Created Application Firewall Project for Conductor QoS - ultimate client protection against malicious hacker's attacks. Initiator, designer and architect

Performed SSL analysis for QoS. Investigated features of SSL protocol and possibility to use it in our services. Wrote report about using cryptography hardware. Found explanation why suggested previously SSL implementation would not work properly with a corporate firewalls and made working decision quickly and under pressure. Created special type of root and web certificates configured necessary tools and made test examples using Apache, mode_ssl, OpenSSL. Implemented RSA BSAFE (PKI) software.

Debugged and changed "black hat" tools. Developed penetration tools and "ethical exploits" using shell scripting, Perl, C and assembler. Did "ethical hacking" using nemesis, saint, nessus, tcpdump, ethereal, dig, whisker, nc (netcat), etc. against UNIX and Windows NT/2000 applications. Wrote Linux, Windows and HP-UX shellcodes. My automatic auditing tool found in two week more bugs than whole QA division in half year and I even got best employee award. This tool was based on buffer overflow and malfunction requests used HTML, SSL, WebDAV and other protocols. Another penetration tests were based on vulnerability identification and exploitation - I crushed whole system sending only one manually crafted packet.

Performed hardening analysis and created hardening procedure for Gateway Conductor Product (Circadence QoS) based on HP-UX 11; nmap and saint cannot recognize OS type of my hardened site (see result http://www.abbiontario.com/hardened.html). Used tools like tripwire, ssh, tcp-wrapper.

Designed and implemented Intrusion Detection System on UNIX and Windows NT platforms.

Performed Risk analysis and designed security for Gateway Conductor Project (Circadence QoS), made Threat Risk Assessment as far as Vulnerability Assesment.

Developed C/C++ license library.

Created RedHat (with new kernels), Windows NT/2000 and Solaris 8 Intel Platform Edition desktop/laptop installations and configurations.

Wrote security policies. Did special ssh debugging for trusted HP-UX. Did hacker's techniques investigation. Did penetration tests. Created exploit's library. Did project design: wrote working plan proposals, concept papers, and functional specifications. Participated in network management project using HP OpenView

3/98-4/2000 Manulife Financial, Toronto, Canada. Senior Technical Specialist/Internet based services, Security, Sun/AIX Administrator. Supported more than 40 middleware computers and provided Internet support for Manulife users (more than 10000) on UNIX and Windows platforms.

I was Manulfe Firewall administrator.

I was actively involved with Change Management Team, Problem Management Team (Manulife Computer Incident Response Team - CIRT) and IT Service Management (ITSM) of the company, supported Manulife ITIL design (based on Remedy Action Request System).

Responsible for a Firewall/CiscoSecure upgrade project, system/security analysis and isolated problem area, data classification, capacity planning, design, implementation (including hardware assembling and software installation/ configuration/ tuning). Summary value of the project was half million.

Made Threat Risk, Vulnerability and Privacy Impact Assessments ( TRA / VA / PIA ).

Installed and configured Axent Intrusion Detection System.

Ensured "5 nine's availability" of Manulife e-commerce (in a long chain: DNSes – firewalls – load balancer – websites - Web Sphere Environment - AIX based DB2 - MQ Series – mainframe - Remedy) including Support, Business Continuity and Disaster Recovery Planning.

Performed System analysis, Solaris 2.6/7/8 Sparc Platform Edition / AIX / Corel Linux / Windows NT and Solaris 8 Intel Platform Edition server/desktop/laptop installations and configurations.

I managed Manulife firewalls and remote network access. Supported e-commerce projects. Resolved Internet mail problems (like mail avalanche problem, sendmail configuration problems, sendmail errors, spam and relay problems); OS system problems (like /var system overfull problem when visible files eat only 2% of partition space); firewall problems (like proxy creating, monitoring security); supported web applications, load dispatching, database and financial applications; supported both internal and external DNS and resolved name resolution problems; worked with external and internal users, did Internet Steady State Supported Manulife internal and external users (more than 10000) using Action Request System and by phone; supported CiscoSecure and access reports, Sybase, Oracle, resolved CiscoSecure problems; supported disaster recovery. Did System Support for developing group. Made password management and systems logging. Made iPlanet Messaging Server (LDAP) and Gauntlet VPN implementations. Supported Sun and AIX and managed product lifecycle. Took part in High Availability and Disaster Recovery project based on Sun SPARCCluster HA, HP cluster solution and in High Performance E-Commerce Computing based on HACMP, Oracle clustering. Made sure that e-commerce (including Java) used secure designs. Implemented RAID-1 and RAID-5 Sun solution for firewall upgrading project. Participated in Tivoli project. Developed related scripts. Supported CTI, IVR, VoIP.

8/96-12/97 Bay Network (now Nortel), Tel-Aviv, Israel. UNIX System Administrator (AIX/Sun/HP-UX). Supported big (more than 80 computers) multiplatform net with different hardware and software, applications and network equipment, Internet protocols and services.

Designed and created big multiplatform net.

Made System analysis, SunOS/Solaris/AIX/HP-UX installations and configurations.

Made sale support.

Performed different kind of UNIX (Sun OS, Solaris, AIX, HP-UX, neoware) and different OS levels installations and configurations for checking Bay hardware (like probes, switch, routers) with all kinds of platforms, OS and Network Management Systems (HP OpenView, SNM, Optivity Analysis, TrafficMan 2, NetView). Supported disaster recovery. Made extensive shell programming, OS and net services troubleshooting, system support for Informix and developing groups. Implemented a platform independent storage system (Enterprise Storage Management Solutions). Supported Firewall-1 (Checkpoint) and Netscape project. Developed Java/C/Shell tools. Resolved Java applications security issues. Supported EMC storage and Sun SPARCCluster HA. Worked with PeopleSoft Human Resources Management. Supported MS Exchange Server.

8/94-7/96 Open University of Israel, Tel-Aviv, Israel. UNIX System and Network Administrator.

Created WWW server and Home Page for Open University of Israel. Created the first version of the www.openu.ac.il.

Performed System analysis, FreeBSD/Sun OS/Solaris/Linux and Windows NT installations, and configurations for university network services.

Designed and created PPP based World WAN (more than 100 computers in USA, Israel and Europe) with improved security, integrated with Progress for Indigo Ltd., Israel.

I was the UNIX (Sun/AIX)/Windows System and Network Administrator, WEB Developer, LAN and Internet Consultant. Developed Perl/C/shell system programs. Created and care of LANs with different computers and network equipment (Cisco). Supported sendmail, NFS, Secure NFS, samba, tcp-wrapper, logwatch, sudo, ssh, tripwire, TIS firewall toolkit, etc. Made Data Classification. Did system support for several subcontractors. Worked with Sun, Windows NT, AIX and Novell. Made presales support.

11/93-6/94 Adanet Systems Ltd., Glil-Yam, Israel. UNIX (SCO/AIX) System / Network Administrator and Application Programmer.

Ported, Developed and Built System of 1,350,000 lines of SuperNet (network management system) source for Adanet System Ltd., Israel. Based on SCO UNIX and embedded Unix LynxOS.

Performed System analysis, SCO Unix, AIX, LynxOS installations and configurations.

Developed OS level Inter-Process Communications including Socket Programming.

Did release engineering.

Made sale support.

Supported SCO, Windows, AIX, Novell, AS/400.

8/92-10/93 Orbotech, Nes-Ziona, Israel. Software Engineer.

Participated in porting several million lines of from DOMAIN (HP-400) to HP-UX (HP-700), Sun SPARC and AS/400 in distributed UNIX environment for data based graphic application (PBC CAD/CAM) for Orbotech Ltd., Israel.

Developed C/C++/shell programs. Did debugging and porting. Made system design and support. Developed Inter-Process Communications and application subroutines.

1984-1991 Sevrybpoisk. Murmansk, USSR.

Chief Programmer, Project Manager, System Administrator, System Programmer, Data Base Administrator.

Created, taught, managed first UNIX group (20 programmers) in North USSR region.

Developed licensing technology based on floppy that cannot be copied.

Created SCO XENIX based anti-virus tool.

Made Ingres - AutoCAD based navigation system for trawlers.

Developed system to process data of ocean monitoring from airplane on RT-11.

Developed science ship devices control application on RT-11.

Designed and developed user interface for linear modeling packet in business application.

Designed LISP based forecasting expert system.

Made System analysis, SCO XENIX and Ultrix installations and configurations.

Developed Pl/1 programs and made system support for IBM-370.

Worked with C and UNIX on IBM PC/AT 386/286 and VAX, Assembler and FORTRAN on RT-11. SCO, Ultrix, PL/1, C, Ingres, LISP, AutoCAD, Auto lisp.

SUMMARY

I took part in computer incidents identification and classification process using tools like Firewall, IDS, ARS, Network Environment, Authorization Tools, etc. As a CIRT member I took part in evidences collecting, incident analysis and handling, disaster recovery. Mitigated DDoS attacks and virus/worm outbreaks. I did forensic analysis and took part in post-incident performance review. Made tests, planning, policy, wrote documentation, taught other CIRT members, and built whole security systems.

Internet and Intranet services: LDAP (iPlanet, slapd), PKI, VPN, NIS, NIS+, DNS, NFS, sendmail, QoS, CERN httpd, Domino, IIS, Netscape Enterprise, Apache, mod_ssl, OpenSSL, Web Sphere, Lotus Notes, ITIL (based on Remedy) , MQSeries, SQL, Sybase, DB2, Ingres, Informix, Oracle, etc.

IT Auditor, Computer/Internet Security Consultant. Made Penetration Tests, security analysis of protocols, software, and network structures. Identified security gaps. Initiated, designed and managed security projects. Made Network Packet Construction. Prepared Risk Assessment / Security Management Policies / Document / Guidelines / Architecture. Investigated hacking problem ("know your enemy", learned hacker techniques/tools, web resources of awareness, etc.). Worked on authentication and authorization. Developed cryptography policy. Made OS hardening (UNIX and Windows) / security design / installation / configuration / support - all of these - for firewall / Intrusion Detection Systems (IDS) / content firewalling / CA / ssl architecture / three-tiered architecture/ etc.

Security Tools: QRadar, Cisco IOS, MIMIC, Cisco PIX, Gauntlet, Firewall-1 (Checkpoint), ipchains, Axent, ISS, BRO, Snort, NFR, Dragon, CiscoSecure Access Control, nmap, saint (satan), nessus, Nessus Transfer Protocol, NASL2, NessusWeb, tcpdump, snoop, nemesis, ethereal, dig, dsniff, ssh, openssl, tcp-wrapper, yassp, whisker, tripwire, PGP v 7.1, RSA BSAFE (PKI - public key infrastructure), Retina, etc.

Have management/university/mentor experience. Excel, Word, PowerPoint. Made recruiting, business planning, training. Managed projects, work plans, client relationships. Developed proposals.

Have 18 years C and scripting (sh, csh, ksh, tcsh, bash, Windows scripting, WMI scripting), 18 years awk/sed/other Unix utilities, 3 years C++ and Java, Eclipse, 9 years Perl, 18 years Fortran, 12 years PL/1, 12 years JCL, 7 years Assembler, 4 years LISP, 4 years BASIC, 5 years HTML/HTTP, 1 year FRL experience, etc. Developed financial, business, production, network, security, database, graphic applications and expert system. Wrote user interfaces, device drivers. Made kernel level programming. Designed and created PPP based World WAN with improved security. Made computer models of semiconductor devices and computer chips. Wrote license library.

Various UNIX and Performance Management Tools.

Solaris, AIX, HP-UX, Red Hat, SuSe, Knoppix, Corel Linux, Slackware, Mandrake, Interactive, SCO, Windows NT/2000, IPSO, FreeBSD, LynxOS, neoware, VmWare, mainframe, Catalyst.

Various Network Management Systems (HP OpenView, SNM, Optivity Analysis, TrafficMan 2, NetView, Tivoli).

DiskSuite (RAID management software), Veritas.

Sun, HP-700/9000, IBM RISC System/6000, Nokia, IBM PC.

See my certificates (www.abbiontario.com/Certificates.html).

EDUCATION

MOSCOW INSTITUTE of ELECTRONIC TECHNIQUES. USSR. Degree: MS in Computer Science. Thesis: "Software and hardware for CMDS Chips in Programmable Scientific Calculator".

Developed teaching routines, using artificial intelligence (frame technique) on PL/1.

Developed a GaAs device model.

PROFESSIONAL TRAINING

Business Training, JVS, Toronto, Canada.

June 2000 12^th Annual FIRST Conference on Computer Security Incident Handling, Chicago, USA

February 2000 Sun Systems Fault Analysis Workshop (ST-350), Sun Educational Services, Toronto, Canada.

January 2000 Administering Security for Solaris (SC-300), Sun Educational Services, Toronto, Canada.

August 99 Enterprise Java Beans Implementation (Visual Age + Web Sphere Environment) IBM Team, Toronto, Canada.

March 99 Solaris System Performance Management (SA-400), Sun Educational Services, Toronto, Canada.

99 Project Management. Manulife Financial, Toronto, Canada.

Nov.98 Web Sphere Workshop, IBM Web Sphere Developing Team, Toronto, Canada.

Oct.98 DB2 UDB EEE for UNIX Administration Workshop, IBM Education and Training, Toronto, Canada

Sep.98 A Technical Introduction to MQSeries, IBM Education and Training, Toronto, Canada

Apr.98 Gauntlet Administration, NAI, Toronto, Canada.

Dec.96 JAVA Programming, InterBit, Authorized Sun Service Training Center, Tel-Aviv, Israel.

Oct.94 UNIX Network Management TCP/IP. "Hi-Tek", Digital, Herzlia, Israel.

Dec.93 SUPERNET - Network System for IBM Mainframe, UNIX, DOS. "Harris Adacom Ltd.", Glil-Yam, Israel.

Nov.92 UNIX Networks. "Orbotech", Nes-Ziona, Israel.

Oct.87-Nov.87 Artificial Intelligence Course (FRL and LISP). Moscow Institute of Physics and Techniques, USSR.