Secure Linux Programming

Linux is used increasingly as an embedded operating system and has become the backbone of the much touted “Internet of things”. Although we’re constantly warned about cyber hackers and malicious agents exploiting devices on which we depend, not everyone has the knowledge and insight on how to secure these systems.

This course gives a wide overview of current techniques in use and the means and methods to avoid many of the problems facing modern development.

EL-402
4 days
£2,250
pdf download

Course Outline

Introduction

  • Types of exploits
  •  Information leaking
  • State disclosure
  • Tool introduction

The Linux Process Model

  • Using Proc to examine a Linux process
  • The ELF File Format - text, data and bss
  • Execution and environment

Secure C and POSIX Programming

  • String Handling
  •  Integer Under/Overflow
  • Signals
  • Pointers
  • Anatomy of an exploit
  • Shellcode
  • Using GDB to examine your applications
  • The Stack and the Heap
  • Safe Alternatives
  • Compilation and Linking strategies

The File System

  • The UNIX Permission model
  • ulimit, inotify, mktemp and race conditions
  • Virtual Memory and Paging
  • The PATH and ENVironment
  • Exploiting Libraries

Networking

  • Sockets and Bad Practices
  • Denial of Service
  • Using nmap and wireshark for network analysis
  • Anatomy of a network attack

Course Overview

This 4-day course will give attendees practical, hands-on experience of the impact and means of securing Linux systems against malicious agents via an in-depth look at active exploitation techniques and mitigation.

Course objectives:

  • Understand the attack vectors used against embedded systems
  • Gain a deep knowledge on the methods used and mitigation techniques to secure embedded Linux platforms
  • Look at and analyse the available tools for defending against malicious attacks

Pre-requisites:

  • Knowledge of a scripting language - (Python/Perl/Bash)
  • A good working knowledge of C
  • An understanding of Linux userspace

Who should attend:

This course is suitable for anyone using an embedded Linux environment for their products or considering using Linux in such an environment.

It is also well suited to candidates looking for more knowledge on the impact that “hackers” can have on their systems - vectors of attack and the different ways Linux systems can be secured from both local and remote exploitation.

Duration: 

Four days.

Course materials:

Delegate handbook. Data-key containing lab material.

Related courses:

Course workshop:

Each chapter will focus on a particular aspect of the securing Linux story and will be frequently accompanied by a “war story” or related Common Vulnerability and Exposure (CVE) as well as a practical exercise at the end of each section to cement the ideas and information.