John Allman., CISSP
2583 Seneca Trail
Duluth, Ga. 30096 
H: 404.343.6486
John.Allman@tuxinternet.com

I am a CISSP  who has developed leadership through 8 years of experience in the information security field. You will find my system experience to be far reaching in the technology.

Distributions (in order by experience):
FreeBSD (2.5-4.5), Sun/Solaris (2.51, 8), HP/UX(11i), BSDi (3.5-4),  AIX (4.3), Linux, DG/UX, NetBSD, OpenBSD, SCO, MS-DOS ver. 3.21-6.11, Microsoft Windows 3.11, 95/98, NT WK/SVR 3.51, 4.0 
 
Education: 
School
	Mt. Zion High		College Prep			Graduated
	Southern Tech		Physics				Attended 1 year

Certificates
	ISC2	ISC2					Certificate		March  22, 2002
	SAI	DSN Troubleshooting and Maintenance	Certificate		March 16, 2001
	SAI	Solaris I					Certificate		February 16, 2001
	SAI	A&O DSN				Certificate		February 09, 2001
	SAI	Reverse Path Implementation		Certificate		February 02, 2001
	SAI	HFC Fundamentals			Certificate		February 01, 2001
	Mitel	200lt					Certificate		1998

Presentations:
	Linux General Store	2000				Linux Administration
	DragonCon		1998, 1999, 2000, 2001		Current Computer Security flaws
	DragonCon		2000				Web Cam Technology
Atlantacon		2000				Recent Ddos attacks
						Securing BSD accounts on oversized machines
	Atlantacon		2001				Physical security

Previous Job Experience: 

Scientific Atlanta
Network Administrator/Encryption Specialist					Jan 01 - Oct. 01
Support of RF cable network including Sun Solaris, Linux, FreeBSD, TCP over ATM, TCP over Quaternary Phase-Shift Keying, TCP over Quadrature Amplitude Modulation, Ethernet, OC3, SWIF, RF broad and narrow band. Satellite communication over encrypted channels. RSA and DES3 encryption formulating, implementing and troubleshooting. RF and software data compression. Working with rsh, ssh and X in a multiple system environment, pulling displays across from Solaris, Linux, BSD and Windows in a WAN environment. Server applications including ssh, X, natd, ipfw, sendmail, Veritas, rsh, telnet and informix.

Support of DSN network and all components including: DNCS, TED, App Server (DSN) BIG, Data QAM, QAM, mQAM, QPSK (mod & dmod), set-top, Cherry Picker, RTE, IRT, and MDR. Support of communications over SWIF, ATM, Ethernet, RF, DEHI, Sonet, AM-Fiber, DS-3 and OC3.  Working with some of the newer DSN technologies such as IPG, IPPV, and VOD.

DSN systems ranged in size from our local network at about 200 users to sites as large as 500,000 users. Worked on both Sci-Atl Applications as well as some 3ed party apps such as Wink. Lots of shell scripting for customer sites as well as scripts for local users.

Taught classes on the encryption scheme for Scientific Atlanta equipment, from the RSA key swap during staging to RSA monthly swap and DES3 exchange for encrypted channels.  Post disaster recovery of encrypted data after corruption and key loss.

Setup and administration of file services such as FTP, rsh, ssh, NFS and samba. Shell scripting for both local and remote processes. Working with SUID and SGID bits on user and system processes.


HomeCom.com
Unix  Security Administrator 						Aug. 96 - Apr. 00
Security Administration/Installation of all UNIX servers, including BSDi, FreeBSD, Debian Linux, Sun/OS, HP/UX and SCO. Administration on Apache, Sendmail, Innd, routing servers, NATD, named/DNS. Internic contact to set up and modify domain name registration. Basic NT administration. Customer service for all trouble requests. Installation of RAID 0,1,510,50,10-0 arrays running BSDi and FreeBSD. Daily Ctar backups. Administration of BSDi server with 47,000 users. Shell Scripting, sed and awk scripting. Design and implementation of BSDi server to house 1 million users. Unix Security - OS, FTP, httpd, squid, portmap, sendmail, shell scripting, SUID, SGID, umask, chmod, chgrp, chflags, chroot, and jail.

Before the merger of Time Warner and AOL all road runner web sites were hosted through HomeCom. A system used to do this was already in place when I started working but was growing at a rate of 500 users a week. It was growing  so fast that a new system needed to be developed from the ground up. I served as project manager and security administrator for this undertaking. It was decided to use BSDi as the operating system, we ordered licenses as well as the source code for the OS. I worked with 3 programmers and 2 mid level administrators under me to design and implement a network where each single server  could hold 150,000 users. All programs dealing with users were rewritten, along with many other common UNIX functions that would not work on a system as large as we were building. I created all documentation, did all the emergency planning, the backup planning,  the system hardening, system and drive configuration wrote out schedules and lists for the programmers to follow.

After the system was running, I continued to handle the security and administration of the system. I set up a 24 hour call for any problems and had automated scripts both local and remote which would be able to contact me immediately and give a basic description of the problem the system was having. I worked directly with the customer to iron out any bugs that would come along. Most of the bugs were with the creation or deletion of a users account these were quickly fixed as they were found according to the documentation I had created.

The system had less than 1% unplanned downtime, and because of proper separation of processes the unplanned downtime would only affect a single aspect of the system rather than everything. A database also had to be set up, this contained user information. Comparatively this was an easy setup, installation of BSDi and Oracle 7, testing with automated scripts, and documentation. 

InHealth Records system
	UNIX Security Administrator						Mar 94 - Jul. 96
Hardware and software security on Data General UNIX. Policy development and development of user accounts profiles, software implementation of these policies into the operating environment. Policy development for addition of new users, their equipment, login, phone account. Creation of firewall using checkpoint back-end and remote access into DG/UX midrange.

Shell Scripting for users on dumb terminals,  including their personal shell, user interface and  cron scripts. Working with SUID and SGID bits for user and root processes.

References: 
References available upon request