joe St Sauver

JOE ST SAUVER, Ph.D.

joe@stsauver.com
(541) 228-7644

PGP: 0D4FF84E (40CD 8550 019E 34CC 0AC8 23DA AB2E A530 0D4F F84E)


Selected Professional Activities

· Distinguished Scientist, DomainTools, Inc.

· Senior Technical Advisor, Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG).

· Member, REN-ISAC (Research and Education Networking Information Sharing and Analysis Center) Technical Advisory Group.


Presentations/Papers/Articles/Projects

·New Draft Rule on Ransomware Payments and Cyber Incident Reporting"
DomainTools Blog, May 16th, 2024.

·Enhancing dnsdbq Output With Geolocation Data
DomainTools Blog, March 28, 2024.

·Automatically Chasing CNAMEs in Farsight DNSDB Scout
DomainTools Blog, February 22nd, 2024.

·Need A New PC? Buy One That's Prebuilt (Rather Than Building One Yourself)
DomainTools Blog, February 1st, 2024.

·Finding Patterns That Only Match Registered Domains (and Which Don't "Overmatch" Against Subdomains)
DomainTools Blog, January 18th, 2024.

·New Report Helps Users Bring Up a Secure Virtual Private Server Under Debian 11
DomainTools Blog, January 11th, 2024.

·Finding New ASNs
DomainTools Blog, January 4th, 2024.

·IPv6: You May Already Be Using It
DomainTools Blog, December 14th, 2023.

·New Improvements to dnsdbq
DomainTools Blog, November 30th, 2023.

· New Report Available: Aggregate Count Data for All Internet IPv4 Addresses as Seen in DNSDB
DomainTools Blog, November 2nd, 2023.

·Speeding Up Farsight DNSDB Queries via Parallelization
A DomainTools Whitepaper, September 5, 2023.

·Classic DNSDB API Version 1 vs the Newer DNSDB API Version 2 (DNSDB APIv2): What Are YOU Using?
DomainTools Blog, August 31st, 2023.

·Discord Malware and TOWINAP ("The Only Way is Nuke and Pave")
DomainTools Blog, August 22nd, 2023.

·Using Farsight DNSDB Flexible Search to Find Matching Rdata in TXT Records
DomainTools Blog, August 17th, 2023.

·"Ex uno plures:" Finding and blocking a spanning set of IP addresses when starting from just one
DomainTools Blog, June 29, 2023.

·Understanding SIE Channel Access
DomainTools Blog, June 1st, 2023.

·New Major Version of SIE Remote Access (SRA)
DomainTools Blog, May 18th, 2023.

·Introduction to IPFS
DomainTools Blog, April 27th, 2023.

·Farsight DNSDB Time-Fenced Queries: the "New World" Code Is Now Faster-Running
DomainTools Blog, April 6th, 2023.

·Carrying Arbitrary Data Payloads (Such as Images) In NMSG
DomainTools Blog, March 02, 2023.

·Comparing Images Such as Screenshots Using Perceptual Hashes
DomainsTools Whitepaper, March 2023.

·Getting Cybersecurity Protection Via Your DNS: Opportunities and Challenges
DomainTools Blog, January 12th, 2023.

·Using Iris Investigate Pivot Engine to Collect Bulk Screenshots
DomainTools Blog, November 10th, 2022.

·Domains That Begin With A Digit: Risk Profiles for Selected ASNs
A DomainTools Whitepaper, October 20th, 2022.

·Using AXAMD to Read Observations from NOD SIE Ch212 ("Newly Observed Domains") with Python3
DomainTools Blog, October 6th, 2022.

·Enhancing DNSDB to Better Handle DNS Wildcard Names
DomainTools Blog, September 15th, 2022.

·Efficiently Accessing a Moderately Large Sorted and Uniquely-Keyed CSV File in Python3 with MTBL
DomainTools Blog, June 16th, 2022.

·"I've Found Some Bad Domains -- Now What?"
DomainTools Blog, May 12th, 2022.

·Non-Routable Private Address Space That Appears in DNSDB Results
DomainTools Blog, March 24th, 2022.

·Dealing With Short Search Terms When Using DNSDB Flexible Search
A DomainTools Whitepaper, February 28th, 2022.

·How Are The Results From A DNSDB Standard Search Ordered?
Farsight Security Blog, December 15th, 2021.

·Passive DNS and SIE File Formats
Farsight Security Blog, November 19th, 2021.

·Going From An IP Address to A Fully Qualified Domain Name (FQDN) In DNSDB
Farsight Security Blog, October 14th, 2021.

·Going From A Domain Name to IP Address in DNSDB: Some "Pro Tips" To Keep In Mind
Farsight Security Blog, September 29th, 2021.

·Year-by-Year TLD Volumetric Data Covering A Decade
Farsight Security Blog, June 28th, 2021.

·What's a UUID?
Farsight Security Blog, June 22nd, 2021.

·New Report: DNS Network Traffic Volumes During the Pandemic: April 2020-March 2021
Farsight Security Blog, June 2nd, 2021.

·New Report: A Decade of Passive DNS: A Snapshot of Top-Level Domain Traffic
Farsight Security Blog, May 4, 2021.

·Limiting DNSDB Results: dnsdbq little ell vs big ell
Farsight Security Blog, March 30, 2021.

·New dnsdbq Options: ASN Tagging and New Output Transforms Added
Farsight Security Blog, March 25, 2021.

·Building A Tabbed Graphical Interface in Python3 for DNSDB
Farsight Security Blog, March 2, 2021.

·These Days Some Of The Bad Guys Are Even Spoofing FBI-Related Domain Names..."
Farsight Security Blog, November 24, 2020.

·Creating a DNSDB-Flexible-Search-To-DNSDB-Standard-Search Pipeline With 0mq
Farsight Security Blog, October 30, 2020.

·Using 0mq to Plumb a Simple Intermediate Layer for a DNSDB Client/Server Application
Farsight Security Blog, October 22, 2020.

·What's a Regular Expression?
Farsight Security Blog, August 4th, 2020.

·What is Globbing?
Farsight Security Blog, August 4th, 2020.

·New Farsight Security Research: DNS Network Traffic Volumes During the 2020 Pandemic
Farsight Security Blog, May 27, 2020.

·Introduction to SIE Channel 115: DDoS Events
Farsight Security Blog, May 14, 2020.

·Using The SIE Batch API to Find Matching Names in Newly Observed Domains (NOD)
Farsight Security Blog, April 1st, 2020.

·New Whitepaper: Working With The SIE Batch API: A Command Line Client In Ruby, Perl, Python and C
Farsight Security Blog, March 26th, 2020.

·SIE Batch API: A libcurl example in C ("sie_get")
Farsight Security Blog, March 23rd, 2020.

·What's SIE Batch? Why Might I Be Interested In It?
Farsight Security Blog, February 20th, 2020.

·Getting a Running Start with the NVIDIA Jetson Nano
Farsight Security Blog, January 24th, 2020.

·Why Do Incident Responders and Other Investigators Focus on Particular DNS Record Types?
Farsight Security Blog, November 22nd, 2019.

·Newly Registered Domains vs. Newly Observed Domains vs. Newly Active Domains vs. Newly Observed Hostnames vs. DNS Changes: What Does "New" Mean?
Farsight Security Blog, October 24th, 2019.

·Visualizing the Hard-to-Visualize: DNS and SSL/TLS Cert Existence Over Time Using R Graphics
Farsight Security Blog, September 30th, 2019.

·Crushing Monolithic Data Results ("Rock") Into "Gravel": dnsbq New -g Volume-Across-Time Option"
Farsight Security Blog, September 27th, 2019.

·Getting More Results from DNSDB Using the New -O (Offset) Option
Farsight Security Blog, September 24th, 2019.

·New DNSDB -V summarize option: Sometimes "Less" Is "More"
Farsight Security Blog, September 10th, 2019.

·Running Bulk Queries in DNSDB For A File of IP Addresses
Farsight Security Blog, July 29th, 2019.

·Creating Pandas Dataframes and CSV Files from DNSDB API Output Using Python3
Farsight Security Blog, July 23rd, 2019.

·A Second Approach To Automating Detection of "Random-Looking" Domain Names: Neural Networks/Deep Learning
Farsight Security Blog, July 9th, 2019.

·Using DNSDB With openssl s_client to Scan A List of Hosts For Expired SSL/TLS Certificates
Farsight Security Blog, May 29th, 2019.

·Automating Detection of "Random-Looking" Algorithmic Domain Names
Farsight Security Blog, May 17th, 2019.

·Analyzing DNSDB Volume-Over-Time Time Series Data With R and ggplot2 Graphics (Part Three of a Three-Part Series)
Farsight Security Blog, April 18th, 2019.

·Volume-Over-Time Data From DNSDB Export MTBL Files (Part Two of Three-Part Series)
Farsight Security Blog, April 1st, 2019.

·Finding Top FQDNs Per Day in DNSDB Export MTBL Files (Part One of a Three Part Series)
Farsight Security Blog, March 22, 2019.

·Poison Pivots
Farsight Security Blog, March 14, 2019.

·Running dnsdb_query.py Under termux on Android
Farsight Security Blog, February 7, 2019.

·Bulk Converting Internationalized Domain Names to Punycode With Perl and Net::IDN::Encode for Use With DNSDB
Farsight Security Blog, September 18th, 2018.

·ASN-To-Prefixes-To-Domain Names -- Update to May 2017 Blog Article
Farsight Security Blog, September 4th, 2018.

·The Only Thing That's Constant Is Change: The DNS Changes Channel (SIE Channel 214)
Farsight Security Blog, August 27th, 2018.

·IPs, Address Ranges, and CIDR Block Queries in DNSDB API
Farsight Security Blog, June 1st, 2018.

·8 Common DNSDB 'Pivots' For Threat Hunting
Farsight Security Blog, May 3rd, 2018.

·"Black Box" Testing with the Python Black Box Tool (pbbt)
Farsight Security Blog, March 26th, 2018.

·Using Farsight's dnsdbq Command Line DNSDB Tool in a Microsoft Windows Environment: The "Windows Subsystem for Linux" Option"
Farsight Security Blog, March 15th, 2018.

·The "Forgotten Half" of DNSDB: DNSDB's DNSSEC Coverage [coauthored with Dr. Paul Vixie]
Farsight Security Blog, March 8th, 2018.

·Farsight's DNSDB Time Fencing: A Post-Attack "Time Machine"
Farsight Security Blog, February 12th, 2018.

·A Quick Overview of the Top Seven DNS Record Types
Farsight Security Blog, December 1st, 2017.

·The Registration Data Access Program (RDAP), Whois and You
Farsight Security Blog, November 17th, 2017.

·Challenges of Cloud Computing [pptx], [pdf]
Fedex Global Education Center, University of North Carolina, Chapel Hill, October 19th, 2017.

·How Many "Parts" (or "Labels") Does A Domain Name Typically Have?
Farsight Security Blog, October 13th, 2017.

·Zone Walking (Zone Enumeration via DNSSEC NSEC Records)
Farsight Security Blog, September 1st, 2017.

·CAA Records: An Alternative to DANE for Protecting SSL/TLS Certificate Users
Farsight Security Blog, August 25th, 2017.

·The Anti-Phishing Working Group (APWG)'s Global Phishing Survey: Farsight's Take On A Terrific Report
Farsight Security Blog, July 11th, 2017.

·Automatically Going From An Autonomous System Number (ASN), To The Prefixes It Announces, To The Domain Names
Seen Using Those IPs -- Another Farsight DNSDB API Demo Application and Whitepaper [html]

Farsight Security Blog, May 31st, 2017. Linked items:

·New Farsight White Paper Available For Download: Building a Demo GUI Front End for DNSDB API In Scala [html]
Farsight Security Blog, May 16th, 2017. Linked items:

·Today's Cyber Security Weather Forecast: Partly Cloudy with Chance of Rain (But No, The Sky Isn't Falling...) [pptx], [pdf]
Big Sky Information Security Conference, Missoula, Montana, April 19th, 2017.

·Performing Regex Searches Against DNSDB MTBL Files
Farsight Security Blog, April 11th, 2017.

·What is a Bailiwick? [html]
Farsight Security Blog, March 21, 2017.

·RECORD TYPE=NULL Records In DNSDB Mtbl Files [html]
Farsight Security Blog, March 8, 2017.

·Creating a Heatmap From SIE Channel 204 Data [html]
Farsight Security Blog, January 27, 2016.

·Geolocating & Mapping IP Address Data From SIE [html]
Farsight Security Blog, January 16, 2016.

·Farsight's DNSDB Plugin for Splunk [html]
Farsight Security Blog, December 7th, 2016.

·Raw Hex Rdata Queries: An Obscure (But Potentially Quite Useful) Bit Of DNSDB Functionality [html]
Farsight Security Blog, November 25th, 2016.

·Forming General Filter Rules Using BGP Prefix Data and Passive DNS [pptx], [pdf]
FIRST TC, Palau Robert, Barcelona, Catalonia, Novembr 10th, 2016.

·Making Programmatic DNSDB Queries With libcurl [html]
Farsight Security Blog, November 4th, 2016.

·Nowhere to Hide: Using Passive DNS To Find Spammer Infrastructure [pptx], [pdf]
M3AAWG Paris, France, October 24th, 2016.

·Batch Versus Flow: "Real-Time" Data-Driven Network Security [pptx]
NWACC Information Security Workshop, Portland OR, October 18th, 2016.

·Visualizing SIE Channel 204 Rdata [html]
Farsight Security Blog, Oct 7, 2016.

·Accessing Darknet Telescope Data via SIE Remote Access (SRA) [html]
Farsight Security Blog, Jun 13, 2016.

·Anti-Pervasive Monitoring Threat Models [pptx], [pdf]
M3AAWG 37, Philadelphia PA, June 16th, 2016.

·Spotting a DNS Denial of Service Reflection Attack in SIE Darkspace Telescope Data
Farsight Security Blog, June 3rd, 2016

·[Successfully] Operating in Denied Areas Online [pptx], [pdf]
Keynote, Cybersecurity and You: Issues in Higher Education and Beyond, University of Maryland, Baltimore, April 8th, 2016.

·The Magic of SRV Records
Farsight Security Blog, March 28, 2016.

·On 'Normalizing' or 'Scaling' Cybersecurity Metrics and Measuring the Right Thing For The Right Entities
Cybergreen Project Blog, March 18, 2016.

·The Importance of Scale: A Critical Dimension To Keep In Mind When Benchmarking Passive DNS Options
Farsight Security Blog, February 16, 2016.

·Improving Your Security, One Thing Every Other Day, For Four Weeks
Cybergreen Project Blog, February 29th, 2016.

·Protecting Messaging Other Than Email, plus Network Link Protection [pptx], [pdf]
Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Member Meeting 36, San Francisco, California, February 17th, 2016.

·Pretty Good Privacy (PGP) and GNU Privacy Guard (GPG): Just Enough Training to Make You Dangerous [pptx], [pdf]
Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) Member Meeting 36, San Francisco, California, February 15th, 2016.

·What (Besides NXDOMAINs) Do We See On Farsight Security's DNS Errors Channel?
Farsight Security Blog, February 5, 2016.

·Seeing Only Shark Fins and Discarded Plastic Shopping Bags In an Sea of Beauty, Elegance and Plenty
Cybergreen Project Blog, February 1, 2016.

·IPv6 Deployment Over Time As Seen Through Farsight Security, Inc.'s Passive DNS Data
Farsisght Security Blog, December 10th, 2015.

·"What Must We Do?" Industry Reactions to Pervasive Monitoring Programs [pptx], [pdf]
SECURECOMM Keynote, Dallas TX, October 28, 2015.

·How Some People Got Started in Security and Anti-Abuse Work: Anybody Remember Usenet? [html]
Farsight Security Blog, October 9th, 2015.

·Select Catherdrals and Other Sacred Buildings of the Medieval Era (ca. 500-1500 A.D. (286 slides, reduced resolution version) [pptx], [pdf]
October 4th, 2015.

·Conficker and a Brief Tutorial On Working With SIE Channel 80 Sinkhole Data [html]
Farsight Security Blog, October 2nd, 2015.

·Systematically Collecting the Right Sort of Data About Cyber Securit Incidents [html]
Farsight Security Blog, September 17th`, 2015.

·Finding Web Proxy Auto Discovery Protocol (WPAD)-related Security Exposures Using Farsight Security's NXDOMAINs Channel [html]
Farsight Security Blog, September 9th, 2015.

·Internet Traffic Analysis and Operational Security: Passive DNS Methods As Powerful Tools to Investigate and Corroborate [pdf]
Cybersecurity: Technology and the Law, Law Seminars International, Portland, Oregon, August 13th, 2015.

·Newly Observed Hostnames [html]
Farsight Security Blog, August 12th, 2015.

·Buying More Nines Worth of Protection [html]
Farsight Security Blog, June 24th, 2015.

·The Enduring Challenges of Traffic Analysis [pdf]
Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) 34, Dublin, Ireland, June 11th, 2015.

·Pretty Good Privacy (PGP) & GNU Privacy Guard (GPG): Just Enough Training To Make You Dangerous [pdf]
Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) 34, Dublin, Ireland, June 8th, 2015.

·So What's The Big Deal About New Domains? [html]
Farsight Security Blog, May 29th, 2015.

·Multi-Factor Authentication: Do I Need It, Should I Get Started? [And If I Do Need It, Why Aren't Folks Deploying It?] [pdf]
ACPE NW, The Resort at the Mountain, Welches OR, May 8th, 2015.

·OMG: They're Still Inside the Walls and Going to the Cloud [pdf]
ACPE NW, The Resort at the Mountain, Welches OR, May 7th, 2015.

·IPv6 Deployment and Finding IPv6 Needles in Internet Haystacks: Passive DNS and IPv6 Address Discovery [html]
Farsight Security, Inc. Blog, April 29th, 2015.

·NOD and Greylisting [html]
Farsight Security, Inc. Blog, April 8th, 2015.

·Passive DNS and the Halting Problem [pptx], [pdf]
B|Sides Vancouver BC, March 17th, 2015.

·RRset and Rdata Demystified [html]
Farsight Security, Inc. Blog, March 11th, 2015.

·Help The Internet -- And Yourself -- By Running a Passive DNS Sensor Node and Contributing Data To The Farsight Security DNS Database (DNSDB)(tm) [html]
Farsight Security, Inc. Blog, March 4th, 2015.

·The Enduring Challenges of Traffic Analysis [pdf]
Prepared for Flocon 2015 invited keynote, Portland, Oregon, January 14, 2015.

·Using Passive DNS to Avoid Collateral Damage During Takedowns and Seizures [html]
Farsight Security, Inc. Blog, January 7th, 2015.

·New Crypto 101 [pptx], [pdf]
Internet2 Technology Exchange, Indianapolis, October 30th, 2014.

·SNMP Security [pptx], [pdf]
Internet2 Technology Exchange, Indianapolis, October 29th, 2014.

·Whither Advanced Academic Networking? WITHER Advanced Academic Networking? [pptx], [pdf]
Merit Networking Summit 2014, Ann Arbor MI, September 23rd, 2014.

·Those Dang Passwords - They're Just Driving Me Crazy! [pptx], [pdf]
Oregonian Panel on Passwords, Portland OR, September 17th, 2014.

·Comments on DA 14-1130 (Draft Revised FCC E-Rate Eligible Service List)
Comments submitted to the FCC September 3rd, 2014.

·Comments on Proceeding No. 14-28, Protecting and Promoting the Open Internet
Comments submitted to the FCC July 15th, 2014.

·Cryptographic Best Practices in the Post-Snowden Era [pdf]
Security Professionals 2014, St Louis MO, May 8th, 2014.

·So What's IPv4 Address Space Actually Worth? Let's Let The "Invisible Hand" of the Market Decide
Kalorama Blog, April 29th, 2014.

·A One Page Document About SPF, DKIM and DMARC and Email Reputation [docx], [pdf]

·Browsing the Web More Privately and More Securely on Your Mac, Draft Version 0.1
Educause Technologies, Operations and Practices Working Group (former Security Effective Practices Working Group)

·Mitigating the Cyber Threat to University Research Data and Intellectual Property [pdf]
Internet2 Global Summit 2014, Denver, Coloroad, April 10, 2014.

·Multi-Factor Authentication: Do I Need It, and How Do I Get Started? [And If I Do Need It, Why Aren't Folks Deploying It?] [pdf]
Internet2 Global Summit 2014, Denver, Colorado, April 8, 2014.

·Moving From Security to Governance, Risk, and Compliance? Campus Perspectives Panel [pdf]
Internet2 Global Summit 2014, Denver, Colorado, April 8, 2014.

·OMG: They're Inside the Walls [pdf]
Association for Computing Professionals in Education (ACPE), Spokane, WA, March 4, 2014.

·Networking in These Crazy Days: Stay Calm, Get Secure, and Get Involved [pptx], [pdf]
Merit Networking Summit Keynote, Ann Arbor MI, December 12, 2013.

·OMG: They're Inside the Walls [pptx], [pdf]
Association for Computer Professionals in Education (ACPE), Ashland OR, December 5th, 2013.

·CSRIC IV WG 6

·A Conversation About Cloud Computing and Security [pptx], [pdf]
NWACC Security Workshop, Portland Oregon, October 10th, 2013.

·Identity Management -- Background Concepts, Goals and Jargon [pptx], [pdf]
Messaging Anti-Abuse Working Group (MAAWG) Vienna AT, June 5, 2013.

·The InCommon/Net+ Multifactor Authentication Program [pptx], [pdf]
Internet2 Annual Meeting, Arlington VA, April 22nd, 2013.

·The BRIC Countries and Online Abuse [pdf]
MAAWG General Meeting #27, San Francisco, February 19-21, 2013.

·Security BoF: What Are The Community's Open Questions? [pptx], [pdf]
Joint Techs/Techs In Paradise, Honolulu, January 15th, 2013.

·Checking for Software Updates On Your Mac [pdf]

·InCommon Multifactor Authentication [pptx], [pdf]
Joint Techs/Techs In Paradise, Honolulu, January 15th, 2013.

·Draft WG 7 Botnet Metrics Guide [docx]
FCC CSRIC Working Group 7, January 2nd, 2013.

·WG 7 Botnet Metrics [pdf]
FCC CSRIC Working Group 7, Washington DC, 12/12/12.

·Online Trust Alliance's Combatting Botnets Through User Notification Across the Ecosystem [pdf], December 10th, 2012.
[contributor, as listed on page 2]

·What Remains To Be Done in Cyber Security [pdf]
University of Michigan Cyber Security Summit, Ann Arbor MI, October 19th, 2012.

·MAAWG/LAP Best Practices to Address Online and Mobile Threats, October 15th, 2012
[contributor to the "Best Practices for Individiuals" section beginning on document page 11-14 and other portions of the report]

·Large Scale Science, The Science DMZ, SDN/OpenFlow, Security and Cyberinfrastructure Architectures [pptx], [pdf]
Internet2 Member Meeting, Philadelphia PA, October 3rd, 2012.

·Client Certificates: A Security Professionals 2012 Preconference Seminar [pdf]
Security Professionals 2012, Indianapolis IN, May 15th, 2012.

·Internet2 Member Meeting Security BoF [pdf]
Internet2 Member Meeting, Arlington VA, April 25th, 2012.

·Botnets, the FCC CSRIC Botnet Working Group, and Opportunities for Internet2 Industry Partners and Researchers [pdf]
Internet2 Member Meeting, Arlington VA, April 24th, 2012.

·Internet2 Net+ Technical Architecture: An Introduction to Security Considerations [pdf]
Internet2 Member Meeting, Arlington VA, April 24th, 2012.

·Client Certs and S/MIME Signing and Encryption: An Introduction [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG), San Francisco, February 20th, 2012.

·Client Cert Deployment Models and Hardware Tokens/Smart Cards [ppt], [pdf]
Joint Techs, Baton Rouge LA, January 23rd, 2012.

·The Technical Filtering and Blocking Provisions of the "Stop Online Piracy Act" (H.R. 3261) And Why They Won't Work: A Whitepaper for Service Providers, Updated
and Revised to Reflect the "Amendment in the Nature of a Substitute to H.R. 3261 Offered by Mr. Smith of Texas" (also known as the "Manager's Amendment") Dated December 12th, 2011. [pdf]

·Draft Comments on the Draft Final Report of the [ICANN] Internationalized Registration Data Working Group [pdf], November 16th, 2011.

·Draft Comments on "Models to Advance Voluntary Corporate Notification to Consumers Regarding the Illicit Use of Computer Equipment by Botnets and Related Malware [pdf], November 3rd, 2011.

·Malware Analysis for Neophytes: A MAAWG Training Seminar [pdf], October 24th, 2011.

·SSL As Designed, SSL As Deployed, SSL As It Should Be [ppt], [pdf]
University of Idaho Computer Security Awareness Symposium, Moscow, Idaho, October 13th, 2011.

·Client (Personal) Certificates: Should We Be Thinking About Certificate Use Cases *OR* Should We Be Thinking
About The Sort of Credential Deployment Model We Need? [pdf]

Internet2 Member Meeting, Raleigh North Carolina, October 4th, 2011.

·Leveraging Certificates for Improved Security [ppt], [pdf]
Internet2 Member Meeting, Raleigh, North Carolina, October 4th, 2011.

·HTTP Strict Transport Security Performance: Is There An Issue? Does The Performance Working Group
Have Recommendations for Tuning SSL/TLS For Internet2-Class Traffic? [pptx]
, [pdf]

Internet2 Member Meeting, Raleigh, North Carolina, October 4th, 2011.A

·SSL/TLS Certificates: Giving Your Use of Server Certificates a Hard Look [ppt], [pdf]
Internet2 Member Meeting, Raleigh, North Carolina, October 3rd, 2011.

·Signing Microsoft Word Documents [docx], September 13th, 2011.

·Draft Comments on the National Initiative for Cybersecurity Education (NICE) Draft Strategic Plan [pdf], September 11th, 2011.

·Draft Comments to the House of Commons Science and Technology Committee Inquiry Into Malware [pdf], September 1st, 2011.

·Draft CAUCE Comments on "Cybersecurity, Innovation and the Internet Economy" from the Department of Commerce Internet Policy Task Force [pdf], August 1st, 2011.

·Draft MAAWG Comments on "Cybersecurity, Innovation and the Internet Economy" from thje Department of Commerce Internet Policy Task Force [pdf], July 29th, 2011.

·SSL/TLS Web Server Security [pptx], [pdf]
Internet2/ESCC Joint Techs, Fairbanks, July 12th, 2011.

·Security and Certificates [ppt], [pdf]
REN-ISAC Techburst, June 30th, 2011.

·Security Best Practices for Secure Socket Layer (SSL) and/or Transport Layer Security (TLS) [docx], [pdf]
This is a "one-pager"-series document, June 30th, 2011.

·Security Best Practices for Using S/MIME With Personal Certs in Thunderbird and Firefox on A Mac [docx], [pdf]
This is a "one-pager"-series document, June 30th, 2011.

·Physical Security: A Crucial (But Often Neglected) Part of Cybersecurity [ppt], [pdf]
Eugene IT Pro Forum, Eugene OR, June 21st, 2011.

·MAAWG Comments on ICANN's Draft FY2012 Budget [pdf]
Messaging Anti-Abuse Working Group (MAAWG), June 16th, 2011.

·Malware Analysis for Neophytes [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG) Meeting, San Francisco CA, June 6th, 2011.

·Physical Security of Advanced Network and Systems Infrastructure [ppt], [pdf]
Internet2 Member Meeting, Arlington VA, April 19th, 2011

·Internet2 Security Update, Spring 2011 Member Meeting [ppt}, [pdf]
Internet2 Member Meeting, Arlington VA, April 19th, 2011

·The Tragedy in Japan: A 9.0 Earthquake, Massive Tsunami, Large Scale Radiological Contamination, ... [ppt], [pdf]
Internet2 Member Meeting, Arlington VA, April 19th, 2011.

·A Quick 20 Minute Introduction to DNSSEC for the session "DNS: Don't Call It Insecure Any More [ppt], [pdf]
Internet2 Member Meeting, Arlington VA, April 19th, 2011.

·CAUCE North America Comments on ICANN's Whois Review Team Plan [pdf]
April 13th, 2011.

·InCommon Certificate Service [ppt], [pdf]
Security Professionals/REN-ISASC Meeting, San Antonio, Texas, April 6th, 2011.

·Securing Mobile Devices: A Security Professionals 2011 Pre-Conference Seminar [ppt], [pdf]
Security Professionals/REN-ISAC Meeting, San Antonio, Texas, April 4th, 2011.

·SUBRL-Listed Domains and Their Registrars (In Just Seven or Eight Minutes) [ppt], [pdf]
ICANN 40, San Francisco, California, March 14th, 2011.

·Beginning to Remediate Botted Hosts Abroad: India [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG), Orlando, Florida, February 22nd, 2011.

·Draft: Thinking About Whole Disk Encryption (WDE)? Some Things to Think About [doc], [pdf]
Educause Security Effective Practices Working Group, February 14th, 2011.

·Physical Security of Advanced Network and Systems Infrastructure [ppt], [pdf]
Joint Techs, Clemson, South Carolina, Febuary 1st, 2011.

·DNSSEC in Higher Education [ppt], [pdf]
AMSAC Call, January 27th, 2011.

·A Brief Analysis of the ECAR Study of Undergraduate Students and Information Technology 2010 [ppt], [pdf]
University of Oregon IT Council, January 26th, 2011.

·The 2011 Tour of Cybercrime [ppt], [pdf]
University of Oregon School of Law, January 18h, 2011.

·Draft: Some Mobile Device Security and Policy Recommendations and Questions (v0.1) [doc]
Educause Security Effective Practices Working Group, December 10th, 2010.

·Some Stuxnet Related Comments [excerpted from a longer presentation] [ppt], [pdf]
December 1st, 2010.

·IPv6 Technical Challenges [ppt], [pdf]
NCFTA Canada, Montreal Quebec, November 18th, 2010.

·IPv6 Obfuscation and Attribution: Some Quick Framing Slides,
Emerging Trends, Challenges and Strategies Panel [ppt]
, [pdf]

NCFTA Canada, Montreal Quebec, November 17th, 2010.

·MAAWG IPv6 Training for Senders & Others [HTML with links to Flash Video]
Messaging Anti-Abuse Working Group, Crystal City VA, October 4th-8th, 2010.

·Internet2 Security Update: Some Excerpts From the 2nd Data Driven Collaborative Security Workshop and
Some Timely Strategic Security Areas You Should Be Thinking About [ppt]
, [pdf]

Internet2 Fall Members Meeting, Atlanta Georgia, November 4th, 2010.

·Community Expectations for Campus and Network Security: A Wrapup [ppt], [pdf], Draft Expectations [doc]
Internet2 Fall Members Meeting, Atlanta Georgia, November 3rd, 2010.

·Higher Education Experiences with DNSSEC Signing [ppt], [pdf]
Internet2 Fall Members Meeting, Atlanta Georgia, November 3rd, 2010.

·Successful Non-Governmental Threat Attribution, Containment and Deterrence: A Case Study [ppt], [pdf]
Internet2 Fall Members Meeting, Atlanta Georgia, November 2nd, 2010.

·MAAWG Comments on ICANN FY 11 Update to Plan for Enhancing Internet Security, Stability & Resiliency [pdf]
ICANN, November 2nd, 2010.

·The Security of Mobile Internet Devices [ppt], [pdf]
Northwest Academic Computing Consortium 2010 Network Security Workshop, George Fox University, Portland, October 7th, 2010.

·MAAWG IPv6 Training for Senders and Others [ppt], [pdf]
Messaging Anti-Abuse Working Group, Crystal City VA, October 4th-8th, 2010.

·MAAWG Comments on "National Broadband Plan Recommendation to Create a Cybersecurity Roadmap" [pdf],
Federal Communications Commission, PS Docket 10-146, GN Docket 09-51, September 17th, 2010.

·MAAWG Comments on "Cybersecurity, Innovation and the Internet Economy" [pdf],
Department of Commerce Docket No. 100721305-0305-01, September 17th, 2010.

·Internet2 Data Driven Collaborative Security Workshop #2 (DDCSW2),
Washington University in St Louis (WUSTL), August 17th-18th, 2010.

·MAAWG Comments on "The Initial Report Proposals for Improvements to the RAA" [pdf],
ICANN, July 28th, 2010.

·MAAWG Comments on "National Strategy for Trusted Identities in Cyberspace [pdf],"
Department of Homeland Security, July 19th, 2010

·Community Expectations for Campus Computer and Network Sercurity BoF [pdf]
Joint Techs, Columbus OH, July 13th, 2010.

·Coping with Malware: A Dozen Suggestions [html]
Educause Security Effective Practices Working Group Mailing List, June 25th, 2010.

·Internet Name and Number Resources, Cyber Crime, and Your Company: Some Technical Approaches [ppt], [pdf]
Coalition Against Domain Name Abuse (CADNA), Wells Fargo, San Francisco, CA, June 2nd, 2010.

·IPv6 Training [ppt], [pdf]
National Cyber Forensics and Training Alliance (NCFTA), Pittsburgh PA, May 5th, 2010.

·Coping With Malware and Other Sorts of Automated Abuse [ppt], [pdf]
Laboratory for Telecommunications Science, University of Maryland, April 29th, 2010.

·Community Expectations for Campus Computer and Network Security [ppt], [pdf]
Internet2 Member Meeting, Arlington VA, April 27th, 2010.

·Update On Two Topics: The Security of Cloud Computing and the Security of Mobile Internet Devices [ppt], [pdf]
Internet2 Member Meeting, Arlington VA, April 27th, 2010.

·Volcanoes (Salsa Disaster Recovery and Business Continuity BoF) [ppt], [pdf]
Internet2 Member Meeting, Arlington VA, April 27th, 2010.

·Mobile Internet Device Security [ppt], [pdf]
Educause Security Professionals 2010, Atlanta GA, April 12th-14th, 2010.

·Securing DNS: Doing DNS as if DNS Actually Mattered: An Educause Security Professionals 2010 Preconference Seminar [ppt], [pdf]
Educause Security Professionals 2010, Atlanta GA, April 12th-14th, 2010.

·A Brief Analysis of the ECAR Study of Undergraduate Students and Information Technology 2009 [ppt], [pdf]
Knight Library, University of Oregon, March 12th, 2010.

·ICANN Zone File Access Concept Paper [pdf]
(group participant)

·ICANN Draft Program Development Snapshot High Security Zone Top-Level Domains Advisory Group (HSTLD AG) [pdf]
(group participant)

·MAAWG IPv6 Session [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG), 18th Meeting, San Francisco, February 15-18, 2010.

·Cloud Computing Security Considerations [ppt], [pdf]
Internet2 Joint Techs, Salt Lake City Utah, February 2nd, 2010.

·DHS Cybersecurity Roadmap [pdf] [contributor, listed in Appendix C]

·The 2010 "Tour of Cyber Crimes" [ppt], [pdf]
University of Oregon Law School, January 19th, 2010.

·A Brief Analysis of the ECAR Study of Undergraduate Students and Information Technology 2009 [ppt], [pdf]
University of Oregon Departmental IT Directors Meeting, December 16th, 2009.

·Messaging and Network Security: Guest Lecture, Current Topics in Information Systems and Technology [ppt], [pdf]
Utah Valley University, Orem Utah, December 1st, 2009.

·Passwords [ppt], [pdf]
Northwest Academic Computing Consortium (NWACC) Security Meeting, George Fox University, Portland, OR, November 18th, 2009.

·Postcards From The States: Some Succinct Suggestions From a North American Cyber Security Consultant Sans
Portfolio to His African Colleagues (slides) [ppt]
, (paper) [pdf]
,
7th Wide Open Access Conference, Accra, Ghana, November 2nd, 2009.

·Bulk Account Creation [ppt], [pdf]
17th General Meeting, Messsaging Anti-Abuse Working Group (MAAWG), Philadalphia, PA, October 26th-29th, 2009.

·Articulating the Enduring eCrime Challenges and Research Approaches to Engage Them [ppt]
Introductory slides prepared for an Anti-Phishing Working Group/eCrime Researchers Summit panel, Tacoma, WA, October 21st, 2009.

·Coping With Malware and Other Sorts of Automated Abuse [ppt], [pdf]
Internet2 Fall Member Meeting, San Antonio TX, October 5th-8th, 2009.

·Report From the Internet2 Data Driven Collaborative Security Workshop for High Performance Networks [ppt], [pdf]
Internet2 Fall Member Meeting, San Antonio TX, October 5th-8th, 2009.

·Salsa-DR BOF [ppt], [pdf]
Internet2 Fall Member Meeting, San Antonio TX, October 5th-8th, 2009.

·Draft Interim Internet2 IPv6 Netflow Anonymization Policy [html], [pdf]

·Report From the Data Driven Collaborative Security Workshop for High Performance Networks [ppt], [pdf]
ESCC/Internet2 Joint Techs, IUPUI, Indianapolis, Indiana, July 21, 2009.

·Mac OS X: Enabling Native IPv6 via Stateless Autoconfiguration [pdf]

·Mac OS X: IPv6 and Browsing the World Wide Web via Firefox, Camino, Opera and Safari [pdf]

·Windows XP: Enabling IPv6 with Teredo [pdf]

·Windows XP: IPv6 and Browsing the World Wide Web via Firefox, Opra and IE [pdf]

·Closing Panel: End Users & Cybercrime [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG), 16th General Meeting, Amsterdam NL, June 11th, 2009.

·Just Enough IPv6 to Make You Dangerous [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG), 16th General Meeting, Amsterdam NL, June 8th, 2009.

·MAAWG and IPv6 Security [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG), 16th General Meeting, Amsterdam NL, June 8th, 2009.

·Internet2 Data Driven Collaborative Security Workshop (DDCSW)
University of Maryland Baltimore County, May 21st-22nd, 2009.

·Electromagnetic Pulse (EMP) [ppt], [pdf]
Infragard Meeting, Eugene Public Safety Center, Eugene, OR, April 30th, 2009.

·IPv6 and the Security of Your Network and Systems [ppt], [pdf]
Internet2 Member Meeting, Arlington Virginia, April 28th, 2009.

·Internet2 Strategic Planning, Task G: Implement Security Best Practices (4/16/2009) Draft [pdf]

·Internet2 Strategic Planning, Task J: Cooperate on Security Challenges (4/16/2009) Draft [pdf]

·Internet2 Strategic Planning, Appendix I: Glossary of Acronyms, Entities and Terms (4/16/2009) Draft [pdf]

·Attacking the Phishing Problem With Technology: Options for Banks and Other Financial Institutions [ppt], [pdf]
American Bankers Association Conference Call, March 31st, 2009.

·Security Update [ppt], [pdf]
Internet2/ESnet Joint Techs, College Station Texas, February 4th, 2009.

·"If We Do IPv6, Will It Help or Hurt Our Security?" [ppt], [pdf]
Internet2/ESnet Joint Techs, College Station Texas, February 3rd, 2009.

·DNSSEC Workshop Planning BOF [ppt], [pdf]
Internet2/ESnet Joint Techs, College Station Texas, February 2nd, 2009.

·Initial Report, ICANN GNSO Fast Flux Working Group [ppt]
[working group member and contributor to the initial report], January 26, 2009.

·What To Do If Your Website Is Hacked by Phishers [pdf]
[contributing researcher], January 2009

·2009 Tour of Cyber Crimes [ppt], [pdf]
University of Oregon Law School, Jan 13th, 2009.

·Cyber War, Cyber Terrorism, and Cyber Espionage [ppt], [pdf]
IT Security Meeting, Fargo, ND, Oct 22nd, 2008.

·Doing DNS As If DNS Actually Mattered [ppt], [pdf]
IT Security Meeting, Fargo, ND, Oct 22nd, 2008.

·Loss of Network Control Incidents [ppt], [pdf]
Internet2 Fall Member Meeting, New Orleans LA, October 15th, 2008.

·DNSSEC BoF [ppt],[pdf]
Internet2 Fall Member Meeting, New Orleans LA, October 15th, 2008.

·NITRD Workshop on Research Challenges for 2015 Global Networks
Seattle, Washington, September 28th-30th, 2008.

·Malware, Bots and What We Need From Uncle Sam [ppt], [pdf]
MAAWG 14, Fort Lauderdale FL, September 22nd, 2008.

·The More You Spam, The Less I Care:
Psychological Decision Making Heuristics and Their Impact on Anti-Spam Activity [ppt]
, [pdf]

MAAWG 14, Fort Lauderdale FL, September 22nd, 2008.

·Security and Privacy Are NOT Mutually Incompatible [ppt], [pdf]
Interne2/ESCC Joint Techs, Lincoln NE, July 20, 2008.

·How Much Headroom Do You Need? Bandwidth and High Performance Networks [ppt], [pdf]
Interne2/ESCC Joint Techs, Lincoln NE, July 20, 2008.

·A Normative Campus Security Agenda [ppt], [pdf]
Educause Security Professionals 2008, Arlington VA, May 5th, 2008.

·Cyberinfrastructure Architectures, Security and Advanced Applications [ppt], [pdf]
Internet2 Member Meeting, Arlington VA, April 22nd, 2008.

·Just How Bad Is It? [ppt], [pdf]
Oregon Safe Cyberspace Meeting, Wayne Morse Federal Courthouse, Eugene, February 21st, 2008.

·Spam, Domain Names and Registrars [ppt], [pdf]
Messaging Anti-Abuse Working Group 12th General Meeting, San Francisco, February 21st, 2008

·Internet2, Security and DICE [pdf]
Dante, Internet2, Canarie and ESNet (DICE) Meeting, Athens, Greece, February 12th, 2008

·Terms for a System and Network Security/Cybercrime Glossary

·A Look at the Unidentified Half of Netflow (With an Additional Tutorial On How to Use
the Internet2 Netflow Data Archives) [ppt]
, [pdf]
ESCC/Internet2 Joint Techs Workshop, University of Hawaii, January 20-24, 2008.

·A Succinct Cyber Crime Tour Meant To Illustrate By Way of Assorted Examples The Sort of Online Crimes
Which Are Occurring -- And Why We Need More Cyber Crime-Trained Attorneys [ppt]
, [pdf]
University of Oregon Law School, January 8th, 2008.

·Some Frontiers of Security Work [ppt], [pdf]
Educause, October 24th, 2007, Seattle Washington.

·Planning for Certain High Risk Security Incidents [ppt] , [pdf]
Internet2 Member Meeting, San Diego California, October 11th, 2007.

·Pandemic Flu and Computer and Network Disaster Recovery Planning: Some Starting Thoughts [ppt] , [pdf]
Salsa-DR Working Group Meeting, ESCC/Internet2 Joint Techs, Fermilab, Batavia, Illinois, July 16th, 2007.

·Evolving Methods for Sending Spam and Malware Panel: Spammer Requirements and the Spam Ecosystem [ppt], [pdf]
FTC Spam Summit: The Next Generation of Threats and Solutions, Washington DC, July 11-12th, 2007.

·Internet2 Security Initiatives [ppt], [pdf]
Dante/Internet2/Canarie/ESNet Meeting, Lawrence Berkeley Lab, July 11-12th, 2007.

·What MAAWG Members Should Know About DNSSEC and the Security of DNS [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG) Meeting, Dublin, Ireland, June 5th-7th, 2007.

·We Need a Cyber CDC or Cyber World Health Organization [ppt], [pdf]
Anti-Phishing Working Group (APWG) Counter E-Crime Summit, San Francisco, California, May 31, 2007.

·Upcoming Requirements from the US Law Enforcement Community to Technically Facilitate Network Wiretaps [ppt], [pdf]
TERENA TNC2007, Lyngby, Denmark, May 22, 2007.

·Capacity Planning and System and Network Security [ppt], [pdf]
Internet2 Member Meeting, Crystal City VA, April 24, 2007.

·Real Time Notification During a Disaster or Other Emergency [ppt], [pdf]
Internet2 Member Meeting, Crystal City VA, April 23, 2007.

·Securing DNS: An Educause Security Professionals Conference Preconference Seminar [ppt], [pdf]
Educause Security Professionals 2007, Denver CO, April 10th, 2007.

·Port 53 Wars: Security of the Domain Name System and Thinking About DNSSEC [ppt], [pdf]
Internet2/ESNet Joint Techs, Minneapolis MN, February 14, 2007.

·CALEA BoF: Some Introductory Comments [ppt],[pdf]
Internet2/ESNet Joint Techs, Minneapolis MN, February 14, 2007.

·Disaster Recovery and Business Continuity Planning BoF: Some Introductory Comments [ppt],[pdf]
Internet2/ESNet Joint Techs, Minneapolis MN, February 13, 2007.

·Lambdas and Your Campus: Some Introductory Comments [ppt], [pdf]
Internet2/ESNet Joint Techs, Minneapolis MN, February 13, 2007.

·Capacity Planning: A Core Anti-Spam Competency [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG) 9th General Meeting, San Francisco, California, 29 January 2007.

·Higher Education Users and Spam: What Do Users Do When Things Go Wrong? How Have User Behaviors Changed Because of Spam? [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG) 9th General Meeting, San Francisco, California, 29 January 2007.

·Infected PCs Acting as Spam Zombies: We Need to Cure the Disease, Not Just Suppress the Symptoms
(10MB video screencast) [wmv]
, (slides only) [ppt], or (slides only) [pdf]

2nd Joint London Action Plan-CNSA Workshop, Brussels, Belgium, December 13, 2006.

·Route Injection and the Backtrackability of Cyber Misbehavior [ppt], [pdf]
Internet2 Member Meeting, Chicago, December 5, 2006.

·Disaster Planning and Recovery BOF (Introductory Slides) [ppt], [pdf]
Internet2 Member Meeting, Chicago, December 4, 2006.

·We Regret to Inform You That "Due to Insecurities Beyond Our Control, Your Privacy Has Been Cancelled for Your Convenience" [ppt], [pdf]
Pacific Institute for Ethics and Social Policy Conference on Technology, Intelligence, and the Preservation of Civil Liberties, November 18th, 2006 Cannery Pier Hotel and Maritime Museum, Astoria, OR.

·Security "Monsters:" Current Security Threats and What You Should Be Doing to Address Them (Closing Session) [ppt], [pdf]
IT Security: A Call to Action for the Education Community, November 2nd, 2006, Ramada Plaza, Fargo ND.

·Running a Server? How Does It Score on the Server Administration Self-Assessment Scorecard? [ppt], [pdf]
IT Security: A Call to Action for the Education Community, November 1st, 2006, Ramada Plaza, Fargo ND.

·Route Injection and Spam [ppt], [pdf],
Messaging Anti-Abuse Working Group (MAAWG) 8th General Meeting, Toronto, Ontario, Canada, 23-26 October 2006.

·Filtering Spam 'At Your Leisure:' A MAAWG Briefing/Look Ahead [ppt], [pdf],
Messaging Anti-Abuse Working Group (MAAWG) 7th General Meeting, Brussels, Belgium, 27-29 June 2006.

·Alpha Mail ("Blue" Webmail") Is Now the Recommended UO Web Email Interface [html],
Computing News, Summer 2006.

·CALEA Update [html],
Computing News, Summer 2006.

·Dealing With Department Email Contact Addresses and Staff Changes [html],
Computing News, Summer 2006.

·Don't Be Taken In By (Absurdly) High-Yield Investment Scams [html],
Computing News, Summer 2006.

·Showing Rather Than Telling: Capturing On-Screen Demos With Camtasia [html],
Computing News, Summer 2006.

·UO Web Programmers: Get Ready for Linux [html],
Computing News, Summer 2006.

·The Inescable Inevitability of Convergence (Unless You "Help") (Closing Session) [ppt], [pdf]
North West Academic Computing Consortium (NWACC) Annual Conference, Portland OR, June 9, 2006.

·Understanding National Optical Networks [ppt], [pdf]
NSF/EPSCoR National Workshop of Cyber Infrastructure, Nashville TN, May 11, 2006.

·Top 10 Countdown: Security Vulnerabilities Higher Ed Must Face [html],
Campus Technologies Magazine, May 1st, 2006.

·A Brief Practical Security "Punchlist" [ppt], [pdf]
Internet2 Member Meeting, Arlington VA, April 25, 2006.

·Conserve Computer Energy Use [html],
Computing News, Spring 2006.

·Darkwing Users: Introducing shell [html],
Computing News, Sprint 2006.

·Recommended Web Browser and IMAP Mail Client: Firefox and Thunderbird [html],
Computing News, Spring 2006.

·Running a Server? How Does It Score on the Self Assessment Scorecard? [html],
Computing News, Spring 2006.

·SpamAssassin Available for All uoregon.edu Accounts [html],
Computing News, Spring 2006.

·Time to Replace Obsolete Windows Systems! [html],
Computing News, Spring 2006.

·uoregon.edu Accounts, maildir Format Mailboxes, and Dovecot IMAPd [html],
Computing News, Spring 2006.

·Web Presence and Influence: How Google Rates Leading American Universities in 2006 [html],
Computing News, Spring 2006.

·"Why Do I have to Change My!@$%#* Password?" [html],
Computing News, Spring 2006.

·X Windows Security [html],
Computing News, Spring 2006.

·Invited participant, IAB Workshop on Unwanted Traffic, March 9th-10th, 2006, Marina del Rey.
See http://www.ietf.org/internet-drafts/draft-iab-iwout-report-03.txt

·MAAWG Briefing/Look Ahead [ppt], [pdf]
Messaging Anti-Abuse Working Group 6th General Meeting, San Francisco California, Feb 28-Mar 2nd, 2006.

· Client-Side Spam Filtering [html]
Computing News, Winter 2006.

· Minimize Your Computer's Energy Use [html]
Computing News, Winter 2006.

· Names of the Server Formerly Known as Darkwing [html]
Computing News, Winter 2006.

· Non-UO Recursive Domain Name Server Access to Be Curtailed February 1 [html] (with Jose Dominguez)
Computing News, Winter 2006.

· What Are Those Little RSS or XML Tags on Web Pages? [html]
Computing News, Winter 2006.

· Sober-Y Virus Doubles Number of Rejected SMTP Connections During December [html]
Computing News, Winter 2006.

· Year of the $400 Budget Laptop [html]
Computing News, Winter 2006.

· Panel: The Continuing Evolution of the Zombie Threat [ppt], [pdf]
Messaging Anti-Abuse Working Group (MAAWG), Montreal, Quebec, November 9th, 2005.

· A User-Services-Driven Approach to Computer and Network Security: A SIGUCCS Tutorial [ppt], [pdf]
ACM SIGUCCS, Monterey CA, November 6th, 2005.

· Phishing: Technical Approaches to Countering the Threat [ppt], [pdf]
US DOJ Economic Fraud and Digital Evidence Conference, Eugene OR, September 22nd, 2005

·Digging Into Unlawful Email Messages [ppt], [pdf]
US DOJ Economic Fraud and Digital Evidence Conference, Eugene OR, September 22nd, 2005

· Thinking About Lambda Based Network Architectures and Your Applications [ppt], [pdf], [Windows Media Player Video]
Internet2 Member Meeting, Philadelphia PA, September 20th, 2005;

Also available in a variety of formats from The Research Channel.

· All New Student Accounts Now Being Created on Darkwing [html],
Computing News, Summer 2005.

· Clarinet (YellowBrix) News Service Dropped [html],
Computing News, Summer 2005.

· File Snapshots Now Available on Darkwing [html],
Computing News, Summer 2005.

· Information on Hard Drives in Surplus Hardware: 'Deleted' Does Not Mean 'Gone' [html],
Computing News, Summer 2005.

· Spamvertised Drugs and Dubious Medical Devices [html],
Computing News, Summer 2005.

· Survey: Please Tell Us How You Get Help With Computing And Networking Questions [html],
Computing News, Summer 2005.

· UO Moves to McAfee for Antivirus Software [html],
Computing News, Summer 2005.

· Virus Analysis Sites [html],
Computing News, Summer 2005.

· Phishing: Some Technical Suggestions for Banks and Other Financial Institutions [ppt], [pdf]
2005 Quad State [Bank] Security Conference, Welches OR, May 5, 2005.

· Explaining Distributed Denial of Service Attacks to Campus Leaders [ppt], [pdf], [Windows Mediaplayer Video]
Internet2 Member Meeting, Arlington VA, May 3, 2005.

Also available in a variety of formats from The Research Channel.

· Budget Desktop Systems: Are They Right for You?" [html],
Computing News, Spring 2005.

· The Expanding Taxonomy of Unwanted Mail: Phishing [html],
Computing News, Spring 2005.

· Linux Distributions: There's More than RedHat and Fedora Core [html],
Computing News, Spring 2005.

· The New NetApp NearStore R200 Filers [html],
Computing News, Spring 2005.

· Sharing Large Scientific Datasets with LoCI [html],
Computing News, Spring 2005.

· Time to Move Your Email Off oregon.uoregon.edu [html],
Computing News, Spring 2005.

· Dealing with Zombies and Trojans and Port 25 [pdf]
Messaging Anti-Abuse Working Group General Meeting (MAAWG), San Diego CA, March 3rd, 2005.

· Spam Zombies and Inbound Flows to Compromised Customer Systems [pdf],
Messaging Anti-Abuse Working Group General Meeting (MAAWG), San Diego CA, March 1st, 2005.

· The New Darkwing: a Briefing [html],
Computing News, Winter 2005.

· Some Technical Suggestions for Institutions Targeted By Phishers [ppt], [pdf]
Valley Fraud Working Group, Eugene OR, January 25, 2005.

· The New Darkwing [ppt], [pdf]
Computing Center General Staff Meeting, January 19, 2005.

· The Impending End of Traditional .forward-style Forwarding,
Campus Technology (formerly Syllabus), Wednesday, December 15, 2004.

· Microsoft Windows XP Service Pack 2 and Your Web Pages [html],
Computing News Fall 2004.

· SCADA Security and Critical Infrastructure [ppt], [pdf]
Presented at the Eugene Oregon Infraguard Meeting, Lane Community College, December 7th, 2004.
(terms/glossary [ppt], or [pdf])

· Faculty Orientation 2004 [pdf],
September 24, 2004

· Welcome to Your Weekly Paradigm Shift: Very Large "Free" Web E-Mail Accounts,
Syllabus: Technology for Higher Education, July 15, 2004.

· SCADA Security [ppt], [pdf]
Presented at the EECS/Internet2 Joint Techs Meeting, Columbus Ohio, July 21, 2004

· Email Security and Anti-Spam Tutorial [ppt], [pdf]
Presented at the EECS/Internet2 Joint Techs Meeting, Columbus Ohio, July 18, 2004

· How UO Deals With Spam: A Brief Strategic Overview With Some Tactical Suggestions [ppt], [pdf],
Cornell/Educause Institute for Computer Policy and Law, Ithaca, NY, July 8, 2004.

· Geographical Limits of UO's Wireless Internet Service
Computing News, Summer 2004.

· Gmail and the New Extra Large Free Email Accounts
Computing News, Summer 2004.

· NFSv4 and NFS Security
Computing News, Summer 2004.

· Rediscovering the Shell Prompt
Computing News, Summer 2004.

· Renting versus Buying Music Online
Computing News, Summer 2004.

· How Did They Get My Email Address?
Computing News, Spring 2004

· More Selected Elements of the University 2003 Home Page Study
Computing News, Spring 2004

· OpenVMS Licenses Available Free for Educational and Hobbyist Use
Computing News, Spring 2004

· Sometimes Being Very Small Can Be Very Big: ONAMI and Nanotechnology
Computing News, Spring 2004

· Email Effective Security Practices: 5 Concrete Areas to Scrutinize [ppt], [pdf]
Presented at the Internet2 Member Meeting, Arlington, Virginia, April 20, 2004

· SCADA Security the "Most Monumental Non-Nuclear Explosion and Fire,"
Syllabus: Technology for Higher Education, April 14, 2004.

· Practical Steps to Take to Mitigate Computer and Network Risks [ppt], [pdf]
Presented at the Eugene Infraguard Meeting, Lane Community College, March 12th,

· Why Are Portalized University Home Pages Rare?
Syllabus Magazine, March 1, 2004.

· Spam Fighting Tips, Newsday, January 20, 2004

· How to Report Spam at the University of Oregon
Computing News, Winter 2004.

· More Selected Elements of the 2003 University Home Page Study
Computing News, Winter 2004.

· Want to Try Opting Out of UO Spam Filtering?
Computing News, Winter 2004.

· Web Browser Hijacking: What Is It and How Can You Protect Yourself?
Computing News, Winter 2004.

· Wonder Why Google Isn't Returning Some Hits It Should Be?
Computing News, Winter 2004.

· AMP IPv6: Putting a Key Emerging Protocol "On the Radar" [pdf],
NLANR Network Analysis Times, November 2003, page 4.

· ASNs (Autonomous System Numbers) [pdf],
Anti-Spam and Cybercrime Investigation One-Page Training Series, November 14, 2003.

· Sharing Large Files,
Syllabus: Technology for Higher Education, October 30, 2003.

· The First Step Toward Getting E-Mail Back The Way It Used to Be,
Syllabus: Technology for Higher Education, October 9, 2003.

· Picking at a Virus-Ridden Corpse: Lessons from a Post-Blaster, Post-Welchia, Post-Nachi, Post Mortem: Part I, and Part II,
Syllabus: Technology for Higher Education, September 18, 2003 and September 25, 2003.

· Virus Backscatter and Non-Delivery Notices for Mail You Didn't Send,
Computing News, Fall 2003.

· Selected Elements of 2003 University Home Page Study,
Computing News, Fall 2003.

· The Open Proxy Problem: Should I Worry About Half a Million Trivially Exploitable Hosts? [ppt], [pdf]
Presented at the Internet2/NLANR Joint Techs Meeting, University of Kansas, Lawrence, August 4th, 2003.

· Winning the War on Spam [ppt]
Presented at the North West Academic Computing Consortium (NWACC) Online Content: Policy, Strategy and Support Conference, Portland Oregon, June 6, 2003.

· Free Fortran, C/C++, and Pascal Compilers for PCs [html]
UO Computing News, Spring 2003.

· Microsoft Windows XP, Linksys DSL Routers, Universal Plug and Play, RIP, and the 'Internet Gateway Device Discovery and Control Client' [html]
UO Computing News, Spring 2003.

· Understanding the Ins and Outs of World Wide Web Addresses and Your Web Browser [html]
UO Computing News, Spring 2003.

· The Open Proxy Problem [ppt], [pdf]
Presented at the Internet2 Member Meeting, Arlington, Virginia, April 9th, 2003.

· Jumbo Clean Networking Hardware

· Practical Issues Associated with 9K MTUs [ppt], [pdf]
Presented at the Internet2/NLANR Joint Techs Meeting, Miami, Florida, February 4th, 2003.

· Just Enough Mathematica To Make You Dangerous [pdf]
UO Computing News, Winter 2003

· The Creeping Impoverishment of Online Directories and Search Engines [html]
UO Computing News, Winter 2003

· Where Geeks Go For News [html]
UO Computing News, Winter 2003

· Non-Administrative Access to OpenVMS on Oregon to Phase Out by Fall 2004 [html]
UO Computing News, Fall 2002

· Open Proxy Servers: A Growing Source of Spam [html]
UO Computing News, Fall 2002

· Spam Remedies: Some Special Federal Government Addresses for Reporting Spam [html]
UO Computing News, Fall 2002

· Considering Web Filtering Software? [html]
UO Computing News, Summer 2002

· Network Infrastructure Companies Still Struggling [html],
UO Computing News, Summer 2002

· Ten Computer Chores to Pass a Slow Summer Day [html],
UO Computing News, Summer 2002

· 2002 University Website Congruence Study [html],
UO Computing News, Spring 2002.

· Asian Spam and the Fate of Spam-Ambivalent ISPs [html],
UO Computing News, Spring 2002.

· Beware: MP3 Files Can be Written to Include Code to Launch Unwanted Web Pages [html],
UO Computing News, Spring 2002.

· Dealing with Pop-Up-Under Web Advertising [html],
UO Computing News, Spring 2002.

· Network Infrastructure Companies Continue to Struggle Financially [html],
UO Computing News, Spring 2002.

· Virtual Private Network Services Ready for UO Off-Campus Cable Modem/DSL Users [html] with Dan Albrich in
UO Computing News, Spring 2002.

· MPEG1 IP Multicast Video, UO and Internet2 [ppt], [pdf],
Presented via H.323 video at the meeting of the Michigan chapter meeting of the Society of Motion Picture and Television Engineers (SMPTE), April 16th, 2002.

· The Case for Traffic Shaping at Internet2 Schools [ppt], [pdf]
Presented at the NLANR/Internet2 Joint Techs Workshop, 27-30 January 2002

· Percentage of Total Internet2 Traffic Consisting of Kazaa/Morpheus/FastTrack (Source Port=1214) By Core Node [pdf], [html], [xls]
Presented at Collaborative Computing in Higher Education: Peer-to-Peer and Beyond workshop, 30-31 January 2002

· What's Missing From (At Least Some) Current Traffic Shaping Appliances? [pdf]
Presented at Collaborative Computing in Higher Education: Peer-to-Peer and Beyond workshop, 30-31 January 2002

· Ten Odd Strategies For Picking Numerical Values for Your Traffic Shaper [pdf]
Presented at the Collaborative Computing in Higher Education: Peer-to-Peer and Beyond workshop, 30-31 January 2002

· Sample Simple Graphical Representation of a Hypothetical Traffic Shaper Policy [pdf]
Presented at the Collaborative Computing in Higher Education: Peer-to-Peer and Beyond workshop, 30-31 January 2002

· Beware of '4-1-9' or 'Nigerian Advance Fee Fraud' Scams,
UO Computing News, Winter 2002

· How Load Director/SSL Accelerator Boxes Work [html],
UO Computing News, Winter 2002

· Understanding The Basics of Traffic Shaping [html],
UO Computing News, Winter 2002

· Traveling? Check Out These Online Resources [html],
UO Computing News, Fall 2001

· Itanium-Based Systems Beginning to Ship [html],
UO Computing News, Fall 2001

· Volatile Market Conditions Affect Network Infrastructure Companies [html],
UO Computing News, Fall 2001

· Using Chime to View Chemical Molecules [html],
UO Computing News, Fall 2001

· Cisco 675 DSL Router Users Should Upgrade to a Current Version of CBOS [html],
UO Computing News, Fall 2001

· 1931 UO Yearbook Now Online [html],
UO Computing News, Summer 2001

· Prices of Computer Components Continue to Drop [html],
UO Computing News, Summer 2001

· What's Wrong with High Bit Rate DSL Offerings? [html]
UO Computing News, Summer 2001

· Thinking About Your Wide Area Network Connectivity [ppt], [pdf],
Presented at the NWACC Networking for the 21st Century Conference, Portland OR, 6/15/2001

· Oregon Gigapop Traffic Characterization [ppt], [pdf],
Presented at the Internet2/NLANR Joint Techs, Lincoln NE, 5/16/2001

· Internet2 and Oregon [ppt],
Presented at the Southeast Technology Consortium I2 Day, 5/9/2001

· I2 End-to-End Performance Initiative Planning Meeting [pdf],
Prepared for the I2 End-to-End Performance Initiative Planning Meeting, Ann Arbor, MI

· OWEN/NERO Bandwidth Audit, June 12, 2000

· Provisioning for Peer-to-Peer Applications and Their Impact on Our Campuses [pdf],
Comments on the topics submitted for the panelists for the Internet2 Spring 2001 Member Meeting, Washington DC

· Monitoring Traffic Exits in a Multihomed I2 Environment [ppt],
Presented at the NLANR/I2 Joint Techs, Minneapolis, 5/18/2000

· Going Fast(er) on Internet2 [ppt],
Presented at the Campus Focused Workshop on Advanced Networks, San Diego, 4/12/2000

· Threat of Regional Power Shortages Increases Need for Local Uninterruptable Power Supplies [html],
UO Computing News, Winter 2001

· What to Look for When Selecting and Evaluating DSL Service Providers [html],
UO Computing News, Winter 2001

· Look Carefully at Prepaid Cell Phone Plans [html],
UO Computing News, Winter 2001

· What's IPv6 [html],
UO Computing News, Spring 2001

· IPv6 Exchange Points Becoming More Common [html],
UO Computing News, Spring 2001

· DNS Names Poised to Become Multilingual [html],
UO Computing News, Spring 2001

· Internet2 News [html],
UO Computing News, Spring 2001

· Are SDRs [Software Defined Radios] the Wave of the Future? [html],
UO Computing News, Spring 2001

· Wide Area Bandwidth Questions [html],
UO Computing News, Spring 2000

· Internet2 and UO [html],
UO Computing News, Fall 2000

· Curious About WAP/WML? [html],
UO Computing News, Summer 2000

· Fiber Optic Primer and Tutorial [html],
UO Computing News, Summer 2000

· State Higher Education Research and Education Networks and State Agency Networks (3/24/2000) [pdf]

· Coping with Spam: Should You Try to Unsubscribe? [html],
UO Computing News, Summer 1999

· Parallel Approaches to the Facilities Layout Problem,
Ph.D. Dissertation, University of Oregon Decision Sciences Department, 1999.

· Internet2 Update: A quick overview of recent developments in high-speed academic networking,
UO Computing News, Spring 1999.

· Writing Applications for Internet2,
UO Computing News, Spring 1999.

· Save Space and Speed Up Your Web Pages by Converting Gifs to Jpgs,
UO Computing News, Spring 1999.

· System Administrators: What to Do if Your System is Hacked/Cracked,
UO Computing News, Winter 1999.

· Internet2 Links and Glossary,
UO Computing News, Winter 1999.

· Intel Donates Additional NetPCs to UO, [pdf]
UO Computing News, Fall 1999.

· UONet and Oregon Gigapop Get Significant Boost from 3Com, [pdf]
UO Computing News, Fall 1999.

· Intel Donates 100 NetPCs to UO, [pdf]
UO Computing News, Fall 1998.

· Ricochet Wireless Modem Service to Continue in Eugene, [pdf]
UO Computing News, Fall 1998.

· Invitation to Submit Designs for the 1997 Redesign of www.uoregon.edu

· Using TeX on the VAX to Typeset Documents, December 1990 [TeX]



https://www.stsauver.com/joe/index.html