Linux is used increasingly as an embedded operating system and has become the backbone of the much touted “Internet of things”. Although we’re constantly warned about cyber hackers and malicious agents exploiting devices on which we depend, not everyone has the knowledge and insight on how to secure these systems.
This course gives a wide overview of current techniques in use and the means and methods to avoid many of the problems facing modern development.
This four day course will give attendees practical, hands-on experience of the impact and means of securing Linux systems against malicious agents via an in-depth look at active exploitation techniques and mitigation.
- Understand the attack vectors used against embedded systems
- Gain a deep knowledge on the methods used and mitigation techniques to secure embedded Linux platforms
- Look at and analyse the available tools for defending against malicious attacks
- Knowledge of a scripting language - (Python/Perl/Bash)
- A good working knowledge of C
- An understanding of Linux userspace
Who should attend:
This course is suitable for anyone using an embedded Linux environment for their products or considering using Linux in such an environment.
It is also well suited to candidates looking for more knowledge on the impact that “hackers” can have on their systems - vectors of attack and the different ways Linux systems can be secured from both local and remote exploitation.
- Delegate handbook.
- Data-key containing lab material.
Each chapter will focus on a particular aspect of the securing Linux story and will be frequently accompanied by a “war story” or related Common Vulnerability and Exposure (CVE) as well as a practical exercise at the end of each section to cement the ideas and information.
- Types of exploits
- Information leaking
- State disclosure
- Tool introduction
The Linux Process Model
- Using Proc to examine a Linux process
- The ELF File Format - text, data and bss
- Execution and environment
Secure C and POSIX Programming
- String Handling
- Integer Under/Overflow
- Anatomy of an exploit
- Using GDB to examine your applications
- The Stack and the Heap
- Safe Alternatives
- Compilation and Linking strategies
The File System
- The UNIX Permission model
- ulimit, inotify, mktemp and race conditions
- Virtual Memory and Paging
- The PATH and ENVironment
- Exploiting Libraries
- Sockets and Bad Practices
- Denial of Service
- Using nmap and wireshark for network analysis
- Anatomy of a network attack