craig dober
IT Security and Compliance
For many years now, I have been performing IT security audits for clients and faced many issues of PCI or HIPAA compliance, Remote access security, disaster recovery, Ransomware protection, Windows and Linux hardening, firewalling, DNS for mitigation of man-in-the-middle attacks. I have worked extensively with SQL servers and PHP web applications, as well as Tomcat/Java, HTML/CSS, IIS and apache configuration. If these technologies are a necessary part of your attack surface, vigilance and strong hardening techniques must be employed to ensure the security of your infrastructure. I have programmed in assembly and C when necessary and scripted administration and logging tools in a variety of languages. It's better to fit the technology to the task, then just use one language because its comfortable.
Programming
My principle training in college was in computer programming. At the University of Illinois, Urbana-Champaign, I studied the art of engineering software. The focus was on elegance and efficiency, not to just write a program that works, but carefully craft a program, from the first stages of planning to the finished product. Choosing the correct language and using the best algorithm to accomplish the task. In depth study of data structures and various techniques, such as iteration and recursion, was at least as important as the command set and structure of the languages themselves. This has allowed me in my career to learn new languages very quickly. The languages I have used in the past are listed.
C, C++
PHP
Perl
SQL
XHTML, CSS
Bash Scripting
Fortran
Pascal
BASIC
Scheme
Mathematica
Javascript/AJAX
Java
Linux Administration
For the last twelve years, my main focus has been as a linux administrator and systems engineer. Red Hat/CentOS has been predominately the distribution with which I have been working, but I also have experience with Debian, AIX, SUSE, freeBSD, openBSD, and Ubuntu distributions. I have installed and maintained several qmail email systems, djbdnscache/tinydns domain nameservers, nagios system monitor, nessus security scanner, SNORT intrusion detection, apache web server, sendmail, postfix, exim, tomcat, routing, if it can run on a linux system I have probably installed it. I have configured systems for banking compliance audits and am thoroughly educated in secure internet technologies. In particular I have extensive experience in linux firewalling and network troubleshooting.
I am very familiar with building and maintaining iptable firewalls, writing custom security scripts to track user behavior and installing security software including TripWire, ManageEngine, SELinux configuration, daemontools, Nagios, Snort, RKHunter.
Qmail Administration
I have installed and administered many qmail email systems, totaling over 800 domains and many thousands of email addresses. I have found it to be an incredibly stable and efficient piece of software. I have studied the internal structure, and the programming philosophy of its designer, Dan J Bernstein. As the only proven secure email system yet created it hold a very prestigious place in the world of internet programming. While it is stable and scales very well, it can be quite difficult to administer and troubleshoot. To do so requires a good background in C programming and knowledge of the SMTP protocol which I have take great pains to develop. I am very comfortable with all aspects of qmail installation and administration including plug-in add-ons like valid "rcpt to" requirements, dealing with large queues, spamassassin integration, network file system support, QMTP, greylisting, designing web based administration tools, CDB databases, recordio troubleshooting, the multilog logging system, and other Bernstein tools like USCPI-TCP and daemontools.
Network Administration
In my former role as Senior Systems Integrator, I was exposed to a whole slew of varying technology that I will put here under this heading. Although I think it is a very poor technology to use in an enterprise environment, I have a great deal of experience with Windows IIS web servers. I have installed, configured and administered many windows servers, including a great deal of experience making these compliant with banking auditors and PCI compliance audits. Cisco products are a much better technology for the enterprise environment, and I have experience with Cisco routers, catalyst switches and both PIX and ASA firewalls. Most of the VPNs I have configured and troubleshooted have been Cisco, although I am also familiar with using Linux for VPNs, as well as SonicWall and Fortigate. Both SWAN and openVPN are fine technologies to use for VPN access, however I would always suggest Cisco for their proven track record and ease of use.
Working at an ISP has afforded me also with experience with various WAN connectivity technologies. I have configured Cisco routers for BGP, EIGRP and have a complete understanding of how these protocols work. I am experienced in many network scanning and monitoring tools including Wireshark, nmap, TCPDUMP, ntop, the System Internals toolset for Windows.
I have found that a strong understanding of TCP/IP and routing protocols is most important for network troubleshooting. Numerous times I have been thrust into situations with systems and technology I have no experience with, yet with a strong understanding of how networks work, and the protocols used, I have always been able to determine the problem and effect a solution.
A co-worker was coding a python IRC logger, so I decided to have a thorough investigation into the ancient IRC technology that is experiencing a renaissance now. Just a simple text command system over TCP, one could use netcat alone as a client, not very fun or useful though. I did a number of tests of popular IRC server software and have found a rock solid and secure solution with easy SSL support. I also coded a IRC logger in C that logs to a MySQL server as a testing tool. Often there just doesn't exist a good solution for a testing package and you have to code one yourself.
VMware Virtualization
There are more than a few options for virtualization, however none can match the sophistication, stability, and efficiency of VMware. In 2007, I was first exposed to VMware in an enterprise environment, and since then I have experienced the effectiveness and ease of administration of VMware's products. I have installed VMware on a wide range of equipment including Dell servers and desktops, HP Servers, Dell SANs and NAS storage. While the extensive disk writing of email servers may at one time have precluded using virtualization, I have successfully put Microsoft Exchange servers and qmail email servers on virtualized servers and found them to be both stable and dependable. I have installed virtual machines in both standard and exotic configurations, including SANs storage array for an offline backup system using virtual network interfaces. I am completely comfortable with the ESX host console and vmware vi-client graphical interface of olden-times and with vCenter installations of all sizes.
PCI Compliance
Perhaps the most important area of internet technologies for the forseeable future is PCI compliance, at least for those tasked with taking credit cards. I helped the Illinois State Treasurer E-Pay system achieve their initial PCI compliance with Fishnet Securities as the QSA. I helped maintain their compliance for a number of years after as the main server administrator for both the E-Pay servers and the Illinois State Treasurer I-cash servers. I have performed security audits for compliance with various accounting standards and IGB compliance for Illinois casinos. I have a thorough understanding of security issues in the financial industries.
Installed, configured, administrated the Illinois State Treasurer E-Pay servers.
Installed, configured, administrated the Illinois State Treasurer I-Cash Unclaimed Property Division servers
Helped the Illinois State Treasurer E-Pay system attain their first PCI compliance with ongoing compliance maintenance
Installed, configured, administrated the Illinois Prescription Monitoring Program servers and website ilpmp.org
Installed, configured, administrated the California Prescription Drug Monitoring Program servers and website aaicures.com
Developed the PHP application for the California Prescription Drug Monitoring Program Direct Dispense website aaicures.com
Installed, configured and administrated the Wyoming State Board of Pharmacy WOPD website worxpdmp.com
Virtualized SIUC Worknet servers, adminstrated the physical servers and virtual machimes
Configured and administrated Cisco and Juniper routers, possess a thorough understanding of routing protocols
Extensive experience installing, configuring email servers including qmail, postfix, exim, sendmail, exchange
Extensive experience installing, configuring, administrating MySQL and MSSQL databases, SQL knowledgeable
Performed IT security audits on Illinois casinos for their IGB compliance
Installed, configured and administrated DNS nameservers and DNS caching servers
I have a thorough understanding of the Domain Name System with experience in a number of popular server software
Installed, configured and maintained firewalls including Cisco, Fortigate, SonicWall, and Linux
Performed IT security audits and vulnerability scans for various businesses and financial institutions
I have a thorough understanding of SSL/TLS security issues and how to mitigate them in Linux, Apache, Windows and in remote access connections
Experience in a number of UNIX versions including but not limited to AIX, freeBSD, openBSD, Suse, Debian, Red Hat/CentOS, Ubuntu
Experience with a number of backup solutions as the network administrator of multiple server rooms including VEEAM, Unitrends, Symantec Backup Exec, Rapid Recovery/AppAssure, custom Linux backup scripts