Marcus J. Ranum

Last updated
Marcus J. Ranum
Mjr-portrait-picture-mid.jpg
Born (1962-11-05) 5 November 1962 (age 61)
New York City, New York, United States
NationalityAmerican
Alma mater Johns Hopkins University
EmployerTenable Network Security
Known forComputer and Network Security Innovator
Website www.ranum.com

Marcus J. Ranum (born November 5, 1962, in New York City, New York, United States) is a computer and network security researcher. He is credited with a number of innovations in firewalls, including building the first Internet email server for the whitehouse.gov domain, [1] and intrusion detection systems. He has held technical and leadership positions with a number of computer security companies, and is a faculty member of the Institute for Applied Network Security.

Contents

Education

Marcus Ranum was born in New York City, and graduated from Gilman School in Baltimore, Maryland before attending Johns Hopkins University where he obtained a Bachelor of Arts in Psychology in 1985. [2]

Career

Ranum helped design and implement Digital Equipment Corporation's Secure External Access Link (SEAL) (later AltaVista firewall), [3] regarded as the first commercial bastion host firewall, [4] in 1990. He left DEC to work for Trusted Information Systems (TIS) as chief scientist and development manager for Internet security products. It was at TIS that Ranum became responsible for the whitehouse.gov Internet email site. Once charged with that responsibility, Ranum advocated that the whitehouse.com domain be registered as well. [5] Despite his advice, it was not registered by the government, but was later registered for an adult entertainment provider. [6] At TIS, he developed the TIS Internet Firewall Toolkit (fwtk) under a grant from DARPA. After TIS, he worked for V-One as chief scientist, and was extensively involved in that company's IPO. Three months after that IPO, Ranum formed his own company, Network Flight Recorder (NFR), and served as CEO for three years before stepping into a CTO role. [7] Ranum later left NFR to consult for TruSecure, [8] before joining Tenable Network Security as CSO. [9]

In addition to his various full-time positions, Ranum has also held board or advisory positions at NFR Security, [10] Protego Networks, [11] and Fortify Software. [12]

Public presentations

Ranum has spoken to USENIX audiences at LISA 1997, [13] 1999 (tutorial) [14] LISA 2000 (keynote), [15] 2002, [16] and 2003 (tutorial). [17] He spoke out against full disclosure at the Black Hat Security Briefings in 2000. [18] More recently, Ranum has spoken at Interop in 2005 [19] and 2007, [20] CanSecWest in 2010, and Secure360 in 2011. [21]

He previously taught courses for the SANS Institute. [22]

Influence

Ranum's work has been cited in at least 15 published U.S. patents, [23] as well as numerous other computer and network security articles and books.

"Ranum's Law"

Ranum is cited [24] [25] [26] as the author [27] of an eponymous law, "You can't solve social problems with software."

Awards

Publications

Articles

Marcus has co-authored a series of "Face Off" articles with Bruce Schneier, which have appeared approximately bi-monthly in Information Security Magazine since July, 2006. [32]

Ranum is one of a number of editors of the SANS Newsbites semiweekly email newsletter. [33]

Books

Personal life

Currently, Ranum lives in Morrisdale, Pennsylvania. His hobbies include photography and firearms. He maintains an active stock photography account on DeviantArt, and he wrote an essay for Oleg Volk's pro-firearms site. www.a-human-right.com. [34] Marcus Ranum was also interviewed by digital artist Brandon Pence for the NWFLAA which can be read in 2 parts: Part 1 and Part 2. He is an atheist, [35] maintaining a blog on the Freethought Blogs network. [36]

Related Research Articles

Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware that their actions are being monitored. Data can then be retrieved by the person operating the logging program. A keystroke recorder or keylogger can be either software or hardware.

<span class="mw-page-title-main">L0pht</span> American hacker collective

L0pht Heavy Industries was a hacker collective active between 1992 and 2000 and located in the Boston, Massachusetts area. The L0pht was one of the first viable hackerspaces in the US, and a pioneer of responsible disclosure. The group famously testified in front of Congress in 1998 on the topic of ‘Weak Computer Security in Government’.

In computer security, a DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN): an external network node can access only what is exposed in the DMZ, while the rest of the organization's network is protected behind a firewall. The DMZ functions as a small, isolated network positioned between the Internet and the private network.

Deep packet inspection (DPI) is a type of data processing that inspects in detail the data being sent over a computer network, and may take actions such as alerting, blocking, re-routing, or logging it accordingly. Deep packet inspection is often used for baselining application behavior, analyzing network usage, troubleshooting network performance, ensuring that data is in the correct format, checking for malicious code, eavesdropping, and internet censorship, among other purposes. There are multiple headers for IP packets; network equipment only needs to use the first of these for normal operation, but use of the second header is normally considered to be shallow packet inspection despite this definition.

SonicWall is an American cybersecurity company that sells a range of Internet appliances primarily directed at content control and network security. These include devices providing services for network firewalls, unified threat management (UTM), virtual private networks (VPNs), virtual firewalls, SD-WAN, cloud security and anti-spam for email. The company also markets information subscription services related to its products. The company also assists in solving problems surrounding compliance with the Health Insurance Portability and Accountability Act (HIPAA) and the Payment Card Industry Data Security Standard (PCI-DSS).

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

An application firewall is a form of firewall that controls input/output or system calls of an application or service. It operates by monitoring and blocking communications based on a configured policy, generally with predefined rule sets to choose from. The application firewall can control communications up to the application layer of the OSI model, which is the highest operating layer, and where it gets its name. The two primary categories of application firewalls are network-based and host-based.

<span class="mw-page-title-main">ESET NOD32</span> Computer protection software

ESET NOD32 Antivirus, commonly known as NOD32, is an antivirus software package made by the Slovak company ESET. ESET NOD32 Antivirus is sold in two editions, Home Edition and Business Edition. The Business Edition packages add ESET Remote Administrator allowing for server deployment and management, mirroring of threat signature database updates and the ability to install on Microsoft Windows Server operating systems.

A bastion host is a special-purpose computer on a network specifically designed and configured to withstand attacks, so named by analogy to the bastion, a military fortification. The computer generally hosts a single application or process, for example, a proxy server or load balancer, and all other services are removed or limited to reduce the threat to the computer. It is hardened in this manner primarily due to its location and purpose, which is either on the outside of a firewall or inside of a demilitarized zone (DMZ) and usually involves access from untrusted networks or computers. These computers are also equipped with special networking interfaces to withstand high-bandwidth attacks through the internet.

<span class="mw-page-title-main">Chris Wysopal</span> American computer security expert

Chris Wysopal is an entrepreneur, computer security expert and co-founder and CTO of Veracode. He was a member of the high-profile hacker think tank the L0pht where he was a vulnerability researcher.

The Intelligent Platform Management Interface (IPMI) is a set of computer interface specifications for an autonomous computer subsystem that provides management and monitoring capabilities independently of the host system's CPU, firmware and operating system. IPMI defines a set of interfaces used by system administrators for out-of-band management of computer systems and monitoring of their operation. For example, IPMI provides a way to manage a computer that may be powered off or otherwise unresponsive by using a network connection to the hardware rather than to an operating system or login shell. Another use case may be installing a custom operating system remotely. Without IPMI, installing a custom operating system may require an administrator to be physically present near the computer, insert a DVD or a USB flash drive containing the OS installer and complete the installation process using a monitor and a keyboard. Using IPMI, an administrator can mount an ISO image, simulate an installer DVD, and perform the installation remotely.

<span class="mw-page-title-main">Check Point</span> Israeli security company

Check Point is an American-Israeli multinational provider of software and combined hardware and software products for IT security, including network security, endpoint security, cloud security, mobile security, data security and security management.

Trusted Information Systems (TIS) was a computer security research and development company during the 1980s and 1990s, performing computer and communications (information) security research for organizations such as NSA, DARPA, ARL, AFRL, SPAWAR, and others.

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

Telex is a research anti-censorship system that would allow users to circumvent a censor without alerting the censor to the act of circumvention. It is not ready for real users, but a proof-of-concept mock system exists. As of 2018, Telex has evolved into refraction networking.

The following outline is provided as an overview of and topical guide to computer security:

Mirai is malware that turns networked devices running Linux into remotely controlled bots that can be used as part of a botnet in large-scale network attacks. It primarily targets online consumer devices such as IP cameras and home routers. The Mirai botnet was first found in August 2016 by MalwareMustDie, a white hat malware research group, and has been used in some of the largest and most disruptive distributed denial of service (DDoS) attacks, including an attack on 20 September 2016 on computer security journalist Brian Krebs' website, an attack on French web host OVH, and the October 2016 Dyn cyberattack. According to a chat log between Anna-senpai and Robert Coelho, Mirai was named after the 2011 TV anime series Mirai Nikki.

<span class="mw-page-title-main">IPFire</span> Linux distribution

IPFire is a hardened open source Linux distribution that primarily performs as a router and a firewall; a standalone firewall system with a web-based management console for configuration.

BeyondCorp is an implementation, by Google, of zero-trust computer security concepts creating a zero trust network.

References

  1. "Who's Who in Infosec: Marcus Ranum". Information Security Magazine. 2003-06-17. Archived from the original on 2010-08-20. Retrieved 2008-06-07.
  2. ZDNet - Security Q&A: the father of firewall
  3. "Comments: Interview with Marcus Ranum". 2005-06-28. Archived from the original on 2013-11-30. Retrieved 2008-06-07.
  4. Avolio, Frederic (1999-06-01). "Firewalls and Internet Security, the Second Hundred (Internet) Years". The Internet Protocol Journal. Cisco Systems . Retrieved 2008-06-07.
  5. Miller, Sandra Kay (2006-12-01). "A Contrarian's Viewpoint" . Retrieved 2008-06-11.
  6. "December letter from a White House counsel to the operator of the "whitehouse.com" adult site". CNet. 1997-12-08. Retrieved 2008-06-11.
  7. "NFR Intrusion Detection Appliance Version 4.0 Released". Business Wire. 1999-10-14. Retrieved 2008-06-08.
  8. "Cisco and Sourcefire Achieve Enterprise-Level NIDS Certification from ICSA Labs". Business Wire. 2003-04-21. Retrieved 2008-06-08.
  9. "Marcus J. Ranum Joins Tenable Network Security as Chief Security Officer". Business Wire. 2004-10-04. Retrieved 2008-06-08.
  10. "NFR Security Adds Leading Security Industry Experts to Technology Advisory Board". Business Wire. 2004-02-02. Retrieved 2008-06-08.
  11. "Protego Networks 2.5; Industry Icon Marcus Ranum Joins Protego Networks' Advisory Board". Business Wire. 2004-06-01. Retrieved 2008-06-08.
  12. "Technical Advisory Board". Fortify. Retrieved 2008-06-08.
  13. "USENIX Summaries: Eleventh Systems Administration Conference (LISA '97)". USENIX . Retrieved 2008-06-07.
  14. "Tutorial Instructors". USENIX . Retrieved 2008-06-07.
  15. "USENIX LISA-NT 2000". USENIX . Retrieved 2008-06-07.
  16. "2002 USENIX Technical Conference" (PDF). USENIX . Retrieved 2008-06-07.
  17. "USENIX — Security '03 Tutorials". USENIX . Retrieved 2008-06-07.
  18. Lemos, Robert (2000-10-09). "CERT to disclose software flaws". ZDNet.co.uk . Retrieved 2008-06-07.
  19. Avolio, Fred (2005-05-23). "The Same Old Drum Beat". Archived from the original on 2008-11-20. Retrieved 2008-06-08.
  20. "Tenable CISO Workshops during Interop 2007 New York Now Open for Registration" (PDF). Archived from the original (PDF) on 2008-06-26. Retrieved 2008-06-08.
  21. "Falling on the sword of 'Need to Publish'". Secure360. Archived from the original on 2011-08-26. Retrieved 2011-05-12.
  22. "SANS Institute — Certified Instructors" . Retrieved 2008-06-07.
  23. 5,606,668, 5,623,601, 5,826,029, 5,870,562, 6,173,407, 6,601,233, 6,704,873, 6,834,310, 6,950,868, 7,016,951, 7,100,195, 7,224,778, 7,290,288, 7,313,812, and 7,360,244
  24. William R. Cheswick; Steven M. Bellovin; Aviel D. Rubin (2003). Firewalls and Internet Security: Repelling the Wily Hacker . Addison-Wesley Professional. pp.  202–. ISBN   978-0-201-63466-2.
  25. Kian-Meng, Ang (28 February 2014). "Ranum's Law". www.kianmeng.org. Retrieved 26 April 2023. It was always a people problem rather than a technical issue or as Marcus Ranum put it, "You can't solve social problems with software".
  26. Muffett, Alec (October 2016). "Digital Economy Bill Written Evidence Submitted by Alec Muffett (DEB 39)". www.parliament.uk. UK Parliament. Retrieved March 12, 2018.
  27. Ranum, Marcus (16 June 1999). "Firewall Wizards mailing list archives". seclists.org. Retrieved 26 April 2023. You can't solve social problems with software.
  28. "TISC to honor Marcus Ranum, Internet security pioneer". Business Wire. 2000-04-17. Retrieved 2008-06-07.
  29. "Award Honorees". ISSA . Retrieved 2008-06-07.
  30. "NFR Security Founder Selected for International Security Association Hall of Fame". Business Wire. 2006-06-12. Retrieved 2008-06-08.
  31. "Tenable Network Security Executive Named 2005 Techno-Security Professional of the Year". Business Wire. 2005-06-07. Retrieved 2008-06-07.
  32. "Articles by Author: Bruce Schneier and Marcus Ranum". Information Security Magazine. Retrieved 2008-06-07.
  33. "SANS NewsBites" . Retrieved 2008-06-07.
  34. Ranum, Marcus. "The Aesthetics of the Gun Debate" . Retrieved 2008-06-07.
  35. Ranum, Marcus. "Ranum's supports Dawkins's "out campaign" for atheists.". Retrieved 12 April 2012. Generally, I do not get a lot of satisfaction out of being identified with causes or logos. But - a couple of years ago, when Richard Dawkins started his "out campaign" for atheists, I thought that showing my support was not a bad idea.
  36. "Stderr". 23 January 2024.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.