lhftools.com
home
projects
resume
my stuff
blog
family
contact me
index » resume
Name
Donald Matthew Wagenknecht
contact@LHFTools.com
Career Profile
I am a very technically-adept IT specialist with 10 years experience in Information Technology, 7 of which dealt directly with Information Security. Having a wide range of skills in all technical disciplines within IT allows me to provide superior technical direction or assistance with any IT matter. Tight deadlines and high visibility projects are motivators for me. I am a self-motivated team player with an incredible thirst for knowledge. I take a lot of pride in the quality of my work.
Key Technical Abilities
-Ethical Hacking: All of these areas involved using a variety of commercial, open-source, and personally-written hacking tools. A few will be mentioned but many more were used.
  • Web-application assessments including sql injection, parameter manipulation, and session hijacking using Paros, Web Scarab, etc.
  • Network security reconnaissance and assessment including asset discovery and investigation using Nmap, Nessus, and passive reconnaissance techniques.
  • System and service assessment including exploitation of vulnerabilities to gain full system access using home grown, public, and privately available exploits and, in a limited fashion, Metasploit Framework.
  • Social engineering engagements including cold calls and “blind” assessments.

-Network Architecture: CheckPoint Firewall-1/VPN-1, Sygate personal firewall deployment and administration, intrusion detection systems, familiar with Cisco routers, WLANs, VWANs, B2B VPNs, Nortel Contivity VPN switch administration.

-System Administration: Linux, Windows NT/2K/XP, NT/2K Domain administration, Solaris, MS SQL Server, IIS hardening and administration, system integrity audits.

-Programming: Perl, ASP, C++, Visual Basic.
Degrees/Certifications
  • September, 2004 Sygate Secure Enterprise Professional (SSEP)
  • August, 2003 Certified Information Systems Security Professional (CISSP) #49757
  • February, 1998 Microsoft Certified System Engineer (MCSE)
  • January, 1998 Microsoft Certified Professional + Internet (MCP+I)
  • July, 1995 Bachelor’s of Science, Mechanical Design, Oklahoma State University
Publications
  • Security Sage's Guide to Hardening the Network Infrastructure, Author - IDS Chapter, Syngress Publishing, 2004
Training
  • September 2003 Sygate Secure Enterprise Deployment and Administration
  • November 2001 Ultimate Hacking - Foundstone
  • January 2001 Solaris 8 System Administration II - Sun Microsystems
  • December 2000 Solaris 8 System Administration I - Sun Microsystems
  • September 2000 CheckPoint VPN-1 for the Security Professional
  • September 2000 CheckPoint Advanced Firewall-1 Management
Work Experience
Dec 04 :: present -- Penetration Assessment Consultant -- Special Ops Security, Inc
  • Web Application Specialist on several projects for businesses in the financial and entertainment industries. Some interesting personal findings include:
    1. --discovery of 107,000 records (street value of about $11.5 million) of personally identifiable information from a mortgage company.
    2. --discovery of a flaw in a state government's building permit processing application that allowed modification of the credit card transaction amount to any value including negative numbers. Charging a negative amount refunds money back to the card up to the credit limit.
  • Network Reconnaissance Specialist on several projects. I provided asset information and valuation to prioritize attack targets for the assessment team. This is an invaluable skill when the assessments are time-restrained.
  • Primary Reporting Specialist on several projects. All technical findings were reported to me. I would check all material for accuracy, grammar, punctuation and format. Once complete, the report would be handed to the customer.

Mar 06 :: present -- Technical Advisor, Security Assessment and Forensics Team -- FedEx Services
  • Plan and perform security assessments on FedEx assets world-wide/
  • Provide forensic services for any Information Security-related incidents of any nature.
  • Assist with identifying and reducing fraud.

Nov 04 :: Mar 06 -- Sr. Information Security Engineer -- FedEx Freight
  • Maintain the Checkpoint firewall, Sygate Secure Enterprise, and VPN environments and trouble shoot any technical issues with those environments.
  • Provide forensic services for any Information Security-related incidents of any nature.
  • Provide strategic technical direction for Director-level and above regarding Information Security issues.
  • Perform routine penetration testing and recommend hardening measures for and network device running a variety of operating systems, including Windows, Solaris, Linux, and HPUX.

Feb 00 :: Nov 04 Sr. Security Administrator Quantum Corporation
  • Design, purchase, and maintain global enterprise firewall and VWAN environments.
  • Create secure environment from which e-commerce and B2B resources can be provided.
  • Secure and maintain remote access functionality for Quantum employees worldwide.
  • Establish Wireless LAN strategy for domestic U.S. sites.
  • Audit and recommend hardening measures for enterprise servers running Windows, Solaris, Linux, and HPUX.

July 97 :: September 99 Web System Architect Quantum Corporation
  • Design, purchase and maintain internal web site hosting platform.
  • Deliver end-user site maintenance solution.
  • Deploy custom Internet Explorer package and troubleshoot any I.E. related issues.
  • Gather requirements for new web site projects and deliver solution to end-users.