Linux Security State of Linux Security in 2016 Michael Boelen - PowerPoint PPT Presentation

Jul 02, 2023 •257 likes •454 views

Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG, 7 December 2016 Michael Boelen Open Source Lynis, Rootkit Hunter Business and Community Founder of CISOfy Board member and

Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG, 7 December 2016
Michael Boelen ● Open Source ○ Lynis, Rootkit Hunter ● Business and Community ○ Founder of CISOfy ○ Board member and program committee NLUUG 2
Blog: Linux-Audit.com 3
Agenda Topics ● Highlights ● Future ● Discussion 4
Highlights
The Past: Services ● Telnet ● “r” services ● Finger 6
The Past: Tooling 7
2016 Kernel security ● Vulnerabilities ● Linus himself ● Grsecurity 8
2016 ● Drown attack ● Dirty COW ● Cryptsetup initrd (root shell) 9
Compromise ● Linux.PNScan (routers) ● Linux.Rex.1 (p2p botnet) 10
What about good things? 11
Conferences 12
Core Infrastructure Initiative ● Badge program ● Census project ● Education ● Tooling 13
CII Example ● Questions ● Proof ● Score 14
The Future 15
Some Thoughts for 2017 ● Docker ● Nftables ● Frameworks ● Kernel patching ● Auditing 16
Questions? Connect ● Twitter (@mboelen) ● LinkedIn (Michael Boelen) 17

Download Presentation

Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables http://outflux.net/slides/2013/drupal/tunables.pdf R0Ng DrupalCon Portland 2013 Kees Cook <keescook@google.com> (pronounced Case) Who is

474 views • 33 slides

Tizen, Security and The Internet of Things Casey Schaufler 1 Casey Schaufler Security

Tizen, Security and The Internet of Things Casey Schaufler 1 Casey Schaufler Security Dinosaur Smack Linux Security Module Manager Tizen and Linux Kernel Security 2 Tizen Linux based operating system Project of the Linux

486 views • 23 slides

TOMOYO Linux A Lightweight and Manageable Security System for PC and Embedded Linux

CE Linux Forum Worldwide Embedded Linux Conference 2007 April 17-19, 2007 TOMOYO Linux A Lightweight and Manageable Security System for PC and Embedded Linux http://tomoyo.sourceforge.jp/ Toshiharu Harada Tetsuo Handa NTT DATA

654 views • 47 slides

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University

Network Security Fundamentals Security Training Course Dr. Charles J. Antonelli The University of Michigan 2013 Network Security Fundamentals Module 9 Linux Security & Logging Linux Security Real-World Linux Security RHEL

739 views • 41 slides

Basic Linux Original slides from GTFO Security outline Linux What it is? Commands

Basic Linux Original slides from GTFO Security outline Linux What it is? Commands Filesystem / Shell Package Management Services run on Linux mail dns web central authentication router

1.55k views • 23 slides

TOMOYO Linux News! A Lightweight and Manageable Security System for PC and Embedded Linux

TOMOYO Linux News! A Lightweight and Manageable Security System for PC and Embedded Linux PDF version of ELC2007 slide is available: CE Linux Forum Wiki TomoyoLinux http://tree.celinuxforum.org/CelfPubWiki/TomoyoLinux (bookmark and

890 views • 48 slides

Linux Kernel Self Protection Project Linux Security Summit, Los Angeles September 14, 2017 Kees

Linux Kernel Self Protection Project Linux Security Summit, Los Angeles September 14, 2017 Kees (Case) Cook keescook@chromium.org https://outflux.net/slides/2017/lss/kspp.pdf Agenda Background Security in the context of

652 views • 52 slides

Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux

Linux Overview Amir Hossein Payberah payberah@gmail.com 1 Agenda Linux Overview Linux Distributions Linux vs Windows Linux Architecture Linux Security 2 What is Linux? Similar Operating System To Microsoft Windows, Sun

1.11k views • 55 slides

Linux Hardening Locking Down Linux To Increase Security Michael Boelen michael.boelen@cisofy.com

Linux Hardening Locking Down Linux To Increase Security Michael Boelen michael.boelen@cisofy.com s-Hertogenbosch, 1 March 2016 Meetup: Den Bosch Linux User Group Goals 1. Learn what to protect 2. Know some strategies 3. Learn tooling Focus

912 views • 60 slides

Advanced Systems Security: Security-Enhanced Linux Trent Jaeger Systems and Internet

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security: Security-Enhanced Linux Trent

474 views • 26 slides

Advanced Systems Security: Linux Security Modules Trent Jaeger Systems and Internet

872 views • 30 slides

Secure Enhanced Linux Julian Richen SELinux? Started as a research project from the National

Secure Enhanced Linux Julian Richen SELinux? Started as a research project from the National Security Agency (NSA) A set of patches using the Linux Security Modules (LSM) Hardening GNU/Linux systems with extra security policies and

349 views • 15 slides

Linux Kernel Security & Hardening Thomas Lamprecht January 17, 2019 Introduction The Linux

Linux Kernel Security & Hardening Thomas Lamprecht January 17, 2019 Introduction The Linux Kernel Widespread Deployed on: powerful (high performance compute clusters) sensitive (bank, gov. systems, ..) safety critical

995 views • 29 slides

M eeting Critical Security Objectives with Security-Enhanced Linux Peter A. Loscocco

M eeting Critical Security Objectives with Security-Enhanced Linux Peter A. Loscocco Information Assurance Research G roup National Security Agency Co-author: Stephen D. Smalley, NAI Labs 1 roup Inform ation A ssurance R esearch G

476 views • 43 slides

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client

Linux Kung Fu Introduction What is Linux? Why Linux? What is the difference between a client and a server? What is Linux? Linux generally refers to a group of Unix-like free and open-source operating system distributions that use the Linux

562 views • 53 slides

Linux system hardening thanks to systemd Timothe Ravier French Network and Information Security

Linux system hardening thanks to systemd Timothe Ravier French Network and Information Security Agency (ANSSI) RMLL 2017 Goal of this talk Goal of this talk Increase the security of standard Linux distributions Use security features

382 views • 37 slides

Ret2dir: Rethinking Kernel Isolation Kermerlis et al. Columbia University Presented by Lucas Copi

Ret2dir: Rethinking Kernel Isolation Kermerlis et al. Columbia University Presented by Lucas Copi Introduction ! In the past attackers have focused efforts on server and client applications ! Due to lesser complexities and simpler

501 views • 26 slides

Lock-in-Pop : Securing Privileged Operating System Kernels by Keeping on the Beaten Path Yiwen

Lock-in-Pop : Securing Privileged Operating System Kernels by Keeping on the Beaten Path Yiwen Li, Brendan Dolan-Gavitt, Sam Weber, Justin Cappos New York University Tandon School of Engineering Motivation 1. Many vulnerabilities exist in

299 views • 19 slides

Five Questions to Evaluate any Privacy or Security Program Wyoming Cybersecurity Symposium August

Five Questions to Evaluate any Privacy or Security Program Wyoming Cybersecurity Symposium August 6 & 7, 2019 October 23, 2019 SPEAKER BIO CISO at Holland & Hart Past President, Denver Chapter ISSA 18 years of Computer &

597 views • 20 slides

Using COBIT 5 Framework for Cybersecurity Assessment Hugh Burley, Trevor Hurst, and Ivor MacKay

Conference 2018 Conference 2018 Using COBIT 5 Framework for Cybersecurity Assessment Hugh Burley, Trevor Hurst, and Ivor MacKay Speakers Trevor Hurst, Chief Information Officer Ministry of Advanced Education, Skills & Training Hugh

551 views • 26 slides

User-space Tracing with UST Mathieu Desnoyers mathieu.desnoyers@efficios.com David Goulet

User-space Tracing with UST Mathieu Desnoyers mathieu.desnoyers@efficios.com David Goulet david.goulet@polymtl.ca Michel Dagenais michel.dagenais@polymtl.ca April 6-8, 2011 Collaboration Summit Presenters Mathieu Desnoyers EfficiOS

356 views • 21 slides

Enumerated Authorization Policy Prosunjit Biswas, Ravi Sandhu and Ram Krishnan University of

Institute for Cyber Security Label-Based Access Control: An ABAC Model with Enumerated Authorization Policy Prosunjit Biswas, Ravi Sandhu and Ram Krishnan University of Texas at San Antonio 1 st Workshop on Attribute Based Access Control (ABAC

469 views • 26 slides

SELIC CORP OPPORTUNITY DAY QUARTER 3/2018 DATE: December 18, 2018 Selic Corp Public Company

SELIC CORP OPPORTUNITY DAY QUARTER 3/2018 DATE: December 18, 2018 Selic Corp Public Company Limited ABOUT SELIC We provide solutions for adhesive, our offer includes customized products and services that match our customers needs. Facts

689 views • 30 slides

National Cyber Security Strategy 2016 26th of April 2017, Athens Samuel Rothenpieler,

National Cyber Security Strategy 2016 26th of April 2017, Athens Samuel Rothenpieler, International Relations Advisor, Federal Offjce for Information Security (BSI) Mission Statement of the German Federal Offjce for Information Security (BSI)

464 views • 14 slides