Does this site look plain?

This site uses advanced css techniques

Unixwiz.net - Software Consulting Central

About Steve Friedl

• Home
• Contact
• About
• TechTips
• Tools&Source
• Evo Payroll
• CmdLetters
• Research
• AT&T 3B2
• Advisories
• News/Pubs
• Literacy
• Calif.Voting
• Personal
• Tech Blog
• Evo Blog

I am a Southern California native who has spent the better part of my life working with computers. From writing proprietary-language compiler tools back in college, to security consulting and communications controllers today, I've acquired an enormously broad background in technology thanks to a diverse customer base and a very curious mind. I'm a fantastic problem solver and love technical challenges.

I have outstanding customer references available upon request, and in most cases can provide them for specific projects described here.

In addition to the topics mentioned here, I've had my fingers in most of the other bits of important technology and am able to apply that experience to new projects.

Education, Awards, & Career Background

I took a Bachelor's degree in Mathematics/Computer Science, and was fortunate enough to receive an introduction to UNIX and C programming in early 1981. I have been immersed in UNIX and C for the whole of that time, and this experience encompasses many industries and disciplines. You can read more of my history.

In October 2003 I was named a Microsoft MVP (Most Valuable Professional) for "Windows Servers - Security". This is a retrospective award made to those who have made contributions in third-party support forums, and I earned mine in the DSL Reports Security Forum. This award had been renewed from 2004-2010, though I took a break in 2011 when I asked not to be reconsidered this cycle.

I believe I was the only Microsoft MVP with unix in his domain name, and occasionally joke that I was the "Linux MVP"

Internet Infrastructure & Security

I've had a fulltime internet connection at my home office since 1994 and have been responsible for setting up customer routers and firewalls since that same year. I currently manage around a dozen customer networks, firewalls, and internet servers.

Specific areas of practice:

DNS Configuration and Hosting

I've hosted DNS on my network of topologically diverse system of nameservers for years (my Internic handle is SF22, which shows how long ago it was assigned to me), and I've become adept at configuring BIND 9 to run in a maximally secure manner (details in my Tech Tip).

Sendmail Configuration

I have many years of experience wading through sendmail configuration files, whether it be for anti-spam provisioning or simply having the server process mail in unusual ways.

Internet Security

My interest in computer security long predates the modern internet. For many years I was adept at finding holes in UNIX systems that allowed me to escalate to root privileges. Whether it was breaking root on the VAX/11-780 in college with the vi editor or writing a mini debugger to subvert the kernel's ptrace() mechanism on the AT&T 3B2 UNIX, most systems "have a way" for those aspiring to root to acquire it.

With this background it seemed only natural that I'd move into the internet security arena.

Communications Controllers

In addition to UNIX fax, I've created several other industrial-strength communications controllers using serial I/O and IP networking. I am very much at home with data analyzers for both media, plus the operating system constructs that support them. Some of my representative projects:

Computer Facsimile

I was the author of the first commercial release of VSI-FAX, the most widely-used commercial UNIX fax system on the market. Since 1988, I have been involved in nearly every area of computer facsimile: from the low-level modem drivers, imaging, overall server design, and even technical support.

My old business card :-)

UDP Client/Server Protocol

I designed a UDP-based protocol and built the client/server library used by networked time clocks to report and query the central server. Both client and server were cross-platform — UNIX and Windows NT — and the protocol was apparently designed well enough that no changes were ever needed in the face of multiple revisions to the client and server modules.

Credit Card Authorization Multiplexor

This UNIX server software accepts credit card authorizations requests from retail point-of-sale clients and routes them via a leased line to the credit card processor. This software reduced the time to run a purchaser's credit card from 30-45 seconds each to 3-5 seconds.

Modem-based File Transfer Communications

I created a serial-communications module that did X- and Z-Modem transfers via serial I/O (over modem) and via TCP/IP, and had scripted EDI conversations with VAN (Value Added Network) receivers on the other end. This software ran on multiple UNIX platforms and on Windows NT from essentially the same source code. Written in C++, the customer has reported that my modules have been remarkably trouble free.

Hartford XactPay

Since last 2008, I've been implementing communications interfaces that connect payroll systems with Hartford's XactPay workers compensation platform, and have developed an unparalleled expertise in this area. With both software and consultation available, I'm sure I can help you get connected with Hartford far faster than doing it yourself.

I've already paid my dues: you don't have to.

Databases / Data Conversion

I've used SQL databases since 1984 and have very long experience with them on numerous platforms. These include Unify, Informix, Sybase, C-ISAM, mySQL, MS-SQL, Interbase/Firebird and IBM's DB2. I've used embedded SQL and db-library style interfaces in addition to the more traditional "raw" SQL.

Sybase Application Data Extraction

A customer needed to extract data from a Windows-based application that ran on top of Sybase, and I was able to do this via a pcAnywhere remote connection in several hours having only used Sybase once before. I created a set of scripts that cleanly extracted the data to CSV files such that the customer could run the process without my help. The link above is the Tech Tip I created from the process.

Report-file parsing

A customer in the payroll business bought another payroll company, and needed to transfer the data from the new company's system to his own. I wrote software in perl to parse HP PCL output and extract the key payroll data in an easy-to-import form in a fraction of the time that manual data entry would have taken.

C/C++ and UNIX/Win32 Systems Programming

I have been using UNIX since January 1981 and programming in C since the summer of that year. I have used nearly every UNIX machine ever made save for a Cray, and have ported to something like 50 platforms over my career. "Portability" is my middle name. I also have extensive experience with the Win32 platform, particularly under Windows NT. I am generally as comfortable with OS-level work on NT as I am in UNIX.

Representative projects include:

Windows NT Color Print Driver

For a medical-grade color imager, I created a printer driver for Windows NT 3.51, and it was very full featured. About 30,000 lines of C++, it supported many sophisticated scaling and color matching algorithms as well as extensive output-formatting options.

UNIX Process Control Manager

On a Solaris system, I created a daemon that regulated the running processes during a critical data transfer operation: during this window, I/O heavy processes were throttled to minimize SCSI bus usage, and this was done via a the /proc process-control interface.

Software Portability

This general area (rather than a specific project) has been part of my skillset for 20 years: I've worked on nearly every UNIX system ever made, with additional experience on Win32, CP/M and MS-DOS. This has given me an enormous sense for "what ports" and "what doesn't".

Embedded Development

Most of my work has been on more traditional computer platforms, but I've done a number of embedded hardware and software projects as well. In college I did extensive development on the 8051 platform on hardware of my own design, and though I'm long past the point of being qualified for any real hardware design, I still keep my hands in the software end of it.

Notable projects include:

Embedded Linux Bootstrap/Installation System

For a manufacturer of medical equipment that ran the Linux OS, I created the system that allowed for failsafe bootstrapping and software installation. The machine ran on PC-like hardware, had a hard drive for system software and storage, and a ZIP drive for installations and software updates. I created an extensive system for building boot images.

Wire Printer Controller

I created a hardware and software system to integrate a PC with a Domino ink-jet printer that imprinted customer information and foot-measure markers on audio speaker wire.

Training / Technical Writing

For several years I travelled to teach week-long classes in C and UNIX programming to such companies as IBM, BellSouth, Goldman Sachs, plus an Efficiency, Portability and Maintainability class at AT&T Bell Laboratories in Holmdel, New Jersey. I routinely received outstanding reviews for my clarity and enthusiasm: my students could tell that they were learning from a real, live, firebreathing developer.

I was also a volunteer English as a Second Language (ESL) instructor for many years, and I'm very comfortable in front of a crowd.

I have also been a technical reviewer on dozens of books, some with more involvement than others. I've been credited in at least these publications:

• High Performance MySQL by Jeremy Zawodny & Derrek Balling (O'Reilly and Associates).
• Windows Server 2003 Security Cookbook by Mike Danseglio and Robbie Allen (O'Reilly and Associates).
• Programming Web Services with Perl by Randy Ray & Pavel Kulchenko (O'Reilly and Associates).
• Mastering Regular Expressions (2nd & 3rd editions) by Jeffrey E.F. Friedl (O'Reilly and Associates).
• Real World Linux Security by Bob Toxen (Prentice Hall).
• Mastering Algorithms with C by Kyle Loudon (O'Reilly and Associates).
• Learning DCOM by Thuan L. Thai (O'Reilly and Associates).
• POSIX Programmer's Guide by Donald Lewine (O'Reilly and Associates).
• Object Oriented Programming with C++ and OSF/Motif, 2/e. by Doug Young. (Prentice Hall)

There are many more, but most of them don't seem to be on the shelf at the moment.

Languages and Technologies

In addition to the project-related information above, I have skills in these more general technologies:

Perl

I'm very strong with perl, having used it for many years. My early work had been text processing, but of late it's grown to include web applications and network tools. Many times I'll prototype an idea for a customer project in perl to get a feel for what's involved, then use this as a base to move forward with the "real" project.

But I'm not anywhere nearly as good as my brother Jeffrey, who wrote Mastering Regular Expressions for O'Reilly and Associates. The second edition is out now, and I've performed a full technical review. It's an epic work on the subject.

Java

I'm not particularly strong with Java, but I have written a bit of real production software that talks to an IBM DB2 database via JDBC. It's all backend work, though, no GUI. I have excellent outside resources for Java help.

PostScript

I have years of experience with Postscript: writing it by hand, debugging it, and even maintaining an interpreter.

Pick BASIC

For many years I had quite a few customers who ran the Dataflow manufacturing system from Data Works (now Epicor), and I found that even UNIX enthusiasts can find plenty of things to admire about Pick BASIC. This was quite a surprise to find such a well done system in BASIC.