Mitigating Hackers with Hardening on Linux - an Overview for Developers, focus on BoF

Mitigating Hackers with Hardening on Linux - an Overview for Developers, focus on BoF

In this workshop, Learn about buffer overflow & why it’s dangerous to existing and new software. Also, understand how a buffer overflow attack works & how to harden Linux systems applications and OS.

Speaker/Instructor: Kaiwan N Billimoria, Owner, kaiwanTECH
Date: 15th February 2020
Time: 11:00 AM to 01:30 PM
Venue: Workshop Hall D, KTPO Trade Centre, Bangalore.
Fee: Rs. 2,999/- (Limited seats available)

Objective of the workshop

Primary Takeaways:

  • Learn what BoF (Buffer Overflow) is, and why it’s dangerous to existing and new software
  • Actually see how a BoF attack works (with a PoC demo on the popular Raspberry Pi 3 device)
  • Learn how to practically harden Linux systems applications and the Operating System itself against such attacks, via various technologies, code-level tools and techniques

Secondary Takeaways:

  • Understand the current security climate in the industry, including why hackers get away with even simplistic attacks, especially on IoT devices
  • Learn, as a prerequisite to understanding software hacking, how the software process stack mechanism operates
  • Realize that BoF exploits even today form among the highest percentage of technical attacks

Who can attend this workshop?

The workshop is divided into three parts:

Part 1 : any and all IT professionals will benefit from this

Part 2 and Part 3: will really benefit folks with exposure to systems programming with ‘C’ / OS developers (knowledge of basic 'C'/C++, OS basics). In general, people with an interest in security will find Part I useful, software developers (biased towards C/C++) will find all parts useful.

What all will be covered in the workshop?

Part 1:

  • Security terminology
  • Current State of Security

Part 2:

  • Tech Preliminary: the software process stack
  • BoF (Buffer Overflow) Vulnerabilities - the why and how of it
  • Demo of a BoF on an ARM VM / device

Part 3:

  • Modern app and OS Hardening Countermeasures
  • state of Linux OS in particular

Benefits/Takeaways of this workshop for the attendees

  • Eye opener to the need to design and implement software with security in mind
  • Current state of security, especially wrt the Linux ecosystem
  • What a BoF attack is, and why it's dangerous to IoT (and other) software products
  • Anatomy of a BoF attack (with demo on a Raspberry Pi 3 device)
  • Current technical tools to make use of during product development
  • Importantly, on the Linux OS, what hardening countermeasures could (and should) be made.

Pre-Requisites for Course

  • No particular prerequisites for Part 1
  • Part 2 and Part 3 do require the participant to be skilled in working with 'C' on Linux/Unix platforms; exposure to systems programming and / or kernel/driver development on Linux is a plus, though not mandatory.

About Speakers

Kaiwan N Billimoria
Owner, kaiwanTECH