2017-023-Jay_Beale_Securing Linux-LXC-Selinux-Apparmor-Jails_and_more

1:09:44
 
Share
 
Archive this series
By Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio streamed directly from their servers.

Direct Link: http://traffic.libsyn.com/brakeingsecurity/2017-023-Jay_Beale-selinux-apparmor-securing_lxc.mp3

Jay Beale works for a pentest firm called "Inguardians", and has always been a fierce friend of the show. He's running a class at both BlackHat and Defcon all about hardening various parts of the Linux OS. This week, we discuss some of the concepts he teaches in the class.

Why do we disable Selinux? Is it as difficult to enable as everyone believes? What benefit do we get from using it?

We also discuss other hardening applications, like ModSecurity for Apache, Suhosin for PHP, and Linux Containers (LXC). What is gained by using these, and how can we use these to our advantage?

Really great discussion with Jay, and please sign up for his class for a two day in-depth discussion of all the technologies discussed on the show.

--------

Jay Beale’s Class “aikido on the command line: hardening and containment”

JULY 22-23 & JULY 24-25 AT BlackHat and Defcon

https://www.blackhat.com/us-17/training/aikido-on-the-command-line-linux-hardening-and-containment.html

-------

Brakesec also announces our "PowerShell for Blue Teamers and Incident Responders" with Mick Douglas (@bettersafetynet). A 6 week course starting with the basics of powershell, and goes into discussion of frameworks using Powershell too assist in assessing your network. It starts on 10 July and run each Monday evening until 14 August 2017. You'll receive a certificate suitable for CPE credit, as well as the videos of the class available to you on our YouTube channel.

To sign up, go to our Patreon Page (http://www.patreon.com/bds_podcast) and sign up at the $20 USD level labeled "Blue Team Powershell - Attendee". If you are looking to just get the videos and follow along in class, pick the $10 USD "Blue Team Powershell - Attendee- Videos Only" Classes will be held on Monday Evenings only for 5 weeks, ending on 1 August.

#RSS: www.brakeingsecurity.com/rss

Youtube Channel: https://www.youtube.com/channel/UCZFjAqFb4A60M1TMa0t1KXw

iTunes Store Link: https://itunes.apple.com/us/podcast/brakeing-down-security-podcast/id799131292?mt=2

#Google Play Store: https://play.google.com/music/m/Ifp5boyverbo4yywxnbydtzljcy?t=Brakeing_Down_Security_podcast

Join our #Slack Channel! Sign up at https://brakesec.signup.team

#iHeartRadio App: https://www.iheart.com/show/263-Brakeing-Down-Securi/

#SoundCloud: https://www.soundcloud.com/bryan-brake

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast on #Patreon: https://www.patreon.com/bds_podcast

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://player.fm/series/brakeing-down-security-podcast

#Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr

#TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/

---

Show Notes:

AppArmor

SELinux

Privilege Escalation - InGuardians Murderboard

Port Knocking (Single Pack Authorization)

OSSEC

ModSecurity

Linux Containers

Jess frizelle -bane

Dan walsh - selinux

Selinux troubleshoot daemon

https://en.wikipedia.org/wiki/System_call

“In computing, a system call is the programmatic way in which a computer program requests a service from the kernel of the operating system it is executed on. This may include hardware-related services (for example, accessing a hard disk drive), creation and execution of new processes, and communication with integral kernel services such as process scheduling. System calls provide an essential interface between a process and the operating system.”

OpenBSD pledge(2): https://man.openbsd.org/pledge.2

https://www.raspberrypi.org/products/raspberry-pi-2-model-b/

Suhosin

https://www.blackhat.com/us-17/training/aikido-on-the-command-line-linux-hardening-and-containment.html

@inguardians

@jaybeale

www.inguardians.com

----

What are you doing at Black Hat and Def Con?

  • Training class at Black Hat - 2 days
  • Def Con Workshop - ModSecurity and AppArmor - 4 hours
  • Packet Hacking Village Workshop - Container security
  • Vapor Trail at Def Con Labs (Larry and Galen)
  • Dancing my butt off?

198 episodes available. A new episode about every 7 days averaging 62 mins duration .