Linux Advanced Security
Linux enjoys great popularity, especially in the server and IoT sectors – this makes the free operating system increasingly interesting for attackers.
Contrary to the long-standing myth, Linux is developed with a focus on security – but can certainly be hijacked by clever attacks.
Like other software vendors, Linux distributions face a tradeoff between security and usability.
Linux administrators can change the settings to their own liking.
This course provides a basic overview of common hardening options and uses SELinux, AppArmor, and fail2ban as examples to demonstrate three important tools.
Also demonstrated are OpenVAS and Dev-Sec, two other programs for detecting and closing common security vulnerabilities.
The workshop is as interactive as possible – theoretical and practical content is provided for the respective tasks.
Agenda:
Motivation
- Overview
- General Best Practices
- Linux Security Modules
SELinux
- Overview
- User
- Policies
- File context
- Modules and Booleans
AppArmor
- Modes
- Profiles
OpenVAS
- Running Scans
Dev-Sec / InSpec
- Analyze systems with InSpec
- Harden systems automatically with Ansible
fail2ban
- Jails
- Actions
Christian Stankowic is Technical Leader at SVA System Vertrieb Alexander GmbH, where he focuses on enterprise Linux, automation and DevOps. He likes to develop open-source tools for the grey boxes in his spare time, which help you solve problems that you wouldn’t have had without them.