Marcus J. Ranum
Encyclopedia
Marcus J. Ranum is a computer and network security researcher and industry leader. He is credited with a number of innovations in firewalls
, including building the first Internet email server for the whitehouse.gov
domain, and intrusion detection systems. He has held leadership positions with a number of computer security companies, and is a Faculty member of the Institute for Applied Network Security.
in Baltimore, Maryland before attending Johns Hopkins University
where he obtained a Bachelor of Arts in Psychology
in 1985.
's Secure External Access Link (SEAL) (later AltaVista
firewall), regarded as the first commercial bastion host firewall, in 1990. He left DEC to work for Trusted Information Systems
(TIS) as chief scientist and development manager for Internet security products. It was at TIS that Ranum became responsible for the whitehouse.gov Internet email site. Once charged with that responsibility, Ranum advocated that the whitehouse.com
domain be registered as well. Despite his advice, it was not registered by the government, but was later registered for an adult entertainment provider. At TIS, he developed the TIS Internet Firewall Toolkit (fwtk) under a grant from DARPA. After TIS, he worked for V-One as chief scientist, and was extensively involved in that company's IPO
. Three months after that IPO, Ranum formed his own company, Network Flight Recorder (NFR), and served as CEO
for three years before stepping into a CTO
role. Ranum later left NFR to consult for TruSecure, before joining Tenable Network Security as CSO
.
In addition to his various full-time positions, Ranum has also held board or advisory positions at NFR Security, Protego Networks, and Fortify Software
.
audiences at LISA 1997, 1999 (tutorial) LISA 2000 (keynote), 2002, and 2003 (tutorial). He spoke out against full disclosure at the Black Hat Security Briefings in 2000. More recently, Ranum has spoken at Interop in 2005 and 2007,, CanSecWest in 2010, and Secure360 in 2011.
He previously taught courses for the SANS Institute
.
, as well as numerous other computer and network security articles and books.
, which have appeared approximately bi-monthly in Information Security Magazine since July, 2006.
Ranum is one of a number of editors of the SANS
Newsbites semiweekly email newsletter.
, and he wrote an essay for Oleg Volk's pro-firearms site. www.a-human-right.com. Marcus Ranum was also interviewed by digital artist Brandon Pence for the NWFLAA which can be read in 2 parts: Part 1 and Part 2.
Firewall (computing)
A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass....
, including building the first Internet email server for the whitehouse.gov
Whitehouse.gov
Whitehouse.gov is the official website of the White House and is owned by the United States government. Launched in October 1994, it contains general American history information, as well as current news pertaining to the President, press briefings, proclamations, executive orders, and any speeches...
domain, and intrusion detection systems. He has held leadership positions with a number of computer security companies, and is a Faculty member of the Institute for Applied Network Security.
Education
Marcus Ranum was born in New York City, and graduated from Gilman SchoolGilman School
Gilman School is a private preparatory school for boys located in the Roland Park neighborhood of Baltimore, Maryland. Founded in 1897 as the Country School for Boys, it was the first country day school in the United States. Gilman enrolls approximately 978 students, ranging from kindergarten to...
in Baltimore, Maryland before attending Johns Hopkins University
Johns Hopkins University
The Johns Hopkins University, commonly referred to as Johns Hopkins, JHU, or simply Hopkins, is a private research university based in Baltimore, Maryland, United States...
where he obtained a Bachelor of Arts in Psychology
Psychology
Psychology is the study of the mind and behavior. Its immediate goal is to understand individuals and groups by both establishing general principles and researching specific cases. For many, the ultimate goal of psychology is to benefit society...
in 1985.
Career
Ranum designed and implemented Digital Equipment CorporationDigital Equipment Corporation
Digital Equipment Corporation was a major American company in the computer industry and a leading vendor of computer systems, software and peripherals from the 1960s to the 1990s...
's Secure External Access Link (SEAL) (later AltaVista
AltaVista
AltaVista is a web search engine owned by Yahoo!. AltaVista was once one of the most popular search engines but its popularity declined with the rise of Google...
firewall), regarded as the first commercial bastion host firewall, in 1990. He left DEC to work for Trusted Information Systems
Trusted Information Systems
Trusted Information Systems was a computer security research and development company during the 1980s and 1990s, performing computer and communications security research for organizations such as NSA, DARPA, ARL, AFRL, SPAWAR, and others.TIS was founded in 1983 by NSA veteran Steve Walker, and at...
(TIS) as chief scientist and development manager for Internet security products. It was at TIS that Ranum became responsible for the whitehouse.gov Internet email site. Once charged with that responsibility, Ranum advocated that the whitehouse.com
Whitehouse.com
whitehouse.com was an adult and political entertainment website that first came online in 1997. According to a statement on the web, it was originally created by Ransom Scott as a place where uncensored discussion of government policies could occur before adult content was added to make it more...
domain be registered as well. Despite his advice, it was not registered by the government, but was later registered for an adult entertainment provider. At TIS, he developed the TIS Internet Firewall Toolkit (fwtk) under a grant from DARPA. After TIS, he worked for V-One as chief scientist, and was extensively involved in that company's IPO
Initial public offering
An initial public offering or stock market launch, is the first sale of stock by a private company to the public. It can be used by either small or large companies to raise expansion capital and become publicly traded enterprises...
. Three months after that IPO, Ranum formed his own company, Network Flight Recorder (NFR), and served as CEO
Chief executive officer
A chief executive officer , managing director , Executive Director for non-profit organizations, or chief executive is the highest-ranking corporate officer or administrator in charge of total management of an organization...
for three years before stepping into a CTO
Chief technical officer
A chief technology officer is an executive-level position in a company or other entity whose occupant is focused on scientific and technological issues within an organization....
role. Ranum later left NFR to consult for TruSecure, before joining Tenable Network Security as CSO
Chief security officer
A chief security officer is a corporation's top executive who is responsible for security.The CSO generally serves as the business leader responsible for the development, implementation and management of the organization’s corporate security vision, strategy and programs...
.
In addition to his various full-time positions, Ranum has also held board or advisory positions at NFR Security, Protego Networks, and Fortify Software
Fortify Software
Fortify Software is a San Mateo, California-based software vendor. The company was founded in 2003 and provides products that identify and remove security vulnerabilities from software applications. Its initial funding was provided by Kleiner, Perkins, Caufield & Byers. In September, 2010, the...
.
Public presentations
Ranum has spoken to USENIXUSENIX
-External links:* *...
audiences at LISA 1997, 1999 (tutorial) LISA 2000 (keynote), 2002, and 2003 (tutorial). He spoke out against full disclosure at the Black Hat Security Briefings in 2000. More recently, Ranum has spoken at Interop in 2005 and 2007,, CanSecWest in 2010, and Secure360 in 2011.
He previously taught courses for the SANS Institute
SANS Institute
The SANS Institute is a private US company that specializes in internet security training. It was founded in 1989, provides computer security training, professional certification through Global Information Assurance Certification , and a research archive - the SANS Reading Room...
.
Influence
Ranum's work has been cited in at least 15 published U.S. patentsPatent
A patent is a form of intellectual property. It consists of a set of exclusive rights granted by a sovereign state to an inventor or their assignee for a limited period of time in exchange for the public disclosure of an invention....
, as well as numerous other computer and network security articles and books.
Awards
- TISC "clue" award, 2000.
- Inducted into the ISSAInformation Systems Security AssociationThe Information Systems Security Association is a not-for-profit, international professional organization of information security professionals and practitioners...
hall of fame, 2000 or 2001. - Techno-Security Professional of the Year, 2005.
Articles
Marcus has co-authored a series of "Face Off" articles with Bruce SchneierBruce Schneier
Bruce Schneier is an American cryptographer, computer security specialist, and writer. He is the author of several books on general security topics, computer security and cryptography, and is the founder and chief technology officer of BT Managed Security Solutions, formerly Counterpane Internet...
, which have appeared approximately bi-monthly in Information Security Magazine since July, 2006.
Ranum is one of a number of editors of the SANS
SANS Institute
The SANS Institute is a private US company that specializes in internet security training. It was founded in 1989, provides computer security training, professional certification through Global Information Assurance Certification , and a research archive - the SANS Reading Room...
Newsbites semiweekly email newsletter.
Books
- The Myth of Homeland Security ISBN 978-0471458791
- Host Intrusion Monitoring Using Osiris and Samhain with Brian Wotring and Bruce Potter. ISBN 978-1597490184
- Web Security Sourcebook with Aviel D. RubinAvi RubinAviel David Rubin a graduate of the University of Michigan and Professor of Computer Science at Johns Hopkins University, Technical Director of the Information Security Institute at Johns Hopkins, Director of ACCURATE, President and co-founder of and an expert in systems and networking security...
and Dan GeerDan GeerDan Geer is a computer security analyst and risk management specialist. He is recognized for raising awareness of critical computer and network security issues before the risks were widely understood, and for ground-breaking work on the economics of security....
. ISBN 978-0471181484
Personal life
Currently, Ranum lives in Morrisdale, Pennsylvania. His hobbies include photography and firearms. He maintains an active stock photography account on DeviantArtDeviantArt
deviantART is an online community showcasing various forms of user-made artwork. It was first launched on August 7, 2000 by Scott Jarkoff, Matthew Stephens, Angelo Sotira and others. deviantArt, Inc...
, and he wrote an essay for Oleg Volk's pro-firearms site. www.a-human-right.com. Marcus Ranum was also interviewed by digital artist Brandon Pence for the NWFLAA which can be read in 2 parts: Part 1 and Part 2.
External links
- Marcus Ranum's personal website
- Ranum interview with RationalSecurity (2007-06-25)
- Security Solutions profile of Ranum (2006-12-01)
- Ranum interview with IEEE Security and Privacy magazine (2006-09-01)
- Ranum interview with SecurityFocus (2005-06-21)
- Ranum's DeviantArt website (stock)
- Ranum's DeviantArt website (portfolio)
- DojoSec Lecture — March 2009 — Ranum's discussing the failure of the notion of Cyber-warfare