Paul Vixie | |
---|---|
Born | May 23, 1963 |
Nationality | American |
Alma mater | Keio University |
Occupation(s) | Vice President, Security at Amazon Web Services (AWS) [1] |
Known for | ISC, BIND, MAPS, Vixie cron |
Paul Vixie is an American computer scientist whose technical contributions include Domain Name System (DNS) protocol design and procedure, mechanisms to achieve operational robustness of DNS implementations, and significant contributions to open source software principles and methodology. [2] He also created and launched the first successful commercial anti-spam service. [3] He authored the standard UNIX system programs SENDS, proxynet, rtty and Vixie cron. At one point he ran his own consulting business, Vixie Enterprises. In 2002, Vixie held the record for "most CERT advisories due to a single author". [4] [5]
Paul A Vixie was born on 23 May 1963 and grew up in San Francisco, and his mother's maiden name is Killian. [6]
"There were no computers at my school. I used to cut school and go to City College of San Francisco, where they had a Honeywell system" — Paul Vixie [7]
In 1980, when George Washington High School in San Francisco told him he'd have to repeat 11th grade, he quit school and got a job as a programmer at a consulting firm. [7] [8] [9]
Vixie worked on BIND [10] as a software engineer at Digital Equipment Corporation (DEC) from 1988 to 1993. [1] After he left DEC in 1994, [11] he founded Internet Software Consortium (ISC) in 1996 [1] together with Rick Adams and Carl Malamud to support BIND and other software for the Internet. The activities of ISC were assumed by a new company, Internet Systems Consortium in 2004. Although ISC operates the F root name server, Vixie at one point joined the Open Root Server Network (ORSN) project and operated their L root server.
In 1995 he cofounded the Palo Alto Internet Exchange (PAIX) and, after Metromedia Fiber Network (MFN) bought it in 1999, served as the chief technology officer to MFN / AboveNet and later as the president of PAIX. [12]
In 1998 he cofounded Mail Abuse Prevention System (MAPS), a California non-profit company with the goal of stopping email abuse.
Vixie is the author of several Request for Comments (RFC)s, including a Best Current Practice document on "Classless IN-ADDR.ARPA Delegation" (BCP 20), [12] and some Unix software. He stated in 2002 that he "now hold[s] the record for 'most CERT advisories due to a single author.'" [13] [4]
In 2008, Vixie served as a judge for the Mozilla Foundation's "Download Day", an attempt to set a Guinness World Record for most downloads in a single day for a new piece of software. [14]
Vixie served on the board of trustees of the American Registry for Internet Numbers (ARIN) from 2005 to 2013, and served as chairman in 2009 and 2010. [15] Vixie also serves on the Security and Stability Advisory Committee of ICANN. [16]
He received a Ph.D. in computer science from Keio University in 2011. [17] [18]
In 2013, after nearly 20 years at ISC, he founded a new company, Farsight Security, Inc. spinning off the Security Business Unit from ISC. [19]
In 2014, Vixie was inducted into the Internet Hall of Fame as an Innovator. [20]
The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985.
BIND is a suite of software for interacting with the Domain Name System (DNS). Its most prominent component, named, performs both of the main DNS server roles, acting as an authoritative name server for DNS zones and as a recursive resolver in the network. As of 2015, it is the most widely used domain name server software, and is the de facto standard on Unix-like operating systems. Also contained in the suite are various administration tools such as nsupdate and dig, and a DNS resolver interface library.
Sendmail is a general purpose internetwork email routing facility that supports many kinds of mail-transfer and delivery methods, including the Simple Mail Transfer Protocol (SMTP) used for email transport over the Internet.
The Morris worm or Internet worm of November 2, 1988, is one of the oldest computer worms distributed via the Internet, and the first to gain significant mainstream media attention. It resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act. It was written by a graduate student at Cornell University, Robert Tappan Morris, and launched on 8:30 pm November 2, 1988, from the Massachusetts Institute of Technology network.
The cron
command-line utility is a job scheduler on Unix-like operating systems. Users who set up and maintain software environments use cron to schedule jobs, also known as cron jobs, to run periodically at fixed times, dates, or intervals. It typically automates system maintenance or administration—though its general-purpose nature makes it useful for things like downloading files from the Internet and downloading email at regular intervals.
CISSP is an independent information security certification granted by the International Information System Security Certification Consortium, also known as ISC2.
Internet Systems Consortium, Inc., also known as ISC, is a Delaware-registered, 501(c)(3) non-profit corporation that supports the infrastructure of the universal, self-organizing Internet by developing and maintaining core production-quality software, protocols, and operations. ISC has developed several key Internet technologies that enable the global Internet, including: BIND, ISC DHCP and Kea. Other software projects no longer in active development include OpenReg and ISC AFTR.
Michał Zalewski, also known by the user name lcamtuf, is a computer security expert and "white hat" hacker from Poland. He is a former Google Inc. employee, and currently the VP of Security Engineering at Snap Inc.
DNS spoofing, also referred to as DNS cache poisoning, is a form of computer security hacking in which corrupt Domain Name System data is introduced into the DNS resolver's cache, causing the name server to return an incorrect result record, e.g. an IP address. This results in traffic being diverted to any computer that the attacker chooses.
Open Root Server Network (ORSN) was a network of Domain Name System root nameservers for the Internet. ORSN DNS root zone information was kept in synchronization with the "official" Domain Name System root nameservers coordinated by ICANN. The networks were 100% compatible, though ORSN was operated independently. The ORSN servers were primarily placed in Europe. ORSN is also used by public name servers, providing Domain Name System access freely for everyone, without any limitation until the project closed in May 2019. ORSN was primarily started to reduce the over-dependence of Internet users on the United States and Department of Commerce/IANA/ICANN/VeriSign, limit the control over the Internet that this gives, while ensuring that domain names remain unambiguous. It also helps avoid the technical possibility of global "Internet shutdown" by one party. They also expect their network to make domain name resolutions faster for everyone.
The Computer Oracle and Password System (COPS) was the first vulnerability scanner for Unix operating systems to achieve widespread use. It was created by Dan Farmer while he was a student at Purdue University. Gene Spafford helped Farmer start the project in 1989.
This article presents a comparison of the features, platform support, and packaging of many independent implementations of Domain Name System (DNS) name server software.
The ISC license is a permissive free software license published by the Internet Software Consortium, now called Internet Systems Consortium (ISC). It is functionally equivalent to the simplified BSD and MIT licenses, but without language deemed unnecessary following the Berne Convention.
Robert C. Seacord is an American computer security specialist and writer. He is the author of books on computer security, legacy system modernization, and component-based software engineering.
DNS management software is computer software that controls Domain Name System (DNS) server clusters. DNS data is typically deployed on multiple physical servers. The main purposes of DNS management software are:
Daniel Kaminsky was an American computer security researcher. He was a co-founder and chief scientist of Human Security, a computer security company. He previously worked for Cisco, Avaya, and IOActive, where he was the director of penetration testing. The New York Times labeled Kaminsky an "Internet security savior" and "a digital Paul Revere".
A response policy zone (RPZ) is a mechanism to introduce a customized policy in Domain Name System servers, so that recursive resolvers return possibly modified results. By modifying a result, access to the corresponding host can be blocked.
The following comparison of DHCP and DHCPv6 server compares general and technical information for a number of DHCP server software programs.
Kea is an open-source DHCP server developed by the Internet Systems Consortium, authors of ISC DHCP, also known as DHCPd. Kea and ISC DHCP are both implementations of the Dynamic Host Configuration Protocol, a set of standards established by the Internet Engineering Task Force (IETF). Kea software is distributed in source code form on GitHub, from various ISC sites, and through a number of operating system packages. Kea is licensed under the Mozilla Public License 2.0.
If this book had existed when I was learning C in the early 1980s, then I might not now hold the record for 'most CERT advisories due to a single author.' Anyone who wants a coding job at ISC in the future should be prepared to demonstrate that they have read and understand Secure Coding.
note that i hold the single-author record for total CERT advisories, proving that in my copious youth I knew how to sling code but not how to manage risk.