George Jones' Curriculum Vitae

• This is stuff about me, some of which you could find via Google.
• Google could not give you the sequencing, choice of references, perspective and added personal details, at least until I post this.
• I've had fun doing a lot of this stuff and have had the chance to work with some awesome people. I hope you have fun reading this.

Contributing to the success of the organization(s) that I work for as a member of a strong technically focused team with emphasis on security, networking, systems operations and/or tools development.

Here is a sampling of some of the things I've done at CERT.

Training development and delivery

Developed and delivered a tutorial on "Network Profiling with SiLK" [JW12] for FloCon. Developed targeted exercises and delivered a week-long training on "Introduction to SiLK & Advanced SiLK Training" to multiple SOC staff. See [Ban13]. Developed and delivered a class on "Introduction to Event Analysis". Conducted numerous informal "technical mentoring sessions" with SOC analysts.

Evaluation of Security Analysis Tools and Data

Performed several evaluations per [Shi11] and [Shi12] and helped evolve the evaluation methodology.

Network Security Analysis

Including Anomaly Detection [SJ13], Whitelisting [JS13] and Beacon Detection [AA13].

Data Capture

Organized and executed data collection at several capture the flag events [JC12]

Research

Currently co-PI on a funded research effort into the application of temporal and abductive logic to distributed queries of large scale, diverse security-relevant data sources [SJK13]

Conference Organization

Co-Chair (2013) and general chair (2014) of http://flocon.org

Code

Development of various small tools as needed. Mostly in python and bash.

MicroEmacs

I ported MicroEmacs to the Amiga from the freeware versions provided with the DOS version of Mark Williams C compiler (that's right, on floppies) and posted to comp.sources.{amiga,unix}?. Daniel Lawrence ran with it resulting in MicroGnuEmacs, later renamed mg due to complaints form Richard Stallman. I'm told Linux Torvalds uses one of the variants.

CompuServe Internet Services

In one way or another, I instigated most of the earliest of of CompuServe's Internet offerings [Eng96a]. This was in the days before most people had direct Internet access, not even dial-up: "America Off-Line". But many had CompuServe dial-up connections. I put Karl Kleinpaste and Sam Neely up to implementing what became the CompuServe Internet mail gateway [Eng92], initially over a single Telebit 19.2k modem. I had a minute amount of code in the first release. Karl then went on to implement a USENET gateway [Eng96b]. I then implemented an outbound Telnet gateway and an FTP File Browser that worked through CompuServe's WinCIM interface. After that I implemented a fully functional WinCIM-based web browser along with Greg Leach. The marketing people choose not to release it. They weren't sure, in 2004 or so, if this web thing was going to catch on (!). You can lead a horse to water…

The Router Audit Tool

I wrote a tool for assessing router configurations, originally called NCAT, but Allan Paller didn't like the name so we changed it to the Router Audit Tool [Jon02a]. I ran the project, including the benchmark consensus, for a number of years for the Center for Internet Security who I think still maintain a version [Jon12a]. John Stewart, Neal Ziring and Josh Wright all have substantial bits of code in RAT, and I have to admit I got the original idea from a similar tool that Eric Brandwine wrote at UUNET but never released.

The Security Onion

In the minor-but-you-may-have-touched-it category, the .torrent file for Security Onion is hosted on my http://port111.com domain. I learned to create .torrent files to help out Doug Burks as he was preparing the 12.04 release of Security Onion. The SourceForge download link was getting slammed, even before official release. That's what BiTTorrent was created for, well…

A VAX/VMS Bulletin Board System in FORTRAN

I wrote a bulletin-board system in FORTRAN for the Advanced Design Methods Lab (ADML) of the Mechanical Engineering department at The Ohio State University while working as a student for the campus computing organization (IRCC). You can do recursion in FORTRAN if you manage variables yourself in the common block.

The CompuServe BASIC and FORTRAN Runtime Libraries

Yes we (well, Steve Wilhite, creator of GIF and WinCIM) wrote our own compilers and runtime libraries. I did some work on nested signal handling. The 36-bit Ada compiler never quite happened. WinCIM and GIF happened instead.

The CompuServe PSAP Library

Think inetd(8) with weird protocols. I originally wrote this on BSD (thank you Richard Stevens for APUE ) then ported to Windows NT 3.51 (!). This was a major piece of glue in one of a series efforts to migrate CompuServe off the DECsystem-10 platform. See [Tru96]. Ask AOL how successful we were :-(

RFC 3871

"Operational Security Requirements for Large Internet Service Provider (ISP) IP Network Infrastructure", [Jon04]

NANOG Presentation

"Knobs, Levers, Dials and Switches: Now and Then (please sir, may I have some more ?)", [Jon03]

USENIX :login; Article

"The Case for Network Infrastructure Security", [Jon02c]

LISA Paper

"Cloning customized hosts (or customizing cloned hosts)", [JR91] …

Securing Cisco Routers

"Securing Cisco Routers", a SANS booklet by John Stewart, and Josh Wright that makes heavy use of Router Audit Tool. See [WS03].

RFC 4778

"Operational Security Current Practices in Internet Service Provider Environments" by Merike Kaeo. See [Kae07].

CERT

2011 to Present. Member of the Technical Staff/Senior Network Security Analyst at CERT a.k.a. The Software Engineering Institute at Carnegie-Mellon University. Arlington, VA. http://cert.org. .

MITRE

2003-2011. Lead Information Systems Engineer at The MITRE Corporation. McLean, VA. http://mitre.org.

UUNET

1999-2003. Senior Network Security Engineer, Web Hosting at UUNET Technologies/WorldCom. Now Verizon Business. Columbus,Ohio. http://en.wikipedia.org/wiki/UUNET.

BankOne

1999. IT Architect, Information Security. BankOne, now JPMorgan, Chase. Columbus, Ohio. http://en.wikipedia.org/wiki/Bank_One_Corporation.

CompuServe

1985-1987,1992-1998. Software Engineer/Network Security Engineer CompuServe, now AOL. Columbus, Ohio. http://en.wikipedia.org/wiki/CompuServe.

Formtek

1991-1992. Project Engineer at Formtek then Lockheed-Martin. Carnegie, PA. http://www.formtek.com/aboutus/ourhistory.shtml

OSU-CIS

1987-1991. Systems Programmer/Systems Administrator. The Ohio State University department of Computer and Information Science. Columbus, Ohio. http://www.cse.ohio-state.edu/

IETF

Appointed “Technical Advisor” to the OPSEC working group by the IETF (the Internet standards body). This was done in recognition of my contributions in editing RFC3871. In this role I developed the working group charter, wrote the framework that guided the efforts of the working group and provided feedback to document authors.

SANS/Center for Internet Security

Appointed “Consensus Coordinator” by SANS/The Center for Internet Security. In this roll I coordinated the development of minimum security configuration standards for Cisco IOS Routers and Catalyst switches. I coordinated input from government (NSA, DISA), operators (UUNET/Verizon, Sprint, Qwest, etc.) and vendors (Cisco, Juniper).

• Active in USENIX.

• BS, Computer and Information Science, The Ohio State University
• Graduate work in Computer and Information Science, The Ohio State University

Emacs

I've been using Emacs since the TECO version on TOPS-20 in high-school. Roughly 2 years after Stallman created it.

"But even if TextMate 2 drops from the sky fully-formed and marveled at by all, Emacs will still be there, waiting. It will be there when the icecaps melt and the cities drown, when humanity destroys itself in fire and zombies, when the roaches finally achieve sentience, take over, and begin using computers themselves - at which point its various Ctrl-Meta key-chords will seem not merely satisfyingly ergonomic for the typical arthropod, but also direct evidence for the universe’s Intelligent Design by some six-legged, multi-jointed God." Kieran Healy quoted by Vivek Haldar

Org-mode

For organizing life. See http://orgmode.org/worg/ and Org-mode in Your Pocket Is a GNU-Shaped Devil. I have come to the conclusion that I will stop using org-mode when they pry the keyboard from my cold dead fingers.

Python

It took me 20 years to get past the RPG-and-FORTRAN-Column-7-esq syntactical dependence on indentation to group blocks, but I've seen the light. No more PERL. stackoverflow.com is your friend.

Latin

"Cur lingua latina rogas? Cur non, dico." http://www.thelatinroad.com/latinroad/index.html

Hiking and Backpacking

Shenandoah National Park and Philmont Scout Reservation

George Jones <gmj AT pobox DOT com>