linux security
play

Linux Security State of Linux Security in 2016 Michael Boelen - PowerPoint PPT Presentation

Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG, 7 December 2016 Michael Boelen Open Source Lynis, Rootkit Hunter Business and Community Founder of CISOfy Board member and


  1. Linux Security State of Linux Security in 2016 Michael Boelen michael.boelen@cisofy.com DBLUG, 7 December 2016

  2. Michael Boelen ● Open Source ○ Lynis, Rootkit Hunter ● Business and Community ○ Founder of CISOfy ○ Board member and program committee NLUUG 2

  3. Blog: Linux-Audit.com 3

  4. Agenda Topics ● Highlights ● Future ● Discussion 4

  5. Highlights

  6. The Past: Services ● Telnet ● “r” services ● Finger 6

  7. The Past: Tooling 7

  8. 2016 Kernel security ● Vulnerabilities ● Linus himself ● Grsecurity 8

  9. 2016 ● Drown attack ● Dirty COW ● Cryptsetup initrd (root shell) 9

  10. Compromise ● Linux.PNScan (routers) ● Linux.Rex.1 (p2p botnet) 10

  11. What about good things? 11

  12. Conferences 12

  13. Core Infrastructure Initiative ● Badge program ● Census project ● Education ● Tooling 13

  14. CII Example ● Questions ● Proof ● Score 14

  15. The Future 15

  16. Some Thoughts for 2017 ● Docker ● Nftables ● Frameworks ● Kernel patching ● Auditing 16

  17. Questions? Connect ● Twitter (@mboelen) ● LinkedIn (Michael Boelen) 17

Recommend


More recommend