Dan Farmer

Last updated

Dan Farmer
Dan Farmer in 2007.JPG
Dan Farmer in 2007
Born (1962-04-05) 5 April 1962 (age 61)
NationalityAmerican
Alma mater Purdue University
Known for

Dan Farmer (born April 5, 1962) is an American computer security researcher and programmer who was a pioneer in the development of vulnerability scanners for Unix operating systems and computer networks. [1]

Contents

Life and career

Farmer developed his first software suite while he was a computer science student at Purdue University in 1989. Gene Spafford, one of his professors, helped him to start the project. The software, called the Computer Oracle and Password System (COPS), comprises several small, specialized vulnerability scanners designed to identify security weaknesses in one part of a Unix operating system.

In 1995, Farmer and Wietse Venema (a Dutch programmer and physicist) developed a second vulnerability scanner called the Security Administrator Tool for Analyzing Networks (SATAN). Due to a misunderstanding of SATAN's capabilities, when it was first published, some network administrators and law enforcement personnel believed that hackers would use it to identify and break into vulnerable computers. Consequently, SGI terminated Farmer's employment. [2] However, contrary to popular opinion, SATAN did not function as an automatic hacking program that undermined network security. Rather, it operated as an audit on network security that identified vulnerabilities and made suggestions to help prevent them. No information about how security vulnerabilities could be exploited was provided by the tool. [3] Within a few years, the use of vulnerability scanners such as SATAN became an accepted method for auditing computer and network security.

He co-developed the Titan vulnerability scanner with Brad Powell and Matt Archibald, which they presented at the Large Installation System Administration Conference (LISA) in 1998. [4]

Farmer and Venema collaborated again to develop a computer forensics suite called The Coroner's Toolkit, and later coauthored Forensic Discovery (2005), a book about computer forensics. [5]

Farmer co-founded Elemental Security with Dayne Myers, and served as the corporation's chief technical officer.

Related Research Articles

<span class="mw-page-title-main">Hacker</span> Person skilled in information technology

In a positive connotation, a hacker is a person skilled in information technology who achieves goals by non-standard means. Though the term hacker has become associated in popular culture with a security hacker – someone with knowledge of bugs or exploits to break into computer systems and access data which would otherwise be inaccessible to them – hacking can also be utilized by legitimate figures in legal situations. For example, law enforcement agencies sometimes use hacking techniques to collect evidence on criminals and other malicious actors. This could include using anonymity tools to mask their identities online and pose as criminals. Likewise, covert world agencies can employ hacking techniques in the legal conduct of their work. Hacking and cyber-attacks are used extra-legally and illegally by law enforcement and security agencies, and employed by state actors as a weapon of legal and illegal warfare.

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. The term rootkit is a compound of "root" and the word "kit". The term "rootkit" has negative connotations through its association with malware.

<span class="mw-page-title-main">USENIX</span> Organization supporting operating system research

USENIX is an American 501(c)(3) nonprofit membership organization based in Berkeley, California and founded in 1975 that supports advanced computing systems, operating system (OS), and computer networking research. It organizes several conferences in these fields.

<span class="mw-page-title-main">Nmap</span> Network scanner

Nmap is a network scanner created by Gordon Lyon. Nmap is used to discover hosts and services on a computer network by sending packets and analyzing the responses.

The Coroner's Toolkit is a suite of free computer security programs by Dan Farmer and Wietse Venema for digital forensic analysis. The suite runs under several Unix-related operating systems: FreeBSD, OpenBSD, BSD/OS, SunOS/Solaris, Linux, and HP-UX. TCT is released under the terms of the IBM Public License.

<span class="mw-page-title-main">Wietse Venema</span> American computer scientist

Wietse Zweitze Venema is a Dutch programmer and physicist best known for writing the Postfix email system. He also wrote TCP Wrapper and collaborated with Dan Farmer to produce the computer security tools SATAN and The Coroner's Toolkit.

A white hat is an ethical security hacker. Ethical hacking is a term meant to imply a broader category than just penetration testing. Under the owner's consent, white-hat hackers aim to identify any vulnerabilities or security issues the current system has. The white hat is contrasted with the black hat, a malicious hacker; this definitional dichotomy comes from Western films, where heroic and antagonistic cowboys might traditionally wear a white and a black hat, respectively. There is a third kind of hacker known as a grey hat who hacks with good intentions but at times without permission.

Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware. Vulnerabilities can be exploited by a threat actor, such as an attacker, to cross privilege boundaries within a computer system. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerabilities are also known as the attack surface. Constructs in programming languages that are difficult to use properly can also manifest large numbers of vulnerabilities.

The Computer Oracle and Password System (COPS) was the first vulnerability scanner for Unix operating systems to achieve widespread use. It was created by Dan Farmer while he was a student at Purdue University. Gene Spafford helped Farmer start the project in 1989.

Security Administrator Tool for Analyzing Networks (SATAN) was a free software vulnerability scanner for analyzing networked computers. SATAN captured the attention of a broad technical audience, appearing in PC Magazine and drawing threats from the United States Department of Justice. It featured a web interface, complete with forms to enter targets, tables to display results, and context-sensitive tutorials that appeared when a vulnerability had been found.

<span class="mw-page-title-main">Metasploit</span> Computer security testing tool

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.

Database security concerns the use of a broad range of information security controls to protect databases against compromises of their confidentiality, integrity and availability. It involves various types or categories of controls, such as technical, procedural or administrative, and physical.

Crack is a Unix password cracking program designed to allow system administrators to locate users who may have weak passwords vulnerable to a dictionary attack. Crack was the first standalone password cracker for Unix systems and the first to introduce programmable dictionary generation as well.

SAINT is computer software used for scanning computer networks for security vulnerabilities, and exploiting found vulnerabilities.

Lynis is an extensible security audit tool for computer systems running Linux, FreeBSD, macOS, OpenBSD, Solaris, and other Unix derivatives. It assists system administrators and security professionals with scanning a system and its security defenses, with the final goal being system hardening.

Network enumeration is a computing activity in which usernames and info on groups, shares, and services of networked computers are retrieved. It should not be confused with network mapping, which only retrieves information about which servers are connected to a specific network and what operating system runs on them. Network enumeration is the discovery of hosts or devices on a network. Network enumeration tends to use overt discovery protocols such as ICMP and SNMP to gather information. It may also scan various ports on remote hosts for looking for well known services in an attempt to further identify the function of a remote host. The next stage of enumeration is to fingerprint the operating system of the remote host.

Tiger is a security software for Unix-like computer operating systems. It can be used both as a security audit tool and a host-based intrusion detection system and supports multiple UNIX platforms. Tiger is free under the GPL license and unlike other tools, it needs only of POSIX tools, and is written entirely in shell language.

<span class="mw-page-title-main">H. D. Moore</span> American businessman

H. D. Moore is a network security expert, open source programmer, and hacker. He is the founder of the Metasploit Project and was the main developer of the Metasploit Framework, a penetration testing software suite.

<span class="mw-page-title-main">Kali Linux</span> Debian-based Linux distribution for penetration testing

Kali Linux is a Linux distribution designed for digital forensics and penetration testing. It is maintained and funded by Offensive Security.The software is based on the Debian Testing branch: most packages Kali uses are imported from the Debian repositories.

References

  1. Gibbs, W. W. (1997) Profile: Dan Farmer From Satan to Zen, Scientific American 276(4), 32-34.
  2. "login interview with Dan Farmer" (PDF). Usenix. December 2014. Retrieved 19 March 2017.
  3. Palmer, C. C. (2001). "Ethical Hacking" (PDF). IBM Systems Journal: 40.
  4. "LISA 98 Technical Program". www.usenix.org. Retrieved 29 April 2023.
  5. Forensic Discovery, Addison-Wesley Professional. ISBN   0-201-63497-X.

Bibliography