• Co-author of O'Reilly's bash Cookbook 2nd and bash Idioms
• Information Security, Linux & Perl Geek
• Former Co-maintainer of the Snort.org RPMs\
• Former Infrastructure and Network Security (esp. Snort) expert for SearchSecurity.TechTarget.com's “ Ask the Expert” feature ( Meet the other Experts)

JP has been working with computers since the early Eighties and has been in the IT industry since the early Nineties, specializing in Information Security since the late Nineties. He spent some of that time working as a consultant and about 12 years as a Senior Security Engineer for BT MSS (i.e., BT Counterpane). He was also Director of Customer Support for SGP Technologies (Blackphone.ch) for a while, but prefers hands on technical work.

Mr. Vossen has worked with DOS, Windows, UNIX, VMS and AS/400 platforms, with duties ranging from first-level technical support to network and security architecture and design. He currently loves to work with Linux, Perl, Snort and other Open Source and Free Software but is otherwise not much of a programmer. Unlike many of his technically inclined colleagues, he also enjoys writing and documentation, which has led to the publication of various InfoSec articles, scripts and tips, O’Reilly’s bash Cookbook 2nd, and O’Reilly’s bash Idioms.

JP is also a CISSP and member of CSI, ISSA ( Delaware Valley), InfraGard ( Philadelphia Chapter), SANS, PLUG, and other industry related groups.

Publications & Whitepapers:

• Code on Github
• Co-author of O’Reilly’s bash Cookbook 2nd and bash Idioms
  • Cookbook example code
  • Idioms example code, templates, and style guide
  • A Website for All Things Bash
• Various presentations.
• Volume XX, Number 3 (Summer 2004) the CSI Journal has my “Scripting: Message Triage with Perl” article. You can download the Perl code from the CSI site.
• My Network Security Tips and Snort FAQ at SearchSecurity.com ( Google search):
  • 2005-05: Snort Technical Guide, an index to the Snort articles below
  • 2005-02: Beyond AV: Eliminating evasive malware
    • I also got permission to post my original, longer article, which is otherwise All Rights Reserved, Copyright 2000 - 2005, TechTarget.
  • 2004-12: How to verify that Snort is operating
  • 2004-11: Updating rules with Oinkmaster
  • 2004-10: Four ways to find Snort rules
  • 2004-09: How should I define Snort’s configuration variables?
  • 2004-08: Modifying and writing custom Snort rules
  • 2004-07: How many interfaces does my sensor need?
  • 2004-06: What OS should I use for my Snort sensor?
  • 2004-05: Where should I place my IDS sensors?
  • 2004-04: Network-based IDS: How to deal with switches and segments
  • 2004-03: Snort makes IDS worth the time and effort
  • 2004-02: Disconnecting desktops for network security
  • 2004-01: What is that Port?
  • 2003-12: Predictions for IDS and IPS in 2004
• My answers to SearchSecurity.com’s “Ask the Expert” feature for Infrastructure and Network Security.
  • 2004-01: What is the most cost-effective way to battle viruses?
  • 2004-01: Using integrated security products
  • 2004-01: Is Snort better than proprietary IDS?
  • 2004-01: The ABCs of intrusion detection
  • 2004-01: Firewall recommendations for a busy Web server
• Various articles in Information Security Magazine (now merged into SearchSecurity.com, so see the text in the Internet Archive):
  • 2003-01: A review of ForeScout’s ActiveScout.
  • 2002-06: A review of Harris’ STAT Neutralizer.
  • 2002-02: An article and several sample scripts about “ Windows Security Scripting”. See also Sample Scripts, Scripting Resources and Shell Script Security. This is one of my favorites.
  • 2001-04: A (500 word) product write-up of BindView Control
  • 2001-03: “ Kane Enable,” a (~ 3,000 word) review of Kane Security Analyst v5. (Note: I will not take the blame for the title, that goes to then Editor-In-Chief, Andy Briney ;-)
• A Whitepaper (PDF) and slideshow (PDF), copyright 2002 AlphaNet Solutions, called “Securing (Hardening) Windows Servers.” Also download the MoveTools batch file, then rename from .TXT to .CMD as needed. They were written for a “TechNet Workshop: Microsoft Security Solutions” presentation on January 22nd, 2002 at the Microsoft Greater PA Office in Malvern, PA.
• A response–published in the February 2002 MCP Magazine’s “Certified Mail” (i.e. letters to the editor) section–to an article by Keith Ward entitled “ Gartner IIS Analysis Off-Target, Say Some Experts.” The piece is a well balanced discussion of a Gartner IIS Analysis that recommends against using Microsoft’s IIS. However, it does not address the fact that IIS must run in the “Local System” security context.
• Reviewed and contributed to a draft of “The 60 Minute Network Security Guide (First Steps Towards a Secure Network Environment)” from the NSA Systems and Network Attack Center (SNAC). This was referenced at http://www.sans.org/newlook/resources/NSA_guide.htm, but that page is no longer there. I’m guessing the document is undergoing revision again. You might check the NSA Security Recommendation Guides site.
• OnStream DI-30 Red Hat Backup mini-HOWTO
• Firewall Rule Base Best Practices
• NAT & Private IP Address Ranges What NAT is and how and why you should use it in conjunction with “Private” or RFC1918 non-routable IP addresses.
• I’ve contributed my Port Database to the Snort project (see the credits section in About Snort), and to The Internet Ports Database.
• A contribution to Rec.Humor.Funny. And another one to the R.H.F April 2005 one-liners file
• Two pictures of my deck and the plastic lumber I used to build it appear in the Spring 2005 issue of Coastal Contractor magazine in Materials Report: Plastic Decking.

Tools:

• See the Windows port of Logcheck page for my Windows port of logcheck, the famous UNIX log processing tool. You can also download the PowerPoint presentation I gave to the Philadelphia Area Network Technologies User Group ( PANTUG) on September 12th 2001.
• I have written a couple of management scripts for CheckPoint Firewall-1 (LogSwap & CPFWBack). See my Firewall-1 tools section for more information.
• I have also packaged an NTP service that will run on a really hardened NT server (unlike the non-free MS TimeServ service). See my Firewall-1 tools section for more information.

My Job:

Here is my resume in PDF or HTML, last updated 2021-07-25.

Anyway, my certifications include:

• CISSP (Certified Information Systems Security Professional) #11049, granted March 4 2000, to present.
• Microsoft Certified Systems Engineer (MCSE); late 1990’s
• CheckPoint Firewall-1 v3.x Certified Systems Engineer (CCSE); mid-late 1990’s
• WatchGuard Certified System Professional (WCSP); mid-late 1990’s
• a Novell 3.x CNA (Certified Novell Administrator); mid 1990’s

See my Bio above.

I have worked with many small and mid-size companies in eastern Pennsylvania and New Jersey. I have experience with companies in a broad range of markets, including Telecommunications, Pharmaceutical, Financial, Healthcare, and Manufacturing.

I have worked with networks from Netware Lite and Netware 3.x on up to 30+ site TCP/IP WANS. I have written programs in COBOL, Pascal, C, BASIC, Perl, Bourne Shell and many application macro languages including VBScript. I have also been a beta tester for Microsoft (Win95 & NT4), Symantec and others.

What I like to do:

I am kind of a generalist rather than a specialist, one reason for my interest in Information Security–it is a very broad and far-reaching topic. I find I enjoy the tactical (in-the-weeds) side of things much more than the strategic. I really get into the nuts and bolts of how best to accomplish the goal and am very methodical about the process and documentation. I do best with solid, uninterrupted blocks of time during which I can fully focus on a task (see Maker’s Schedule, Manager’s Schedule).

I really enjoy:

• Scripting, building system & tool automation/integration
  • Ansible, shell scripts, Perl, Regular Expressions, Unix TextUtils and pipelines
  • DevOps concepts and implementation
• Technical writing and documentation (ideally in wiki markup)
• Getting as much as possible under revision control (git, bzr, hg, svn)
• Linux (mostly Debian and Ubuntu/Mint, and CentOS) and other Free and Open Source software
• Smart people I can both learn from and teach
• Learning more about: Python, DevOps, Anisble
• Did I mention bash, Perl & Linux? :-)

My Education:

I went to Oratory Prep High School, in Summit, NJ.

I also have a BSIS from The University of Pittsburgh.

My Hobbies and Interests include:

• Reading, mostly hard science fiction and vampire books
• Target shooting, pistol, rifle and bow
• Experimenting with Information Security, Linux, Bash, Perl, Python
• SCUBA and skin diving (was PADI certified by O’Donnel Diving and Lahaina Divers in early 2001)! See also the Diver’s Alert Network and Hidden Cove SCUBA in King of Prussia PA, and my SCUBA Pictures--Hawaii 2001 page.
• Skydiving! Only had one tandem just so far, at the United Parachute Club but… :-)
• Working on my car (up to late 2003 that was a ‘93 Honda Civic del Sol Si, now it’s the ‘04 Acura TL 6 speed)
  • See my ASCII “circuit” diagram for a headlight buzzer for early 90’s Civic’s, including the del Sol: here.
• Rock climbing at the Philadelphia Rock Gym
• Fixing things and working around the house (see the infamous Plastic Deck ).
• Wood & metal working
• Kayaking on various local rivers in an Ocean Kayak Malibu Two. Nice boat…