• Home

  • Documents

  • The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus...
18
Linux Security State of Linux Security in 2016 Michael Boelen [email protected] DBLUG, 7 December 2016

The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Embed Size (px)

Citation preview

Page 1: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Linux SecurityState of Linux Security in 2016

Michael [email protected]

DBLUG, 7 December 2016

https://cisofy.com
Page 2: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Michael Boelen● Open Source

○ Lynis, Rootkit Hunter

● Business and Community○ Founder of CISOfy○ Board member and program committee NLUUG

2

https://cisofy.com
Page 3: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Blog: Linux-Audit.com

3

Page 4: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Agenda

Topics● Highlights● Future● Discussion

4

Page 5: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Highlights

Page 6: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

The Past: Services

● Telnet● “r” services● Finger

6

Page 7: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

The Past: Tooling

7

Page 8: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

2016

Kernel security● Vulnerabilities● Linus himself● Grsecurity

8

Page 9: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

2016

● Drown attack● Dirty COW● Cryptsetup initrd

(root shell)

9

Page 10: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Compromise

● Linux.PNScan (routers)● Linux.Rex.1 (p2p botnet)

10

Page 11: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

What about good things?

11

Page 12: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Conferences

12

Page 13: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Core Infrastructure Initiative

● Badge program● Census project● Education● Tooling

13

Page 14: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

CII Example

● Questions● Proof● Score

14

Page 15: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

The Future

15

Page 16: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Some Thoughts for 2017

● Docker● Nftables● Frameworks● Kernel patching● Auditing

16

Page 17: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Questions?

Connect● Twitter (@mboelen)● LinkedIn (Michael Boelen)

17

https://twitter.com/mboelen
https://nl.linkedin.com/in/mboelen
Page 18: The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus ripwir TM CISOFY AUDITING-HARDENING-COMPLIANCE ... Basics BADGE STATUS FOR LYNIS Show

Linux Profiling and · PDF fileLinux Profiling and Optimization The Black Art of Linux Performance Tuning Federico Lucifredi Platform Orchestra Director Novell, INC

Linux Profiling and · PDF fileLinux Profiling and Optimization The Black Art of Linux Performance Tuning Federico Lucifredi Platform Orchestra Director Novell, INC

Documents
Concept Tooling - CISOfy · Linux Security Concept → Tooling Utrecht, 16 January 2016 Michael Boelen michael.boelen@cisofy.com. 2. Goals 1. Learn what to protect 2. Know some strategies

Concept Tooling - CISOfy · Linux Security Concept → Tooling Utrecht, 16 January 2016 Michael Boelen [email protected]. 2. Goals 1. Learn what to protect 2. Know some strategies

Documents
Linux Documentation Project Reviewer HOWTO - · PDF fileLinux Documentation Project Reviewer HOWTO Emma Jane ... always use their English counterpart instead. ... contact a coordinator

Linux Documentation Project Reviewer HOWTO - · PDF fileLinux Documentation Project Reviewer HOWTO Emma Jane ... always use their English counterpart instead. ... contact a coordinator

Documents
Best Practices for Hadoop Performance with Hortonworks ... · PDF fileLinux by Redhat: Redhat 7.2 Linux OS Mellanox: InfiniBand/Ethernet Connectivity in and out of server ... Spark,

Best Practices for Hadoop Performance with Hortonworks ... · PDF fileLinux by Redhat: Redhat 7.2 Linux OS Mellanox: InfiniBand/Ethernet Connectivity in and out of server ... Spark,

Documents
Linux Performance Analysis New Tools and Old · PDF fileLinux Performance Analysis New Tools and Old Secrets Brendan Gregg Senior Performance Architect Performance Engineering Team

Linux Performance Analysis New Tools and Old · PDF fileLinux Performance Analysis New Tools and Old Secrets Brendan Gregg Senior Performance Architect Performance Engineering Team

Documents
Contents · 2017. 11. 6. · Contents 02 FIRT S THOUGHTS Lynis Lewis, Noclor Service Director 03 PILL-ON-A-STRING Early detection of throat cancer 04 Q&A: GLYN LEWIS Uplifting approach

Contents · 2017. 11. 6. · Contents 02 FIRT S THOUGHTS Lynis Lewis, Noclor Service Director 03 PILL-ON-A-STRING Early detection of throat cancer 04 Q&A: GLYN LEWIS Uplifting approach

Documents
Linux Clusters Institute: Survey of File · PDF fileLinux Clusters Institute: Survey of File Systems J.D. Maloney | Storage Engineer National Center for Supercomputing Applications

Linux Clusters Institute: Survey of File · PDF fileLinux Clusters Institute: Survey of File Systems J.D. Maloney | Storage Engineer National Center for Supercomputing Applications

Documents
Linux System Administration and · PDF fileLinux System Administration and Support - 1 ... branded Linux distributions consist of the core SuSE distribution and some additional components

Linux System Administration and · PDF fileLinux System Administration and Support - 1 ... branded Linux distributions consist of the core SuSE distribution and some additional components

Documents
Linux Cluster Administration - LinOxide · PDF fileLinux Cluster Administration ... Create & manage HA cluster services rgmanager implements cold failover ... an LVM logical volume

Linux Cluster Administration - LinOxide · PDF fileLinux Cluster Administration ... Create & manage HA cluster services rgmanager implements cold failover ... an LVM logical volume

Documents
Linux Standard Base Core Specification 4.1 - Linux · PDF fileLinux Standard Base Core Specification 4.1 . ... 22 Software Installation ... source level API specification,

Linux Standard Base Core Specification 4.1 - Linux · PDF fileLinux Standard Base Core Specification 4.1 . ... 22 Software Installation ... source level API specification,

Documents
Linux PCMCIA HOWTO - The Linux Documentation · PDF fileLinux PCMCIA HOWTO ... No PCI interrupt assignment; valid routing table ... • 2.6 Notes about specific Linux distributions

Linux PCMCIA HOWTO - The Linux Documentation · PDF fileLinux PCMCIA HOWTO ... No PCI interrupt assignment; valid routing table ... • 2.6 Notes about specific Linux distributions

Documents
Linux System Management for the Mainframe Systems · PDF fileLinux System Management for the ... • Basic vi Concepts ... • tar -jcf backup.tar.bz2 file1 file2 file3 file4

Linux System Management for the Mainframe Systems · PDF fileLinux System Management for the ... • Basic vi Concepts ... • tar -jcf backup.tar.bz2 file1 file2 file3 file4

Documents
Agenda - Security Auditing and Compliance Solutions - CISOfy · 2018. 6. 6. · Security Auditing Compliance. System Hardening. Security 101 Ongoing process Prevention || Detection

Agenda - Security Auditing and Compliance Solutions - CISOfy · 2018. 6. 6. · Security Auditing Compliance. System Hardening. Security 101 Ongoing process Prevention || Detection

Documents
for Developers Linux Security - CISOfy...Linux Security for Developers Insights for building a (more) secure world Michael Boelen michael.boelen@cisofy.com 14 January 2016 Spying Internet

for Developers Linux Security - CISOfy...Linux Security for Developers Insights for building a (more) secure world Michael Boelen [email protected] 14 January 2016 Spying Internet

Documents
Linux Internals - · PDF fileLinux kernel subsystems The Process Scheduler (SCHED) The Memory Manager (MM) The Virtual File System (VFS) The Network Interface (NET)

Linux Internals - · PDF fileLinux kernel subsystems The Process Scheduler (SCHED) The Memory Manager (MM) The Virtual File System (VFS) The Network Interface (NET)

Documents
Top 5 Defacers - Information Warfare Center · 4/13/2014  · Lynis Auditing Tool 1.4.9 Lynis Auditing Tool 1.5.0 OpenDNSSEC 1.4.5 OpenSSL Toolkit 1.0.1g Pytacle Alpha2 SkyJack Drone

Top 5 Defacers - Information Warfare Center · 4/13/2014  · Lynis Auditing Tool 1.4.9 Lynis Auditing Tool 1.5.0 OpenDNSSEC 1.4.5 OpenSSL Toolkit 1.0.1g Pytacle Alpha2 SkyJack Drone

Documents
Multipath TCP - TROOPERS18 · PDF fileLinux Linux reference ... Can work in Kali, but challenges Nicolas Maître made a ridiculously useful, near complete, SCAPY implementation

Multipath TCP - TROOPERS18 · PDF fileLinux Linux reference ... Can work in Kali, but challenges Nicolas Maître made a ridiculously useful, near complete, SCAPY implementation

Documents
Linux Virtual Desktop - Citrix Docs · PDF fileLinux Virtual Desktop Installation Guide for SUSE Linux Enterprise Glossary Broker - XenDesktop component responsible for brokering HDX

Linux Virtual Desktop - Citrix Docs · PDF fileLinux Virtual Desktop Installation Guide for SUSE Linux Enterprise Glossary Broker - XenDesktop component responsible for brokering HDX

Documents
Linux Performance Analysis and Tools - Brendan · PDF fileLinux Performance Analysis and Tools Lead Performance Engineer brendan@joyent.com Brendan Gregg @brendangregg SCaLE11x February,

Linux Performance Analysis and Tools - Brendan · PDF fileLinux Performance Analysis and Tools Lead Performance Engineer [email protected] Brendan Gregg @brendangregg SCaLE11x February,

Documents
Tivoli Storage Manager UNIX Linux - University of Illinois ... · PDF fileLinux Backup-Archive Clients Installation and User’s ... AIX client environment.... ... ... Tivoli Storage

Tivoli Storage Manager UNIX Linux - University of Illinois ... · PDF fileLinux Backup-Archive Clients Installation and User’s ... AIX client environment.... ... ... Tivoli Storage

Documents
10th May 2008 Lit rev, methodology and findings, refs ... · Web viewAdditionally I want to thank Raj Boyjoonauth, Robyn Doran, Jose Wood, Lynis Lewis, Ursula Gallagher, Carol Scott,

10th May 2008 Lit rev, methodology and findings, refs ... · Web viewAdditionally I want to thank Raj Boyjoonauth, Robyn Doran, Jose Wood, Lynis Lewis, Ursula Gallagher, Carol Scott,

Documents
· PDF fileLinux Programming & Compiler Design Lab Data Mining & Web Technologies Lab Advanced English Language Communication Skills Lab

· PDF fileLinux Programming & Compiler Design Lab Data Mining & Web Technologies Lab Advanced English Language Communication Skills Lab

Documents
Linux Performance · PDF fileLinux Performance Tuning - 3 © Applepie Solutions 2004-2008, Some Rights Reserved Licensed under a Creative Commons Attribution-Non-Commercial-Share Alike

Linux Performance · PDF fileLinux Performance Tuning - 3 © Applepie Solutions 2004-2008, Some Rights Reserved Licensed under a Creative Commons Attribution-Non-Commercial-Share Alike

Documents
Linux OS Fundamentals for the SQL Admin - Centino · PDF fileLinux OS Fundamentals for the SQL Admin ... • Install SQL Server on Linux from Microsoft’s yum repository. ... •

Linux OS Fundamentals for the SQL Admin - Centino · PDF fileLinux OS Fundamentals for the SQL Admin ... • Install SQL Server on Linux from Microsoft’s yum repository. ... •

Documents
Linux For System z Installation Workshop - RedHat ... · PDF fileLinux For System z Installation Workshop - RedHat Enterprise Linux ... 5.7 If You Have Extra Time ... (RedHat) - Install

Linux For System z Installation Workshop - RedHat ... · PDF fileLinux For System z Installation Workshop - RedHat Enterprise Linux ... 5.7 If You Have Extra Time ... (RedHat) - Install

Documents
Linux Performance Analysis and Tools - · PDF fileLinux Performance Analysis and Tools Lead Performance Engineer brendan@joyent.com Brendan Gregg @brendangregg

Linux Performance Analysis and Tools - · PDF fileLinux Performance Analysis and Tools Lead Performance Engineer [email protected] Brendan Gregg @brendangregg

Documents
Linux Hardening - CISOfy · Linux Hardening Locking Down Linux To Increase Security ‘s-Hertogenbosch, 1 March 2016 Meetup: ... Common Vulnerability Scoring System (CVSS)

Linux Hardening - CISOfy · Linux Hardening Locking Down Linux To Increase Security ‘s-Hertogenbosch, 1 March 2016 Meetup: ... Common Vulnerability Scoring System (CVSS)

Documents
Rootkits - West Michigan GNU/Linux Users Group Revisited - WMLUG July 2016.pdf · Detector - Lynis Lynis Lynis is a security auditing tool for UNIX derivatives like Linux, macOS,

Rootkits - West Michigan GNU/Linux Users Group Revisited - WMLUG July 2016.pdf · Detector - Lynis Lynis Lynis is a security auditing tool for UNIX derivatives like Linux, macOS,

Documents
Linux NVMe Driver - Flash Memory · PDF fileLinux NVMe Driver Keith Busch Software Engineer ... Linux block layer performance optimizations: beyond NAND Flash Memory Summit 2013 Santa

Linux NVMe Driver - Flash Memory · PDF fileLinux NVMe Driver Keith Busch Software Engineer ... Linux block layer performance optimizations: beyond NAND Flash Memory Summit 2013 Santa

Documents
Linux Kernel Networking - Haifa Linux Club - · PDF fileLinux Kernel Networking Rami Rosen ramirose@gmail.com Haifux, August 2007

Linux Kernel Networking - Haifa Linux Club - · PDF fileLinux Kernel Networking Rami Rosen [email protected] Haifux, August 2007

Documents