Tim Bass

From Wikipedia, the free encyclopedia

Tim Bass (Timothy James Bass), an Internet security expert, invented Egress Filtering, an Internet security technique, on 21 September 1996, as a response to a Denial-of-service attack against an Internet Service Provider (ISP). He was the subject of a July 1999 article by Frank Vizard in Popular Science Magazine called WAR.COM, where Bass is credited with inventing the first countermeasure against email bombs used by hackers against Langley Air Force Base. The strategy invented by Bass in 1997 is known as the Blackhole Strategy. In April 2000, the Communications of the ACM published earlier work by Bass where he developed intrusion detection techniques. Tim now works for TIBCO (June 2006).

Contents 1 A Brief History of UNIX.COM 2 Blackhole Strategy 3 References 4 External links

[edit] A Brief History of UNIX.COM

In 1992 - 1993, Tim Bass was a consultant for SprintLink where he was responsible for network and security management of the SprintLink Internet backbone and the Sprint Managed Router Network (MRN) service. He was very active on Internet management related issues and was averse to the provider-based addressing Internet architecture, eventually publishing an IEEE paper on this topic.^[1]

While consulting for Sprint, Bass registered the Unix.com domain name claiming it stood for "UNiversal Internet eXchange" not UNIX the trademark purchased by the Open Group years after UNIX.COM was registered by Bass. Unix.com has become an actively moderated commercial-free question and answer forum for Unix-like operating systems. In July 2002, the World Intellectual Property Organization decided that Bass had a legitimate interest in the use of the Unix.com domain, and therefore the Open Group could not take the Unix.com domain away from Bass [1].

[edit] Blackhole Strategy

The Blackhole Strategy is a defense against email bombs that was invented by Tim Bass during the Langley Cyberattack in 1997. The basic requirements of the countermeasures against email bombs are ^[2]:

• Do not provide any feedback or error messages to the hackers or mail-bombers;
• Capture and minimize delivery of illegitimate mail using a rules-based filter;
• Copy suspect mail for future analysis, delivering legitimate e-mail robustly and quickly; and
• Keep and maintain all captured messages as potential forensic evidence.

[edit] References

1. ^ (July/Aug 1997) "Internet Exterior Routing Protocol Development: Problems, Issues, and Misconceptions". IEEE Network: pp. 50-55. ISSN 0890-8044. Retrieved on 2007-01-21. 
2. ^ Tim Bass and Alfredo Freyre, Science Applications International Corporation, Center for Information Protection; David Gruber, Lt. Col. and Glenn Watt, Lt. Col. USAF, Langley Air Force Base (March/April 1998). "E-Mail Bombs and Countermeasures: Cyber Attacks on Availability and Brand Integrity". IEEE Network 12 (2): pp. 10-17. ISSN 0890-8044. Retrieved on 2007-01-21. 

• Original Egress Filter Invention: New Denial of Service Attack on Panix
• Dedication is the Best Defense by Dan Verton
• Waging War.Com: A Hacker Attack against NATO Spawns a War in Cyberspace by Frank Vizard
• Intrusion Detection Systems & Multisensor Data Fusion: Creating Cyberspace Situational Awareness by Tim Bass
• Open Group's controversial dispute over UNIX domains by Tina Gasperson
• The Open Group's CEO defends domain-name dispute, calls for more openness by Grant Gross
• Unix.com Remains in the Hands of Users by Tina Gasperson

[edit] External links

• SilkRoad, Inc.
• The Unix Forums
• Tim Bass' CISSP Wiki
• Publications by Tim Bass
• Tim Bass' Profile on LinkedIn