Rich Compton
Nominee Details
Name: Rich Compton
Position: Principal Network Security Engineer III
Organization: Charter Communications
MANRS participant (Y/N): Yes
Biographical Information
Rich Compton has been working at ISPs for over 20 years. He started his career working on the first Internet Exchange Points at WorldCom back in 1997. From there he went on to work at a start-up with only 20 employees and helped to take it to a company with a nationwide DWDM fiber network with MPLS in only two years. He then progressed to become the very first Network Security Engineer at Charter Communications and has been working in the cable industry for the past 19 years. In his tenure at Charter he has dealt with just about every facet of network security. He now focuses on DDoS detection and mitigation, stopping botnets, BGP security, and keeping Charter’s network infrastructure secure.
Nominee Statement
Why I am interested in joining the steering committee:
- I want to help increase the security of the global Internet to allow for the free exchange of information and ideas. I believe this will increase humanity’s collective knowledge and help us thrive.
What I can bring to MANRS:
- I was previously on the MANRS advisory board so I have experience with MANRS.
- I have 20+ years experience working at ISPs and specifically 19 years experience working at a cable ISP focused on network security (BGP security, RPKI, DDoS, botnets).
- I am the chairperson of M3AAWG’s DDoS Special Interest Group and have experience leading a group that deals with issues affecting the availability data transmission on the Internet (DDoS attacks).
My vision for the initiative:
- The biggest issues related to availability on the Internet that I have found are DDoS attacks and BGP hijacks.
- A vast majority of DDoS attacks come from organizations that allow spoofed traffic to originate or traverse their networks. I want to make it harder for bad guys to be able to generate this traffic. I want to work with MANRS and others to help develop procedures and tools to identify when and where spoofed traffic is being generated and work collectively to stop it. I have open sourced a tool called tattle tale that can help networks identify when this traffic is being transmitted and which peer is sending it (https://github.com/racompton/tattle-tale).
- For the issue of BGP hijacks, I want to work with MANRS to encourage the deployment of RPKI. I have developed a document that provides organizations a collection of information to help them in their RPKI deployment (https://docs.google.com/document/d/1fGsuDpLSn0ZN3-Pa-4aAciGH-Qc0K5AHZ1GyFRAHow4/edit?usp=sharing) and developed a tool that assists in the generation of ROAs using ARIN’s API (https://github.com/racompton/arin-roa-request). This tool has been used successfully by ISPs to generate ROAs for some of the largest ISPs in North America. I would like to work with MANRS to develop a standard API across all RIRs and tools that can use these APIs no matter where an organization has obtained IP resources.
Nominated by: Self-nomination