Dan Farmer

Elemental Security, Inc.

Dan Farmer has been involved in the computer industry for over 20 years and is recognized worldwide as one of the leading experts in computer and network security. Most recently he has been working as an independent security consultant for a wide range of organizations that include banks, computer manufacturers, research facilities, and government institutions. This summer he co-founded a new company, Elemental Security, Inc., and is currently writing a book on computer security while continuing to conduct research on forensic computing and large networks.

Dan's recent work has included serving as an expert witness for the recording company plaintiffs in their case against Napster (In Re Napster, Inc. Copyright Litigation.) Prior to that, he spent over three years heading network security at EarthLink, where he was responsible for the design and implementation of its security policies, firewall, the internal security infrastructure, as well as the maintenance and continual monitoring of host and network activity and all issues (including products, services, and connectivity) that dealt with Internet security.

Prior to joining EarthLink, Dan worked for several years at Sun Microsystems and Silicon Graphics. At both companies he was in charge of the technical aspects of computer and network security, as well as doing security and network research. He also served with CERT, the Computer Emergency Response Team, a venture funded by the Defense Advanced Research Projects Agency (DARPA) that was originally created because of an Internet worm incident in 1988 and was designed to facilitate the flow of security information and to provide emergency assistance to any person or organization on the Internet. There he coordinated support to CERT customers that were experiencing computer security emergencies and was in charge of disseminating vulnerability information to venders and getting them to announce and to fix their security problems.

Dan is perhaps best known for writing several software programs that are among the most widely used security tools in the world. In 1989, he wrote COPS (the Computer Oracle and Password System), the first publicly available Internet security tool, which provides variety of ways to test and report on the security of a UNIX system. In 1996, he co-authored the widely acclaimed SATAN (the Security Administrator's Tool for Analyzing Networks), a program that analyzes and reports on the security of a network. COPS and SATAN are the most popular and widely used security analysis tools ever written. Several companies took the ideas in these tools and created commercial products. Dan later co-authored Titan, which was released in December of 1998, and "The Coroner's Toolkit", released in August 2000. Titan fixes a variety of security problems and can help administrators create firewalls and implement their organization's technical security policy. The Coroner's Toolkit is a forensic computing tool available for Unix systems.

Dan has published several papers on computer security and networks, most notably on security analysis, software tools, security analysis of the Internet, and on the current issues with unsolicited commercial email (UCE, or spam.) Five years ago he created and hosted the first Security Summit, a weekend retreat where some fifty of the top security, cryptography, and network researchers gathered to discuss and attempt to solve some of the more pressing issues with security on the Internet. He has been interviewed as an expert on nearly every major television, radio, and print news outlet (including NBC, CBS, ABC, CNN, PBS, Time, Newsweek, the Wall Street Journal, and The New York Times), and was interviewed and profiled by Scientific American as one of the top experts in Internet security.

Dan received his B.S. in computer science from the Purdue University in 1989 and is a veteran of the U.S. Marine Corps.

[Back to top]

©2002 The Internet Law & Policy Forum. All rights reserved.