Resumes of Employees at Tatarsky.Com
Paul Tatarsky, Operator
Education: Received bachelor of Science
Degree in Mathematics/Computer Science, May 1989 from Harvey
Mudd College (Claremont, CA). Undergraduate research included project
for the Aerospace Corporation designing
a database for a satellite design expert system.
September 2001 to June 2021: Independent
Security and Systems Consultant. Projects include:
Security consultant to government and corporations on product, network, and internal security problems and applications. References available. Projects are not listed.
Implemented further IDS coverage at University of California, Santa Cruz
(UCSC) to improve automated worm outbreak response.
Training DOE and DOD personnel on internal IDS product (NIDS) at 5
day training classes on semi-regular basis.
Snort, DEMARC, Hogwash, and ACID software research and development to improve
the performance and power of these open source IDS tools. Created auto-installing appliance CDROM for those products based on a FreeBSD operating system.
Systems integration work with Affymetrix corporation on their compute cluster and storage area network. Troubleshoot and resolve system issues.
Contract systems and network administration support at the School of Engineering and Natural Sciences Division at University of California, Santa Cruz.
Community service work for local grade school. Systems upgraded, FreeBSD server installed, network rebuilt.
Design work for next cluster targeted at 5000 CPUs
Support and maintenance contract for Genome cluster
Design work and assistance in building new 1028 processor cluster. Used
rackmounted Linux compute nodes with automated PXE/Kickstart installation
procedure to roll out whole racks at a time. Cfengine used to automate
maintenance. Gridware used for scheduler software.
Operational support for Genome Browser web site
- Perform security assessments of internal and Internet security for multiple customers.
- Implement improved security configurations for various platforms
- Respond to compromises and intrusions
- Deploy firewall improvements for customers
- Contribute to some open source security assessment tools
Projects at three large Midwest companies to roll out intrusion detection
systems. Product was CISCO Secure IDS (Netranger) used in conjunction with
open source monitoring systems to provide additional context and forensics.
Performed assessments of internal and Internet security for multiple customers.
Emergency security incident response and forensic work for multiple customers.
Research and development efforts on a high speed Intrusion detection system
capable of monitoring large traffic switch cores such as ISPs.
December 1999 to September 2000: CounterSign
Software, Pleasanton, CA. Senior Security Engineer. Projects include:
Providing testing and validation of company developed host based intrusion
detection software. Provided real world examples of tools operation against
common attack methods.
Supporting roll out efforts of product at U.S. DOE sites nationwide. Conducted
multiple security training courses and current intrusion methods seminars.
Research into latest open source efforts at intrusion detection including
the Snort lightweight intrusion detection tool.
Provided intrusion forensics and intruder detection/extraction services
for customers. Security improvement services including system hardening,
Ssh installation, and TCPwrapper configuration.
Campus network vulnerability scanning software implemented and customized
to local needs. Reduced number of remotely root exploitable systems from
over 100 to zero (at least for that period). Provided weekly vulnerability
reports to campus system admins and provided consulting and bulletins on
security improvements for over 3000 campus computer systems.
Designed firewall system for campus business systems. Implementation delayed
due to roll out timing issues. CISCO PIX unit selected for long term support
Researched IPSEC VPN solutions for campus and PKI strategies for future
Demonstrated serious problems in campus business systems security through
monthly audit efforts. Compromised several major business and research
systems and provided information on methods to local administrators.
July 1997 to July 1999: University of California,
Santa Cruz, Senior System Manager for School
Security administrator for departments computing environment. Implemented
intrusion detection systems, developed user login tracking and analysis
system, developed file signature scanning system to prevent compromise,
secured all operating systems using automated vendor patch checking, controlled
network access with firewall and host level tools, implemented regular
password cracking for weak passwords, and offered encrypted communications
between systems (Ssh)
Tracked all security incidents and interacted with external security organizations
including major ISP security groups, CERT, Bugtraq, and the FBI when situation
warranted it. Several external account closures and one prosecution pending
as a result of security efforts.
Improved security of department email server and implemented anti-Spam
software to control unwanted email. Propagated design of server and filters
to other departments on campus.
Managed a team of four administrators to handle all system and user requests
for 250 systems of various UNIX operating systems and Windows NT. User
base consists of 300 faculty and graduate students in the School of Engineering.
Project manager for network redesign for department. Implemented new wiring
scheme and fully switched Ethernet backbone on CISCO gear. Upgraded all
shared segments to switched networking.
Automated installation servers setup for major operating systems including
Windows NT. Goal is to reduce setup time and admin time for new systems
to almost no time at all.
System monitoring and management software developed to provide advance
warning of system and network problems. System is completely customized
to support a variety of trouble areas. System has web front end to allow
viewing from anywhere.
Mobile networking research on laptop and Palm Pilot platforms to allow
greater remote administration abilities. Various wireless technologies
Instructor for Introduction to Internet Security and Advanced
Internet Security for the Webmaster certificate at MU. Class details
the risks of Internet access and options for protection including packet
filters, proxies, and host level security.
September 1995 to July 1997: Marquette
Medical Systems (Milwaukee, WI). Systems manager for the Cardiology
division. Projects include:
Redesign of division networking from older shared coaxial Ethernet to switched
10/100 Mbs Ethernet over Category 5 twisted pair networking technology.
Improved UNIX, NT and Novell fileserver platforms through upgrade of hardware
and software to stable levels. Pushed for all server platforms to implement
RAID 5 disk storage to improve reliability where write performance is not
Improved NT networking by configuring a central NT Primary Domain Controller
with Backup Domain Controllers. Trust relationships with other divisions
established for sharing. Maintain WINS and DHCP servers for improved cross
network browsing and configuration management.
Improved Sun Solaris networking by configuring a central NIS+ and DNS domain
for the division.
Installed central backup server using DLT tape jukebox and Legato software.
Unit backs up all UNIX, NT and Novell systems in the division.
Supported ISDN network throughout the world to connect customer platforms
to field service.
December 1994 to September 1995: Integrated
Systems Corporation (Milwaukee, WI). Systems consultant for a variety of
clients in the Wisconsin area, including:
Marquette Medical Systems: system administration consultant to the MARS
project. Assisted with creation of automated installation procedure and
configuration of MARS software on Sun Solaris.
ATI/Mattson Instruments (Madison, WI): installation of Internet firewall
for desktop use of Internet. Microsoft Mail system configured for corporate
and Internet email.
Onieda Nation (Green Bay, WI): installation of Internet firewall and corporate
April 1994 to December 1994: Compuware
Corporation, Milwaukee, WI. Systems consultant for one project with Strong
Funds, Menomonee Falls, WI. Project was to design and implement a online
billing system. Technology involved was UNIFACE front end interface with
Sybase back end.
April 1991 to April 1994: University of
California, Santa Cruz. On team of system managers for Computer Information
Sciences and Computer Engineering Department. Team also provided service
for the Math, Physics, Chemistry, Marine Science and Earth Science department
Manage the department's central fileserver. Responsible for user and project
file system that serves the departments 150 workstations.
System manager for a mixed environment of Sun, Silicon Graphics, Digital,
IBM and HP Unix systems. Perform all configuration, troubleshooting and
development tools support .
Coordinate integration tasks with system management team. All systems access
central file systems, common NIS databases, central DNS, shared mail spools,
and printer services.
December 1989 to April 1991: Digital Sound
Corporation (Santa Barbara, CA) Part of four man MIS team that moved the
corporation to new office site, built a 200 node twisted pair Ethernet
network, and supported 100 engineering UNIX systems and 80 business systems.