The first thing to admit is that not all of us were authors in this process; some were editors and technical reviewers. But in the end, we are a group of contributors that helped pull this book project together and make it interesting and worthwhile to own and read. The second thing to admit is that different chapters are written by different authors, and that each has his or her own approach, style, background, etc. We thought the following, written by each contributor, might help you pinpoint who wrote what and what wrote who.

Bryan Burns: I am Chief Security Architect with the Juniper Networks’ J-Security Team. I work closely with the other Juniper authors of this book on a daily basis to ensure that Juniper’s security products can defend against all the tools and techniques listed in this book. In fact, the real reason why I’m so familiar with these security tools is because I use and study them to know how best to detect and stop the malicious ones. I was responsible for putting together the initial list of tools and chapters for this book and also convinced the other authors (against their better judgment) to contribute their expertise and precious time to make this book happen. I wrote Chapter 2, and Chapter 7, and contributed the section on airpwn (a tool I am the author of) to Chapter 8. Finally, along with Steve Manzuik, I provided a technical review of the chapters in this book.

Jennifer Stisa Granick: For the past seven years, I’ve been the Executive Director of the Center for Internet and Society at Stanford Law School, and I teach the Cyberlaw Clinic and a Cybercrime Seminar. By the time you read this, I will have taken a new position as Civil Liberties Director with the Electronic Frontier Foundation, though I plan to continue teaching my computer crime class at Stanford. I also specialize in computer security law, national security, constitutional rights, and electronic surveillance. In my previous life, I worked for the California Office of the State Public Defender and started my own private practice in San Francisco. In my chapter, Chapter 1, I tried to give the reader a sense of the both the infancy of network security law as well as the vastness of the topic and its permutations.

Steve Manzuik: I’m the Senior Manager of Research at Juniper Networks, and I acted as the lead tech reviewer for the book, pinch-hitter for small tool sections, and code checker. I have been with Juniper Networks for the past six months. In my previous life, I worked for eEye Digital Security, Ernst & Young, IBM, and the BindView RAZOR research team. I am also the founder and moderator of the full disclosure mailing list VulnWatch (www.vulnwatch.org) and am a huge supporter of other open source projects that help further the IT security effort. I am no stranger to the task of writing books as I have worked on two previous titles for another publisher, so I was glad to offer my help in performing a technical edit and helping out write various smaller sections of some of the chapters.

Paul Guersch: I’m a security technical writer, and I acted as one of the developmental editors of the book, having either edited or examined every chapter in the book at least twice. I also acted as chief pest of the project and would bug all the people in this section sometimes on a daily basis. I have been with Juniper Networks for the past year-and-a-half. In my previous life, I worked for McAfee, Entercept, Covad, Apple, Fairchild, and a couple of startups as well. During that time, I wrote several hardware and software technical instruction manuals, I have given technical classes, and developed self-instruction courses. I would like to acknowledge that it has been a great experience working with this technically advanced group of individuals on this book. As I am not an engineer, I am truly amazed when I read a chapter because they know so much about network security. They are truly at the top of their game when it comes to securing and protecting customer systems. They keep me on my toes.

Dave Killion, CISSP: I’m a network security engineer specializing in network defense, and I authored Chapter 13 and Chapter 18. I have been with Juniper Networks (previously NetScreen) for more than six years. In my previous life, I worked for the U.S. Army as an Information Warfare/Signals Intelligence Analyst. I also contributed to another book, Configuring NetScreen Firewalls (Syngress). In my chapters, I take a straightforward approach to network security and assume that you know very little about networking or security, but that you are familiar with the operating system you use.

Nicolas Beauchesne: I’m a network security engineer specializing in network penetration. I authored Chapter 9, Chapter 12, Chapter 19, and Chapter 22. I have been with Juniper Networks for the past two years. In my previous life I worked as a security consultant for different firms and clients ranging from banks to defense contractors and agencies. In my chapters, I try to take a hands-on approach to security, and I assume that you know at least the basics of networking, assembly, and operating system internals.

Eric Moret: I have been in the security field for 10 years. In this period, I had the privilege to witness all stages of a startup company in Silicon Valley, from three employees back in 1999 when OneSecure Inc. received round A funding and was incorporated, to our merger with Netscreen Technologies, which in turn was acquired by Juniper Networks in early 2004. I’m currently the manager of a versatile team of hacker security professionals called SABRE (or Security Audit Blueprint and Response Engineering). We do everything from code security analysis to Functional Specs review, to engineer training in secure coding, and even to publishing of white papers intended to support talks we give at computer security conferences. In this book, I authored Chapter 20, where I present file integrity checkers. I also coauthored Chapter 14, where I introduce SELinux and its supporting GUI, making it usable by anybody for the first time in history. I also coauthored Chapter 15, in which I wrote the part that deals with advanced ssh configuration—I particularly like the DNSSEC-based server authentication, which I hope will see larger deployment in the not-so-distant future.

Julien Sobrier: I’m a network security engineer at Juniper Networks. I work mainly on the Intrusion Detection and Preventions systems. I have been working for Juniper for about two years and previously worked for Netscreen, another security network company. I wrote Chapter 3, Chapter 16, Chapter 17, and half of Chapter 15. I have used these tools regularly at work or on my personal server. I hope that you will understand what these tools are for, when not to use them, and which ones fit your needs.

Michael Lynn: I’m a network security engineer, and I wrote Chapter 5 and Chapter 23 as well as a portion of Chapter 8. I have been with Juniper Networks for the past two years. Prior to coming here, I did security and reverse engineering work for Internet Security Systems, and I was a founder of AirDefense Inc. In my chapters, I try to guide you through the material as I would if you were sitting next to me, and I’ve tried to make them as accessible as possible.

Eric Markham: I’m a network security engineer and I wrote Chapter 4 as well as coauthored Chapter 14 with Eric Moret. I have been with Juniper Networks for the past five years. For a while back in the late ’90s, I worked at a “Mom and Pop” ISP and then transitioned to a number of startups, always as the Manager of Information Technology. I chose to write the chapters that I did because my work experience was directly related to those subjects. In my chapters, I take a somewhat down-to-earth approach to network security with the expectation that you have good understanding about TCP/IP networks, the major differences between *nix and other operating systems, and what makes the sky blue. As I’m not a writer by trade, and this project pretty much proved to me that writing is something best left to the experts.

Christopher Iezzoni: I’ve been a security researcher and signature developer with Juniper’s security team for several years now. Before that, I worked in similar positions with Netscreen and OneSecure, until their respective acquisitions. In both Chapter 11 and Chapter 21, I feel like I’ve only been able to gloss over the surface of each subject, but hopefully the material is accessible enough that everyone may take something away from it.

Philippe Biondi: I am research engineer at EADS Innovation Works, where I work in the IT security lab. I am the creator of many programs, such as Scapy and ShellForge. I authored Chapter 6 (in which Scapy is the main security power tool) and Chapter 10.