Chris Behrens

 

Cell: (408) XXX-XXXX

Email: codestud _at_ gmail.com

 

Objective:

 

To establish myself with a company where I can utilize my skills in secure, scalable software development. Ideal tasks would be kernel development, development of highly distributed systems, and/or other multithreaded server work.

 

Summary:

 

I specialize in writing secure, scalable client/server software in C. I possess extensive knowledge of the Solaris, Linux, and FreeBSD kernels. In addition to my development experience, I have a strong background in Linux and UNIX system administration, network administration, and host security. I also have excellent verbal and written communication skills.

 

Operating Systems:

 

Solaris 2.x, Linux, *BSD, Mac OS X, SunOS 4.1.x, Ultrix, AIX, IRIX, HP-UX, CatOS, IOS, OnTap, Windows

 

Languages:

 

C, C++, various UNIX shells, sed, awk, perl, PHP, erlang, tcl, Pascal, BASIC

 

Other Knowledge:

 

Solaris, Linux, and FreeBSD kernels, POSIX threads, UI/Solaris threads, IPC, Solaris doors, Xen, VMWare, gdb, adb/mdb, truss/strace/ktrace, regular expressions, autoconf, automake, svn, cvs, rcs, sccs, Apache, MySQL, Berkeley DB, postfix, qmail, dspam, SpamAssassin, procmail, fetchmail, bind, OpenVPN, OpenSSL, OpenSSH, rsync, ipfilter, ipfw, pf (packet filter), iptables, NAT, hardware and software based load balancing, tcpdump/snoop, traceroute, and more

 

Hardware:

 

Sun Sparcs (old SS2s to Ultras to new T1000/T2000s), Dell, custom x86, Compaq/HP DL360, Network Appliance NFS servers, Cisco 29xx/65xx, Annex, Apple Powermac/MacPros, DECstations

 

Protocols:

 

HTTP, SMTP, POP3, IMAP, DNS, FTP, NNTP, IRC, Radius, SSL, DHCP, TCP, UDP, NFS, NTP, RIP, BGP

 

Professional Experience:

 

XO Communications -- San Jose, CA                                                                   August 1996 – Present

Senior Software Architect, Concentric Web Hosting Business Unit

 

Kernel Development:

 

·       Wrote a dynamic filesystem kernel module for Solaris, used to create a secure virtualized filesystem space for use in a shared hosting environment.

·       Wrote a number of Solaris kernel modules to create secure virtual machines for use in a shared hosting environment shell and CGI space. This was originally prototyped on both Linux and FreeBSD and involves wrapping of most system calls.

·       Modified ip-filter kernel module to prevent OS-type detection from netcraft.com. Also added rate limiting options.

·       Wrote a kernel module for FreeBSD to do hardware load balancing via MAC address rewriting.

 

Userland Development:

 

·       Wrote a generic, portable, efficient, highly modular, thread-safe server daemon.

·       Wrote a portable, thread-safe socket-helper library that provided easy interfaces to use for listening, connecting, and polling. It supported Unix Domain, IPv4, and IPv6 sockets. For polling, it used the most efficient polling mechanism available on the target operating system (/dev/poll on Solaris, kqueue on *BSD, epoll on Linux, or falling back to poll() or select() if none of the previous were available). It also integrated use of OpenSSL, to provide a single interface for SSL and non-SSL sockets.

·       Wrote a socket handling module that used thread pooling and the above socket-helper library to provide the basis for efficient polling when using the modular server architecture for a network server.

·       Wrote a DNS resolver library and thread-safe module for the modular server architecture.

·       Wrote a front-end MX (SMTP) thread-safe module for the modular server architecture and deployed this on our web hosting platform to give at least a 50% capacity increase. Due to the low overhead of maintaining persistent TCP connections, implemented various back-pressure (SMTP tar-pitting) ideas to slow and/or reduce spam.

·       Implemented use of open source DKIM (Domain Keys) library for use with the MX server module. Various modifications to fix bugs and improve performance were submitted back to the open source community.

·       Maintained an already-existing IPC/shared memory solution that was used as a very fast DB cache. Designed and implemented a more distributed version that passed updates and other events to many different nodes instead of the old solution that just updated shared memory on different nodes by reading off of NFS shares.

·       Designed and developed part of a generic, distributed, fully redundant, replicated storage solution to use for mail and other things. This was a similar architecture to Google File System and BigTable, but done on a smaller scale.

·       Wrote various pieces of a dial-up authentication platform, including a multithreaded event distribution system and a multithreaded database server to track dial-up sessions in real time.

·       Modified open source Usenet software to work in a shared web hosting environment for a custom local newsgroup feature.

·       Wrote a generic high performance multithreaded file descriptor polling library mostly for use in server daemons (pre-dates the modular, multithreaded server architecture)

·       Wrote high performance multithreaded Usenet server software, including a Usenet proxy daemon.

·       Wrote a generic multithreaded TCP proxy daemon.

 

Other:

 

·       Led internal lectures/overviews to teach co-workers the technological details of the Concentric web hosting platform.

·       Researched use of VMWare and/or Xen for various virtualization ideas.

·       Implemented a Subversion (svn) server for centralized revision control for source code and documents. Wrote perl scripts to convert SCCS and RCS histories to svn dump files for importing.

·       Designed and implemented various ideas for host security, including the use of IP filtering technology on all UNIX host systems at Concentric. Later, managed host security on XO's web hosting platform of well over 100,000 customers. Wrote wrapper scripts to enable using variable/value pairs to generate IP filter rules, making management easier.

·       Designed and implemented a plan for migrating 40,000 customers from one web hosting platform to another.

·       Designed, implemented, and maintained a firewall and NAT architecture needed for some web hosting back-end networks using FreeBSD, carp, and pf for real-time automatic failover.

·       Designed, implemented, and maintained firewall and networking solutions for new office space for the whole web hosting business unit. This includes management of a Cisco 6509, and various numbers of Cisco 2924 and 2948 switches for office and lab connectivity.

·       Designed, implemented, and maintained a custom key-based method for authenticating with an office firewall to gain temporary access to certain services like SSH. This included a piece of client software as well as a server daemon.

·       Maintained the Usenet systems.

·       Maintained the IRC systems.

 

Pomeroy Computer Resources -- Des Moines, IA                                   October 1995 – August 1996

Onsite Corporate Account Technician

 

·       Provided onsite technical support and hardware trouble shooting for corporate accounts such as Meredith Corporation, Pioneer Hi-Bred, and Wells Fargo, who ordered PC hardware through Pomeroy.

 

Des Moines Internet -- Des Moines, IA                                                                  Summer 1994

System Administrator

 

·       Did various admin work on DECstations running Ultrix.

 

Other Experience:

 

·       Wrote many patches for open source IRC client software, 1994 - 1995

·       Wrote many patches for the original open source IRC server code, 1994 - 1998

·       Ran or helped run various EFNet and Undernet IRC servers, 1994 - 2006

·       Wrote and maintain an open source IRC server, written 99% from scratch, 1998 - Present

·       Wrote and maintain scripts to take cell-phone pictures/videos and upload them to a web site directory, 2004 – Present