Profile

Cover photo
John M Weathersby
Works at Open Source Software Institute
Attended Ole Miss
Lived in Indianola, MS
219 followers|110,378 views
AboutPostsPhotosYouTube+1'sReviews

Stream

John M Weathersby

Shared publicly  - 
1

John M Weathersby

Shared publicly  - 
1

John M Weathersby changed his profile photo.

Shared publicly  - 
1

John M Weathersby

Shared publicly  - 
1
1
Greg Lund-Chaix's profile photoJohn M Weathersby's profile photoJustin Seiferth's profile photoIsaac Christoffersen's profile photo
3 comments
 
I've heard him talk several times- he's a patriot for himself and that's about it. Very uninspired and disappointing appointment- yet another step downward on the technology rung for the US. He's completely unqualified for the job which evidently is his major qualification.
Have him in circles
219 people
John Weathersby's profile photo
Jeremy Murtishaw's profile photo
Joey Pang's profile photo
Kit Plummer's profile photo
MD.Hasibul Hassan's profile photo
Maciek Matuszewski's profile photo
Joseph Kidworth's profile photo
Teme zegeye's profile photo
John Scott's profile photo

John M Weathersby

Shared publicly  - 
 
Add Bourbon and all is fine!
 
It is hailing like crazy in SE Portland! And pretty big too! Solid summer storm, lots of thunder and lightening. I love UPSs :)
4 comments on original post
1

John M Weathersby

Shared publicly  - 
1

John M Weathersby

Shared publicly  - 
 
Suricata Open Source Software
Featured at Government Cybersecurity Conference 

Atlanta, GA (Thursday, 23 August 2012) – Government interest in open source software continues to gain momentum.  One example is the open source Suricata Intrusion Detection System (IDS) which is featured at this week's Government Forum of Incident Response and Security Teams (GFIRST) Conference held in Atlanta. 

GFIRST is a public-private group of technical and tactical cybersecurity practitioners from incident and security response teams responsible for securing government information technology systems and providing private sector support.  Conference attendees represent a full range of Federal, State and local government agencies including defense, civilian, intelligence and law enforcement.

Only a few years ago, many people argued that open source software was not secure enough to be considered as a key part of enterprise systems.  However, the explosive growth of open source adoption throughout commercial and government technology systems has diminished that concern.  Much of the software used to create the Internet is, in fact, open source, as is much of the software that runs mission critical systems within global financial markets where reliable security is essential.

Besides security, open source software can provide economic incentives, as there are no license fees associated with the software.  Rights to modify and distribute the code are granted to users through open source license agreements and provide great flexibility for application use within large systems, such as government IT environments.

These potential benefits of open source solutions have not gone unnoticed by government agencies.  The initial funding for the development of the Suricata project was provided by the U.S. Department of Homeland Security, Science and Technology Directorate through the Homeland Open Security Technology (HOST) program. (http://www.cyber.st.dhs.gov/host/)

“The goal of Suricata is to provide a scalable, enterprise-ready IDS engine that enables government and private security experts to share ideas and capabilities in an open and safe framework,” said Matthew Jonkman, president of the Open Information Security Foundation (OISF) board of directors. 

OISF is the non-profit foundation established to coordinate development activities and maintain the Suricata code base, copyrights and license agreements. Access and rights to use and modify Suricata are guaranteed. This enables public and private organizations to feel more confident in contributing technology under a framework that prevents one-sided commercialization. 

Suricata is licensed as an open source software application, which means the program is available at no additional cost to government, commercial and private adopters. In addition, the open source software license grants users the right to freely modify or customize the source code to fix bugs or meet their specific program needs. Users also have the right to share or distribute the program without paying license fees or seeking permission from the copyright holders. 

From the technical perspective, Suricata is an open source, high-speed, multi-thread IDS engine.  An IDS scans Internet traffic and identifies malicious code that seeks to attack a network system.  Suricata’s multi-threaded architecture can support high performance multi-core and multi-processor systems. Multi-threading increases utilization of a single server, dividing up the IDS workload based on processing needs. This enables Suricata to quickly analyze large amounts of traffic against rules and apply more computing horsepower to the security process. The result is a more effective, efficient high-speed IDS for civilian and military branches of government. 

“To achieve the same speeds as Suricata, you may have to run multiple instances of other engines, each seeing its own traffic,” said Jonkman. “Running multiple versions of an IDS this way is not ideal. It creates potential for evasion and reduces visibility of the big picture.” 

Suricata’s automatic protocol recognition feature is another advantage for government users. Automatic protocol recognition can distinguish between different types of traffic, regardless of port. Suricata automatically applies protocol-specific signatures to a network traffic stream, whether it’s Web traffic, FTP or an e-mail. This feature eliminates enormous amounts of computing power and time formerly required for traffic analysis. 

Suricata will soon also perform native IP reputation filtering to flag traffic from sources known to be malicious. “IP and DNS reputation filtering go a long way in eliminating the false positives and false negatives typical with many current IDS systems,” said Jonkman. “This is another example of the open source community working together to solve nagging problems with IDS engines that have been around for years.” 

While Suricata was written from the ground up, it does use a signature syntax similar to other IDS engines. This ensures that security experts still benefit from a decade’s worth of IDS signature development and don’t have to learn a new language to participate. Suricata and the OISF consortium welcome code contributions from the private sector as well, and Suricata’s license accepts the idea of proprietary, commercial offshoots. 

Since its launch in 2010, the Suricata project has gained enough attention that large government service providers, such as BAE Systems, have adopted Suricata as part of their product and service offerings to government clients.  BAE Systems recently announced that it had become a corporate sponsor of the OISF and will support the development community by contributing code modifications back to the community of Suricata developers for inclusion into the main program.

“BAE Systems will be contributing our own intellectual property as a part of a partnership with the Open Information Security Foundation,” said Chad Quill, Business Manager for BAE Systems ITCS business.  “When integrated, our software will better position a security operation to focus valuable human resources on the most urgent network issues and further reduce risk to the enterprise.”

This collaborative development and support environment is exactly what the OISF set out to do, said Jonkman.

“Suricata does not aim to replace other existing engines,” said Jonkman. “However, the collaborative, open source development model helps to drive innovation by providing access to the technology and enabling users to address the needs of their particular environment. The open nature also prevents any one entity from dominating development direction or from limiting access to features that can benefit all users.” 

"We believe strong partnerships between government, industry and the open source community are drivers for the best overall network security solutions," said Jonkman. “By sharing what they know about intrusion detection in a common community infrastructure, civilian, military and commercial security experts can use the Suricata process to make the Web safer for everyone.” 

The Suricata IDS is freely available for download through the OISF website: http://www.openinfosecfoundation.org/index.php/downloads 

About Open Information Security Foundation 
The Open Information Security Foundation (OISF) is a non-profit foundation organized to build a next generation IDS/IPS engine. The OISF has formed a multi-national group of the leading software developers in the security industry. In addition to developers and a consortium consisting of leading cyber security companies, OISF has engaged the open source security community to identify current and future IDS/IPS needs and desires. 

Additional information available at: http://openinfosecfoundation.org 
4
2
Alex Strahan's profile photoDeborah Bryant's profile photo

John M Weathersby

Shared publicly  - 
 
OSSI featuring panel discussion on SEAndroid. Special guest speaker: Stephen Smalley, NSA. Meeting Tuesday, 17 April in Hanover, MD. If you're interested, sign up NOW. Very limited seating.
2
Deborah Bryant's profile photo
 
Open source, government geeks, cyber security, mobile. Sounds like a party.

John M Weathersby

Shared publicly  - 
1
Jim Stogdill's profile photoJohn M Weathersby's profile photo
2 comments
 
just goes to show you Jim, it's always something

John M Weathersby

Shared publicly  - 
 
duuuhhh
1
Jordan Dossett's profile photo
 
yeah on most days.
People
Have him in circles
219 people
John Weathersby's profile photo
Jeremy Murtishaw's profile photo
Joey Pang's profile photo
Kit Plummer's profile photo
MD.Hasibul Hassan's profile photo
Maciek Matuszewski's profile photo
Joseph Kidworth's profile photo
Teme zegeye's profile photo
John Scott's profile photo
Work
Occupation
Strategic advisor for open source software adoption in government systems
Employment
  • Open Source Software Institute
    Strategic advisor for open source software adoption in government systems, present
  • State of Mississippi
  • Ducks Unlimited
  • Multiple Sclerosis Society
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Previously
Indianola, MS - New Orleans - Atlanta - Memphis
Links
Contributor to
Story
Tagline
jmw is the founder and executive director of the Open Source Software Institute (www.oss-institute.org).
Introduction

John Weathersby is the founder and executive director of the Open Source Software Institute, a U.S.-based non-profit organization whose mission is to promote adoption of open source software solutions within government IT environments.

Weathersby serves as an adviser on open source issues to a number of Federal government agencies including the Department of Homeland Security, Science and Technology Directorate, the Office of the Secretary of Defense (OSD), the Defense Information Systems Agency (DISA), and the U.S. Department of the Navy. He is the founder of the Open Technology Research Consortium which addresses issues of strategic and tactical adoption of open technology solutions within government, academic and commercial enterprise systems.  

Bragging rights
husband to the most beautiful girl in the world. father to the four best kids. what else matters?
Education
  • Ole Miss
Basic Information
Gender
Male
Other names
jmw
Apps with Google+ Sign-in
John M Weathersby's +1's are the things they like, agree with, or want to recommend.
Camp Shelby Joint Forces Training Center to host open source UAV researc...
www.suasnews.com

Multi-agency program seeks to identify cost savingsand drive innovation for government UAV systems. Maj. Deidre Musgrave. CAMP SHELBY, Miss.

Open Source Software Institute names Industry Advisory Board members
www.pr-inside.com

Open Source Software Institute names Industry Advisory Board members

Hackers Hit Public Water System, Feds Investigate
www.mobiledia.com

Federal officials are investigating whether a cyber-attack may be at fault for a pump failure at an Illinois public water utility, pointing

WG3 Agenda
mil-oss.org

Agenda for Mil-OSS WG3

To any parent who will have to co-sign a lease for a student living in The Retreat in Oxford, MS: My advice is DON'T DO IT. Tell them NO. Go find another place. And if you do, READ THE EXTENSIVE LEASE AGREEMENT. YOU, not the student, will get the bill. My son lived at The Retreat for a year. The facility, like similar entities in this market, charge "by the room" so there is liability for both your personal space, as well a communal space in each apartment. After he drove from his summer job in Texas to clean the apartment before moving out, I (the parent) was presented with an extensive bill for charges and damages to rooms that my son did NOT inhabit. After numerous calls over the past 9 months, with NO RETURN CALLS FROM "A MANAGER," I am now having to deal with collection agency. I am not happy. I am a businessman. I pay my bills. I have owned and managed rental properties. Now that the bill has been passed along to a collection agency, I realize that I'm fighting a faceless giant who will gladly pass along my name to a credit reporting agency if I don't pay what I'm accused of owing, regardless of my disputed claims. So I will pay them their few hundred dollars for someone else's mess since it's not worth paying a lawyer to fool with it. Then, I will take a few minutes to write letters to the Office of the Mayor of Oxford, the Chamber of Commerce and the National Better Business Bureau, because that's all I can do, besides warning YOU not to make the same mistake. It's is a matter of principle. If you're a student, don't set your parents up for a mess like this. You might think it's all just fun, but it's not. Dings on your credit report stick with you, regardless of how they get there. Think of it like financial herpes...is that how you want to show your parents how much you love them? Think about it. There are many (too many) such places in Oxford. Be forewarned. Live somewhere else.
• • •
Public - a month ago
reviewed a month ago
1 review
Map
Map
Map