Mitigating Hackers with Hardening on Linux - an Overview for Developers, focus on BoF
In this workshop, Learn about buffer overflow & why it’s dangerous to existing and new software. Also, understand how a buffer overflow attack works & how to harden Linux systems applications and OS.
Objective of the workshop
- Learn what BoF (Buffer Overflow) is, and why it’s dangerous to existing and new software
- Actually see how a BoF attack works (with a PoC demo on the popular Raspberry Pi 3 device)
- Learn how to practically harden Linux systems applications and the Operating System itself against such attacks, via various technologies, code-level tools and techniques
- Understand the current security climate in the industry, including why hackers get away with even simplistic attacks, especially on IoT devices
- Learn, as a prerequisite to understanding software hacking, how the software process stack mechanism operates
- Realize that BoF exploits even today form among the highest percentage of technical attacks
Who can attend this workshop?
The workshop is divided into three parts:
Part 1 : any and all IT professionals will benefit from this
Part 2 and Part 3: will really benefit folks with exposure to systems programming with ‘C’ / OS developers (knowledge of basic 'C'/C++, OS basics). In general, people with an interest in security will find Part I useful, software developers (biased towards C/C++) will find all parts useful.
What all will be covered in the workshop
- Security terminology
- Current State of Security
- Tech Preliminary: the software process stack
- BoF (Buffer Overflow) Vulnerabilities - the why and how of it
- Demo of a BoF on an ARM VM / device
- Modern app and OS Hardening Countermeasures
- state of Linux OS in particular
Benefits/Takeaways of this workshop for the attendees
- Eye opener to the need to design and implement software with security in mind
- Current state of security, especially wrt the Linux ecosystem
- What a BoF attack is, and why it's dangerous to IoT (and other) software products
- Anatomy of a BoF attack (with demo on a Raspberry Pi 3 device)
- Current technical tools to make use of during product development
- Importantly, on the Linux OS, what hardening countermeasures could (and should) be made.
Pre-requisites to attend the workshop
- No particular prerequisites for Part 1
- Part 2 and Part 3 do require the participant to be skilled in working with 'C' on Linux/Unix platforms; exposure to systems programming and / or kernel/driver development on Linux is a plus, though not mandatory.
Kaiwan Billimoria has worked in the software industry for close to 30 years now on projects ranging from antivirus solutions on DOS PCs to custom Linux on modern embedded and IoT platforms. He has contributed to opensource, including the Linux kernel and security space. He is the author of 'Hands-On System Programming with Linux', Packt, 2018 and is working on his next book on kernel dev. For over two decades, Kaiwan has been teaching engineers the intracacies of the Linux OS, and how to design and implement code (for robustness and security). It doesn't hurt that he is an ultra-marathoner too (several marathons, a few 50k's and a couple of memorable 100k runs).
Kaiwan N Billimoria