Luis MartinGarcia

Normal human being. Fascinated by the way things work. Hungry for learning. Fan of creative and complex projects. Five 9s good mood. Enjoys the sun, iced coffee and Ska music.

I am a Network and Software Engineer

Throughout my career I've had the privilege to work for great companies and do many interesting and rewarding things: software development, consultancy, network engineering, industry partnerships, and more. Currently, I am an Engineering Manager at Facebook, supporting a team of highly talented individuals that I admire.

Here's a quick summary. For more details, please check my LinkedIn profile.

Facebook

Jun 2016 - Today
Engineering Manager supporting a team of highly talented individuals where we define and build new network and telecom infrastructure products and build partnerships with vendors, operators and other players in the networking industry to improve connectivity across the globe and bring more people online, to a faster Internet.

Cisco Systems

Apr 2013 - Jun 2016
Networking Consulting Engineer for Cisco's large Enterprise and Internet Service Provider customers in the EMEAR region. Delivery of solutions and proactive services as part of Cisco's Advanced Services vertical, focused on Datacenter Networks, Automation and Software-Defined Networking (SDN) technologies.

Microsoft

Jan 2012 - Apr 2013
Infrastructure Consultant for Microsoft's large Enterprise customers in the Western Europe region. Technical, customer-facing, consultancy role focused on the analysis, design and deployment of solutions based on Microsoft's datacenter and security tecnologies (Hyper-V, Windows Server, AD, Forefront, etc).

Nmap

Summer 2009, 2010, 2011
Developer for the Nmap Security Scanner. Developed Nmap's IPv6 stack fingerprinting engine. Developed Nping, a multi-protocol and multi-target packet generator distributed with Nmap. Developed the Nping Echo Protocol, a system to detect modifications to a packet as it traverses the network.

cat /proc/projects

Apart from the things that pay the bills, I have a few personal projects. Here are the ones that I believe could be of interest.

Nping

I am the creator and mantainer of Nping, one of the tools of the Nmap family. Nping is a network packet generator that offers quite a lot of flexibility. It also has an interesting "echo mode" that lets you see how a packet gets modified by middleboxes as it traverses the network from source to destination. It is distributed as part of Nmap, so you may even have it installed already ;-)
[More].

Aldaba Security Suite

I am also the creator and maintainer of Aldaba, an open-source security tool to protect network services against 0-day exploits. Aldaba is a Single Packet Authorization daemon that controls access to a system or a network by instructing the local firewall to keep all ports in a closed state but open them dynamically upon request, for clients in possession of valid access credentials
[More].

Protocol

I wrote a command-line tool called "protocol". It is meant to provide quick access to an RFC-like ASCII representation of network protocol headers (e.g: IPv4, IPv6, TCP, ICMPv4, ICMPv6, Ethernet...), so you don't have to google them all the time. It is also and ASCII header generator for user-defined protocol headers. Using a simple syntax (e.g "TTL:16,Checksum:16,..."), one can generate any kind of nice and beautiful ASCII protocol headers.
[More].

Other Code & Tools

I keep a bunch of miscellaneous applications and code on my Github repository. I won't claim they are the most useful tools ever but there I have some interesting Cisco ACI-related tools, other random scripts and also contributions I've made to other open-source projects.
[More].

ls /etc/articles

I've written a few articles and essays. Some of them were published, some others were collecting dust in a drawer until I placed them here.

Remote Operating System Classification over IPv6.

This is a paper that I wrote together with some other Nmap developers. It is about the research David and I did on IPv6 OS fingerpriting originally, and a number of cool features Mathias and Alexandru worked on, some time after that. It got accepted in the ACM Workshop on Artificial Intelligence and Security, in October 2015.
[PDF]. [ACM Portal].

Programming with Libpcap - Sniffing the network from our own application

This was my first article ever. It's about my favourite library, libpcap. It provides a general introduction to packet capture systems and it shows how to use the libpcap library to build a network sniffer. It was published in Hakin9 Magazine (admitedly not the most rigorous publication out there) in 2008, and it's now freely accesible here:
[PDF]. [More Stuff].

Catching the Middlebox: a Technique for the Detection of Intermediate Network Devices.

I wrote this paper during my masters in Network Engineering. I never tried to publish it. It's about figuring out what network devices exist between a sender and a receiver by analyzing changes to network packets made in transit. Let me know what you think.
[PDF] [Slides].

Challenges for Host Discovery and Malware Propagation in the IPv6 Address Space.

This one was also written during my masters in Network Engineering. I never tried to publish it either. It's about how difficult it is for tools like Nmap to bruteforce IPv6 address spaces, and what techniques can be used to make host discovery in IPV6 feasible. Drop me a line and let me know what you think.
[PDF]. [TXT].

Dissertation on Single Packet Authorization and Port Knocking

This was the final project of my MSc in Computer Engineering at the UC3M. It provides a theoretical background for non-conventional dynamic filtering techniques in network firewalls. Goal is to solve the 0-day exploit problem by having systems with all ports closed by default, opening them on demand to authorized endpoints. Unfortunately, I wrote it in Spanish (what the hell was I thinking, right?). If you can read Spanish, you can find it here:
[PDF].

“All your data are belong to us” or how the Internet giants may have a card up their sleeve.

This one is not very good, to be honest. It's about the kind of data the big Internet players may have access to and how they could use it for profit. It's more an editorial than a scientific article and most of the ideas it contains perhaps were relevant at that time but they now sound too obvious. I'll leave it here just for the record.
[PDF].

cat /usr/presentations

Here are the slides for some of the presentations I've given outside work.

SDN, NFV and Cloud: An Overview of Current Trends in the Networking Industry.

Since their conception, network devices have experienced an enormous evolution, acquiring new capabilities and making it possible to build networks at a planetary scale. However, the demand for products and services that are built on top of the network is growing at a pace never seen before. The traditional paradigm of hosting the control and forwarding planes in the same device along with the way networks have been deployed and operated in the past, has made the network a bottleneck in the IT stack. Software-defined Networking (SDN), Network Function Virtualisation (NFV) and Cloud environments are recent proposals from the industry to make networks cope with the speed and level of sophistication that is required in today’s enterprises and service providers. This presentation will provide an overview of these concepts and discuss how they relate to the trends and challenges observed in production networks today.
[PDF].

Have something interesting to share?

If this wasn't what you were looking for, drop me a line. I am always up for communication with other human beings, especially if it's about something interesting. Feel free to reach me using the e-mail address below.