Speaker bios:

Brian Moeller, CISSP,

'''Firewall and Network Security Consultant, The Ohio State University Network Security/Incident Response Team'''

Brian is a member of the OSU IRT. He usually functions as the 'incident cleanup' person. He follows up after an incident is complete, and helps the network administrators apply various security tools and tactics to prevent further incidents. He also does firewall testing and research, risk assessments, and intrusion detection. Check out some of the services that he helps provide at the university.

His ability to translate between technical and managerial language makes him quite flexible, and often a very interesting speaker. Just watch out -- sometimes he launches into a strange management/buzzword language that few technical people can understand.

He is a member of CSI, ISACA, ISSA, and participates with the AEGIS group and the FBI Infragard group. He is an active volunteer for (ISC)2, administering the CISSP exam.

You can reach him via e-mail at moe@net.ohio-state.edu.

Charles Morrow-Jones

Since July, 2004 Charles Morrow-Jones has been Director, CyberSecurity. Office of the Chief Information Officer, The Ohio State University, Columbus, Ohio. He and his staff are responsible for improving CyberSecurity at The Ohio State University (OSU) by developing and implementing programs to increase campus awareness of security issues, practices and responsibilities; by better securing the OSU data network from both internal and external threats; and by improving the protection of information associated with individual community members.

He has been at OSU since 1989, and has served in various information technology administrative roles since 1990. In a previous life, he taught Information Technology at the University of Colorado-Boulder. He is a graduate of Ohio State.

Seth Hall

Seth promises he'll write a bio soon, until then here is a nice bit of filler text that tells you nothing about this mysterious person.

Steve Romig

Steve Romig in charge of the Ohio State University Incident Response Team, which provides incident response assistance, training, consulting, and security auditing service for The Ohio State University community. He is also working with a group of people from Central Ohio businesses to improve internet security response and practices in the Ohio area.

Steve received his Bachelor's degree in Math (Computer Science Track) from Carnegie Mellon University in 1983. In years past Steve has worked as lead UNIX system administrator at one site with 40,000 users and 12 hosts and another site with 3,000 users and over 500 hosts.

You can reach him by phone at 1-614-688-3412 (we're in GMT-0400/0500, I'm generally in the office "for sure" between 10 AM and 6 PM) or by email at romig@net.ohio-state.edu.

Most recently Steve has been working on tools to make it easier to investigate network related evidence of computer security incidents, such as the Review package for viewing the contents of tcpdump logs, and the Netflow package from Mark Fullmer for looking at Cisco net flow logs.

You can find a somewhat up to date CV at http://www.net.ohio-state.edu/security/bios/steve-romig-vitae.html.

Kyle Evans

Kyle Evans is a Network Engineer for the Student Affairs IT department at The Ohio State University. His work focuses on managing Cisco Clean Access for ResNet and maintenance of the ResNet and Student Affairs networks. Kyle received his Bachelor of Science degree in Electrical and Computer Engineering at the Ohio State University, and he currently holds a CCNA certification.

Chris Hartley

Chris Hartley is a senior in Computer Science and Engineering at The Ohio State University, and acts as Security Lead to ResNet, Student Affairs Information Technology at OSU.

Jim Clausing

Jim has worked in the computer industry for more than 20 years. During this entire time he has done system administration and security (sometimes as a full-time job, sometimes in addition to the "real" job).

In the early 80s, he did research in parallel processing and algorithms. In the late 80s and early 90s, he taught, did research, and wrote commercial compilers for parallel machines (both shared and distributed memory). He briefly dabbled in databases in the mid 90s.

Most recently, he has been concentrating on firewalls, intrusion detection, incident response, and forensics.

He holds a BS in both Mathematics and Computer Science from Muskingum College and a MS degree in Computer Science from the Ohio State University. Jim holds Checkpoint CCSA, GIAC GCIA (intrusion analyst) and GCFA (forensic analyst) certifications and and the CISSP and serves on the GCIA and GCFA advisory boards, chairing the latter.

Jim has served as SANS local menter for the GCFW and GCIA tracks and will be offering the GCFA track next year. Further, he will be teaching a session of the SANS Stay Sharp Program on packet analysis in Columbus in January.

Jim is a member of the Columbus, OH chapter of Infragard. Jim is currently a Technology Consultant in network security for AT&T Solutions.

Jim is a coauthor of the recent SANS Press book, _Securing Solaris 8 & 9 Using the Center for Internet Security Benchmark_.

In his copious free time, Jim is a volunteer handler for the (SANS) Internet Storm Center (isc.sans.org). Jim enjoys cycling and is an instrument-rated private pilot.

Russ Herrold

Mr. Herrold is a principal at Owl River Company (owlriver.com), a high-end Unix consultancy, with strong Open Source underpinnings. Its principal clientele are firms in the financial services industry, and ISPs.

He has been active with Linux development since 1994, serves as the editor of the RPM packaging tool website (rpm.org), and is a principal in and security matters representative to the Linux distribution, intra-vendor private vulnerability response and co-ordination group for the cAos (caosity.org) and CentOS (centos.org) community Linux distributions.

He is a frequent speaker on Open Source, Unix and info-sec matters, and long time leader of the Central OH Linux User Group (colug.net)

William Yang

William Yang is a recognized expert in information systems and security, specializing in the development and improvement of security processes that ensure long-term business value.

As a consultant with clients in government, industry, and academia, he built his skills, perspective, and expertise by leading information security, operations continuity, outreach, and software development projects for the Ohio Supercomputer Center; by serving as senior management in startup ventures; and by being the senior official responsible for the State of Ohio's enterprise information security.

Mr. Yang's work to build cooperation across the security industry includes the founding of InfraGard, a national partnership that brings government, academia, and business together to improve the security of U.S. Critical infrastructures.

His efforts earned the formal thanks of the National Infrastructure Protection Center (now part of the Department of Homeland Security) and recognition "for exceptional service in the public interest" by the Federal Bureau of Investigation.

Shawn Sines

Shawn Sines is the resident Information Security Outreach Specialist in the Office of the CIO Security group. He comes to us from The Columbus Dispatch where he was a technology writer, game critic, podcaster and publishing systems engineer.

He is also a former US Marine so don't get on his bad side - he probably knows 42 ways to kill you with a spoon.

Mark Fullmer

Mark Fullmer heads the IP routing group at OARnet where he's currently working on Ohio's Third Frontier Network, a state wide fiber network linking colleges, universities and K-12 school's. Previously Mark has worked at ITEC Ohio as a software developer and Ohio State University in the network engineering group. He received his bachelor's degree in computer engineering from OSU. ---

Kevin Finisterre

Kevin Finisterre is the former Head Of Research and Co-founder of SNOSoft, Inc. aka Secure Network Operations. Kevin's primary focus has been on the dissemination of information relating to the identification and exploitation of software vulnerabilities on various platforms. Apple, IBM, SAP, Oracle, Symantec, and HP are among many vendors that have had problems that were identified by Kevin. Kevin is currently very active in the Bluetooth scene. He enjoys testing the limits and is constantly dedicated to thinking outside the box. His current brainchild is the project he calls DigitalMunition.com