October 11, 2004

Genesis of a Linux guru

Author: Tina Gasperson

Steve Buer, resident coding hero at Secureworks, sure seems to be having a good time helping his company develop a little Linux-based security device called iSensor. Buer writes the software for the appliance, which sits between the network and the Internet, looks at the traffic, and filters out malicious packets, while at the same time sending alerts back to Secureworks' security operations center. While his boss now calls him "the father of our technology here," Buer didn't even know Linux until after he started working at the company after getting his college degree four years ago.Buer earned a bachelor's degree in biology from Syracuse University and got a job with Secureworks in the summer of 2000, working in the field engineering department. The company had already started development work on the iSensor, and Buer was hired to do beta installs out in the field.

By the time he'd done about 70 installs he knew there had to be a better way. "They were pretty involved," Buer said. "This router-type device was taking up to a full day for onsite installation. I knew that if we were going to be successful, we had to make it a lot easier."

Buer believed that Secureworks had to eliminate the need to do time-consuming reconfiguration on the client's network. He'd always been interested in Linux, and he had an idea. Why not use proxy ARP to simplify the install procedure? Proxy ARP allows a firewall to respond to address resolution protocol (ARP) requests for hosts other than itself. This is far less intrusive than standard address resolution requests on the network, which meant the beginning of a simpler installation procedure for Buer and Secureworks.

Buer's wrote his first open source project, called arpoison, back when he was learning to code for Linux, working hard at home "building up skills." Arpoision is a network analysis tool that sends ARP packets to and from specified hardware and protocol addresses.

Buer's innovation and desire to learn to code in an unfamiliar operating system got the attention of Jon Ramsey, director of Internet security at Secureworks. He brought Buer onto his team, and they began to analyze the installation process.

"We determined the only way to deal with the situation was to make modifications to the Linux kernel," Ramsey said. "I was hesitant, and scared to modify the kernel. Steve looked at me and said, 'it's just a program,' and I realized he was right." So Buer and Ramsey embarked on a nine-month development effort, one in which Ramsey says Buer has been "extremely pivotal."

What is it about Buer that makes him so valuable and so revered in the workplace? Ramsey said it is a unique mix of courage, technical ability, and good old-fashioned people skills.

"The key with Steve is his personality traits. He has no fear, but he has the correct amount of respect for the technology. He respects it enough to use it in a meaningful way. When he started working for me he hadn't written a single line of code. Today, he's probably the most proficient systems engineer I have the privilege of knowing.

"He perceives technology as 80% people and 20% ones and zeros. The most important thing about Linux is that it is a platform that can be crafted by a community, and Steve is inherently a craftsman.

"Most technology people are rather negative. Steve is positive: he's very quick to say 'we can do that.'"

Category:

  • Management
Click Here!