As discussed in the previous chapter, William Cheswick is one of the original creators of the modern‐day firewall. He took over the management of the first documented firewall, invented the circuit‐level firewall, and if you say the word “proxy” in your computer security life, you have him to thank. Cheswick has more than a dozen patents and co‐wrote the first definitive book on firewalls, Firewalls and Internet Security: Repelling the Wily Hacker (
https://www.amazon.com/Firewalls‐Internet‐Security‐Repelling‐Hacker/dp/020163466X) with Steven Bellovin in 1994. I was into firewalls before reading that book, but his book taught me much of what I know about firewalls today, and a dog‐eared version of it was on my office bookshelf for nearly two decades.
His infamous “An Evening with Berferd in which a Cracker Is Lured, Endured, and Studied” whitepaper (
http://www.cheswick.com/ches/papers/berferd.pdf) introduced many of us to honeypots. Thanks to Cheswick, the term “jail” is now a direct command word in FreeBSD, and a “chroot jail” is one of the easiest and most popular ways to isolate particular subsystems in Unix and Linux. Few individuals have had as much broad impact on computer security boundaries as he has. He is also one of the optimistic experts I’ve met in the computer security field while also realizing that a lot of things still need to be fixed.
I asked Cheswick how he came to join the AT&T Bell Labs hotbed of computer security talent. He ...