About the Authors

Stacy Prowell is a senior research scientist in the Cyberspace Sciences and Information Intelligence Research Group at Oak Ridge National Laboratory (ORNL), where he conducts research on cyber security.

Prior to joining ORNL, Stacy worked for the well-known CERT program at Carnegie Mellon University on automated reverse engineering and malware classification. As an industry consultant, Stacy has worked on projects ranging from small, embedded devices to large, distributed, real-time systems and has managed a variety of software development projects. Stacy is a cofounder of Software Silver Bullets, LLC, a company that develops tools to support rigorous software engineering methods.

Stacy holds a PhD from the University of Tennessee and is a senior member of the IEEE and a member of the ACM and Sigma Xi. As this book was being written, Stacy and his family moved to Tennessee, where they now reside. He thanks his family, editors, coauthors, and employers for their amazing patience during this crazy time.

Mike Borkin (CCIE#319568, MCSE) is a director at PigDragon Security, a computer security consulting company, and an internationally known speaker and author. In his professional life, he has worked on developing strategies and securing the infrastructures of many different Fortune 500 companies at both an architectural and engineering level. He has spoken at conferences in both the United States and Europe for various industry groups including SANS, The Open Group, and RSA. This is his third book, having also contributed to Seven Deadliest Microsoft Attacks (Syngress, ISBN: 978-1-59749-551-6) and coauthored Windows Vista^® Security for Dummies^®.

Mike wishes to thank the coauthors and editors of this book for their dedication and all the hard work that went into bringing it to fruition. He wants to thank his Phi Kappa Tau brothers from the University of Tennessee (Go Vols!) and say that without that brotherhood and the 20+ years of friendship with Stacy Prowell, he would probably be just a janitor. He also wants to thank his family and friends for putting up with him during the process, and especially Melissa (||) for what she has to deal with on an everyday basis. He especially hopes that the information in this book provides you with a better understanding of how to secure network environments while still taking the time to entertain.

Rob Kraus (CISSP, CEH, MCSE) is a Senior Security Consultant for Solutionary, Inc. Rob is responsible for organizing customer requirements, on-site project management, and client support while ensuring quality and timeliness of Solutionary’s products and services.

Rob was previously a Remote Security Services Supervisor with Digital Defense, Inc. He performed offensive-based security assessments consisting of penetration testing, vulnerability assessment, social engineering, wireless and VoIP penetration testing, web application penetration tests, and vulnerability research. As a supervisor, Rob was also responsible for leading and managing a team of penetration testers who performed assessment services for Digital Defense’s customers.

Rob’s background also includes contracting as a security analyst for AT&T during the early stages of the AT&T U-verse service, as well as provisioning, optimizing, and testing OC-192 fiber-optic networks while employed with Nortel Networks.

Rob also speaks at information security conferences and universities in an effort to keep the information security community informed of current security trends and attack methodologies.

Rob is currently attending the University of Phoenix, completing his Bachelor of Science in Information Technology/Software Engineering, and he resides in San Antonio, TX, with his wife Kari, son Soren, and daughter Kylee.

Technical Editor

Chris Grimes (CISSP#107943, GSEC, GCIA, CEH) is a Senior Security Consultant with Roche Pharmaceuticals. He provides information security solutions in the areas of vulnerability management, intrusion detection, forensics and e-Discovery, Web application security, antivirus, and database security. Chris has worked for Eli Lilly, as well as IQuest Internet.