Linux Security State of Linux Security in 2016 Michael Boelen - - PowerPoint PPT Presentation

linux security
SMART_READER_LITE
LIVE PREVIEW

Linux Security State of Linux Security in 2016 Michael Boelen - - PowerPoint PPT Presentation

Jul 02, 2023 257 likes •458 views

Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG, 7 December 2016 Michael Boelen Open Source Lynis, Rootkit Hunter Business and Community Founder of CISOfy Board member and

slide-1
SLIDE 1

Linux Security

State of Linux Security in 2016

Michael Boelen

michael.boelen@cisofy.com DBLUG, 7 December 2016

slide-2
SLIDE 2

Michael Boelen

  • Open Source

○ Lynis, Rootkit Hunter

  • Business and Community

○ Founder of CISOfy ○ Board member and program committee NLUUG

2

slide-3
SLIDE 3

Blog: Linux-Audit.com

3

slide-4
SLIDE 4

Agenda

Topics

  • Highlights
  • Future
  • Discussion

4

slide-5
SLIDE 5

Highlights

slide-6
SLIDE 6

The Past: Services

  • Telnet
  • “r” services
  • Finger

6

slide-7
SLIDE 7

The Past: Tooling

7

slide-8
SLIDE 8

2016

Kernel security

  • Vulnerabilities
  • Linus himself
  • Grsecurity

8

slide-9
SLIDE 9

2016

  • Drown attack
  • Dirty COW
  • Cryptsetup initrd

(root shell)

9

slide-10
SLIDE 10

Compromise

  • Linux.PNScan (routers)
  • Linux.Rex.1 (p2p botnet)

10

slide-11
SLIDE 11

What about good things?

11

slide-12
SLIDE 12

Conferences

12

slide-13
SLIDE 13

Core Infrastructure Initiative

  • Badge program
  • Census project
  • Education
  • Tooling

13

slide-14
SLIDE 14

CII Example

  • Questions
  • Proof
  • Score

14

slide-15
SLIDE 15

The Future

15

slide-16
SLIDE 16

Some Thoughts for 2017

  • Docker
  • Nftables
  • Frameworks
  • Kernel patching
  • Auditing

16

slide-17
SLIDE 17

Questions?

Connect

  • Twitter (@mboelen)
  • LinkedIn (Michael Boelen)

17

slide-18
SLIDE 18