Dan Farmer

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Dan Farmer
Dan Farmer in 2007.JPG
Dan Farmer in 2007
Born (1962-04-05) 5 April 1962 (age 60)
Alma materPurdue University
Known for

Dan Farmer (born April 5, 1962) is an American computer security researcher and programmer who was a pioneer in the development of vulnerability scanners for Unix operating systems and computer networks.[1]

Life and career[edit]

Farmer developed his first software suite while he was a computer science student at Purdue University in 1989. Gene Spafford, one of his professors, helped him to start the project. The software, called the Computer Oracle and Password System (COPS), comprises several small, specialized vulnerability scanners designed to identify security weaknesses in one part of a Unix operating system.

In 1995, Farmer and Wietse Venema (a Dutch programmer and physicist) developed a second vulnerability scanner called the Security Administrator Tool for Analyzing Networks (SATAN). Due to a misunderstanding of SATAN's capabilities, when it was first published, some network administrators and law enforcement personnel believed that hackers would use it to identify and break into vulnerable computers. Consequently, SGI terminated Farmer's employment.[2] However, contrary to popular opinion, SATAN did not function as an automatic hacking program that undermined network security. Rather, it operated as an audit on network security that identified vulnerabilities and made suggestions to help prevent them. No information about how security vulnerabilities could be exploited was provided by the tool.[3] Within a few years, the use of vulnerability scanners such as SATAN became an accepted method for auditing computer and network security.

He co-developed the Titan vulnerability scanner with Brad Powell and Matt Archibald, which they presented at the Large Installation System Administration Conference (LISA) in 1998.[4] [5]

Farmer and Venema collaborated again to develop a computer forensics suite called The Coroner's Toolkit, and later coauthored Forensic Discovery (2005), a book about computer forensics.[6]

Farmer co-founded Elemental Security with Dayne Myers, and served as the corporation's chief technical officer.


  1. ^ Gibbs, W. W. (1997) Profile: Dan Farmer – From Satan to Zen, Scientific American 276(4), 32-34.
  2. ^ "login interview with Dan Farmer" (PDF). Usenix. December 2014. Retrieved March 19, 2017.
  3. ^ Palmer, C. C. (2001). "Ethical Hacking" (PDF). IBM Systems Journal: 40.
  4. ^ https://www.usenix.org/legacy/event/lisa98/full_papers/farmer/farmer.pdf[bare URL PDF]
  5. ^ "LISA 98 Technical Program".
  6. ^ Forensic Discovery, Addison-Wesley Professional. ISBN 0-201-63497-X.


  • Ortiz, Catalina (1995-04-04). "Computer Program to Find Security Holes Bedevils Some Experts". The Associated Press.

External links[edit]