Marcus J. Ranum
   HOME

TheInfoList



OR:

Marcus J. Ranum (born November 5, 1962, in
New York City New York, often called New York City or NYC, is the most populous city in the United States. With a 2020 population of 8,804,190 distributed over , New York City is also the most densely populated major city in the Un ...
, New York, United States) is a computer and network security researcher. He is credited with a number of innovations in firewalls, including building the first Internet email server for the whitehouse.gov domain, and
intrusion detection system An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically rep ...
s. He has held technical and leadership positions with a number of computer security companies, and is a faculty member of the Institute for Applied Network Security.


Education

Marcus Ranum was born in New York City, and graduated from
Gilman School Gilman School is an all-boys independent school located in the Roland Park neighborhood of Baltimore, Maryland. There are three school divisions: Lower School, grades pre-kindergarten through five; Middle School, grades six through eight; and Up ...
in
Baltimore, Maryland Baltimore ( , locally: or ) is the List of municipalities in Maryland, most populous city in the U.S. state of Maryland, fourth most populous city in the Mid-Atlantic (United States), Mid-Atlantic, and List of United States cities by popula ...
before attending
Johns Hopkins University Johns Hopkins University (Johns Hopkins, Hopkins, or JHU) is a private research university in Baltimore, Maryland. Founded in 1876, Johns Hopkins is the oldest research university in the United States and in the western hemisphere. It consi ...
where he obtained a Bachelor of Arts in
Psychology Psychology is the scientific study of mind and behavior. Psychology includes the study of conscious and unconscious phenomena, including feelings and thoughts. It is an academic discipline of immense scope, crossing the boundaries between ...
in 1985.


Career

Ranum helped design and implement
Digital Equipment Corporation Digital Equipment Corporation (DEC ), using the trademark Digital, was a major American company in the computer industry from the 1960s to the 1990s. The company was co-founded by Ken Olsen and Harlan Anderson in 1957. Olsen was president un ...
's Secure External Access Link (SEAL) (later
AltaVista AltaVista was a Web search engine established in 1995. It became one of the most-used early search engines, but lost ground to Google and was purchased by Yahoo! in 2003, which retained the brand, but based all AltaVista searches on its own sear ...
firewall), regarded as the first commercial bastion host firewall, in 1990. He left DEC to work for
Trusted Information Systems Trusted Information Systems (TIS) was a computer security research and development company during the 1980s and 1990s, performing computer and communications (information) security research for organizations such as NSA, DARPA, ARL, AFRL, SPAWAR ...
(TIS) as chief scientist and development manager for Internet security products. It was at TIS that Ranum became responsible for the whitehouse.gov Internet email site. Once charged with that responsibility, Ranum advocated that the whitehouse.com domain be registered as well. Despite his advice, it was not registered by the government, but was later registered for an adult entertainment provider. At TIS, he developed the TIS Internet Firewall Toolkit (fwtk) under a grant from
DARPA The Defense Advanced Research Projects Agency (DARPA) is a research and development agency of the United States Department of Defense responsible for the development of emerging technologies for use by the military. Originally known as the Ad ...
. After TIS, he worked for V-One as chief scientist, and was extensively involved in that company's
IPO An initial public offering (IPO) or stock launch is a public offering in which shares of a company are sold to institutional investors and usually also to retail (individual) investors. An IPO is typically underwritten by one or more investment ...
. Three months after that IPO, Ranum formed his own company, Network Flight Recorder (NFR), and served as CEO for three years before stepping into a CTO role. Ranum later left NFR to consult for TruSecure, before joining Tenable Network Security as CSO. In addition to his various full-time positions, Ranum has also held board or advisory positions at NFR Security, Protego Networks, and
Fortify Software Fortify Software, later known as Fortify Inc., is a California-based software security vendor, founded in 2003 and acquired by Hewlett-Packard in 2010, Micro Focus in 2017, and OpenText in 2022. Fortify offerings included Static application secu ...
.


Public presentations

Ranum has spoken to USENIX audiences at LISA 1997, 1999 (tutorial) LISA 2000 (keynote), 2002, and 2003 (tutorial). He spoke out against full disclosure at the Black Hat Security Briefings in 2000. More recently, Ranum has spoken at Interop in 2005 and 2007, CanSecWest in 2010, and Secure360 in 2011. He previously taught courses for the
SANS Institute The SANS Institute (officially the Escal Institute of Advanced Technologies) is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for t ...
.


Influence

Ranum's work has been cited in at least 15 published U.S. patents, as well as numerous other computer and network security articles and books.


"Ranum's Law"

Ranum is cited as the author of an
eponym An eponym is a person, a place, or a thing after whom or which someone or something is, or is believed to be, named. The adjectives which are derived from the word eponym include ''eponymous'' and ''eponymic''. Usage of the word The term ''epon ...
ous law, "You can't solve social problems with software."


Awards

* TISC "clue" award, 2000. * Inducted into the ISSA hall of fame, 2000 or 2001. * Techno-Security Professional of the Year, 2005.


Publications


Articles

Marcus has co-authored a series of "Face Off" articles with
Bruce Schneier Bruce Schneier (; born January 15, 1963) is an American cryptographer, computer security professional, privacy specialist, and writer. Schneier is a Lecturer in Public Policy at the Harvard Kennedy School and a Fellow at the Berkman Klein Cente ...
, which have appeared approximately bi-monthly in Information Security Magazine since July, 2006. Ranum is one of a number of editors of the SANS Newsbites semiweekly email newsletter. * * * * * *


Books

*''The Myth of Homeland Security''. *''Host Intrusion Monitoring Using Osiris and Samhain'' with Brian Wotring and Bruce Potter. *''Web Security Sourcebook'' with Aviel D. Rubin and Dan Geer.


Personal life

Currently, Ranum lives in
Morrisdale, Pennsylvania Morrisdale is a census-designated place located in Morris Township, Clearfield County, in the state of Pennsylvania. As of the 2020 census, the population was 684.https://data.census.gov/all?q=Morrisdale+CDP,+Pennsylvania Its location is appro ...
. His hobbies include photography and firearms. He maintains an active stock photography account on
DeviantArt DeviantArt (historically stylized as deviantART) is an American online art community that features artwork, videography and photography, launched on August 7, 2000 by Angelo Sotira, Scott Jarkoff, and Matthew Stephens among others. DeviantArt, ...
, and he wrote an essay for Oleg Volk's pro-firearms site
www.a-human-right.com
Marcus Ranum was also interviewed by digital artis
Brandon Pence
for the NWFLAA which can be read in 2 parts
Part 1
an
Part 2
He is an atheist, maintaining a blog on the Freethought Blogs network.


References


External links


Marcus Ranum's personal website



Security Solutions profile of Ranum (2006-12-01)

Ranum interview with IEEE Security and Privacy magazine (2006-09-01)

Ranum interview with SecurityFocus (2005-06-21)

Ranum's DeviantArt website (stock)

Ranum's DeviantArt website (portfolio)

DojoSec Lecture — March 2009 — Ranum's discussing the failure of the notion of Cyber-warfare
{{DEFAULTSORT:Ranum, Marcus J. 1962 births Living people People associated with computer security Usenet people Digital Equipment Corporation people American atheists American computer specialists