Mitigating Hackers with Hardening on Linux - an Overview for Developers, focus on BoF
In this workshop, Learn about buffer overflow & why it’s dangerous to existing and new software. Also, understand how a buffer overflow attack works & how to harden Linux systems applications and OS.
Objective of the workshop
- Learn what BoF (Buffer Overflow) is, and why it’s dangerous to existing and new software
- Actually see how a BoF attack works (with a PoC demo on the popular Raspberry Pi 3 device)
- Learn how to practically harden Linux systems applications and the Operating System itself against such attacks, via various technologies, code-level tools and techniques
- Understand the current security climate in the industry, including why hackers get away with even simplistic attacks, especially on IoT devices
- Learn, as a prerequisite to understanding software hacking, how the software process stack mechanism operates
- Realize that BoF exploits even today form among the highest percentage of technical attacks
Who can attend this workshop?
The workshop is divided into three parts:
Part 1 : any and all IT professionals will benefit from this
Part 2 and Part 3: will really benefit folks with exposure to systems programming with ‘C’ / OS developers (knowledge of basic 'C'/C++, OS basics). In general, people with an interest in security will find Part I useful, software developers (biased towards C/C++) will find all parts useful.
What all will be covered in the workshop?
- Security terminology
- Current State of Security
- Tech Preliminary: the software process stack
- BoF (Buffer Overflow) Vulnerabilities - the why and how of it
- Demo of a BoF on an ARM VM / device
- Modern app and OS Hardening Countermeasures
- state of Linux OS in particular
Benefits/Takeaways of this workshop for the attendees
- Eye opener to the need to design and implement software with security in mind
- Current state of security, especially wrt the Linux ecosystem
- What a BoF attack is, and why it's dangerous to IoT (and other) software products
- Anatomy of a BoF attack (with demo on a Raspberry Pi 3 device)
- Current technical tools to make use of during product development
- Importantly, on the Linux OS, what hardening countermeasures could (and should) be made.
Pre-Requisites for Course
- No particular prerequisites for Part 1
- Part 2 and Part 3 do require the participant to be skilled in working with 'C' on Linux/Unix platforms; exposure to systems programming and / or kernel/driver development on Linux is a plus, though not mandatory.
Kaiwan N Billimoria