Abstract
*********
SecDevOps has complex challenges: remote code execution vulnerabilities could lead to a takeover of the backend. Web hosters and Cloud providers have to deal with the extreme: remote code execution as a service by running user code (PHP, NodeJS, Go, dotnet, …).
What does the Linux Kernel provide to contain successful attacks other than a firewall, user separation and permissions? Do Docker containers really contain?
About the Speaker:
*********************
Reinhard Kugler is Principal Security Consultant at SBA Research. He focuses on secure software engineering, infrastructure security and malware analysis. Currently his main activities concentrate on penetration testing.
JMeter webinar - integration with InfluxDB and Grafana
SBA Live Academy - After the overflow: self-defense techniques (Linux Kernel) by Reinhard Kugler
1. Classification: Confidential 2
Willkommen
zur SBA Live Academy
#bleibdaheim #remotelearning
After the Exploit – Linux Self-defense
by Reinhard Kugler
This talk will be recorded as soon as the presentation starts!
Please be sure to turn off your video in your control panel.
6. Classification: Confidential 9
Example: Apache HTTP Server
SBA Research gGmbH, 2020
apache (root)
Underlying operating system
apache (www-data)
tcp/80
tcp/443
Things we do not like
✓ Don‘t run as root
✓ Don‘t permit access to
files of the operating
system
✓ Don‘t run arbitrary
programs
8. Classification: Confidential 11
Example: Apache HTTP Server
SBA Research gGmbH, 2020
Underlying operating system
tcp/80
tcp/443
Rogue process
apache (www-data)
apache (www-data)
Things we do not like
✓ Don‘t run as root
✓ Don‘t permit access to
files of the operating
system
✓ Don‘t run arbitrary
programs
23. Classification: Confidential 33
Professional Services
Penetration Testing
Architecture Reviews
Security Audit
Security Trainings
Incident Response Readiness
ISMS & ISO 27001 Consulting
Forschung & Beratung unter einem Dach
Applied Research
Industrial Security | IIoT Security |
Mathematics for Security Research |
Machine Learning | Blockchain | Network
Security | Sustainable Software Systems |
Usable Security
SBA Research
Knowhow Transfer
SBA Live Academy | sec4dev | Trainings |
Events | Teaching | sbaPRIME
Kontaktieren Sie uns: anfragen@sba-research.org
Reinhard Kugler
rkugler@sba-research.org
24. Classification: Confidential 34
#bleibdaheim #remotelearning
Coming up @ SBA Live Academy
13.05.2020, 13.00 Uhr, live:
„Die COVID-19 Krise und
Simulationsmodelle. Was kann
man sagen? Und was nicht? “
by „Niki Popper (CSO und
Mitgründer der dwh GmbH)“
Treten Sie unserer MeetUp Gruppe bei!
https://www.meetup.com/Security-Meetup-by-SBA-
Research/