HardenedBSD Internals

Presented at BSidesDC 2015, Oct. 16, 2015, 9 a.m. (240 minutes).

This class will dive into each individual feature HardenedBSD has completed, how to utilize each feature, and its status in regards to upstreaming to FreeBSD. Live demos will be shared along with sample code.

The HardenedBSD project launched due to the complexity of ASLR and other exploit mitigation techniques being implemented by Shawn Webb and Oliver Pinter. Originally started as simply a staging area to hold code and test it, the HardenedBSD project has become a full-fledged fork of FreeBSD that aims to upstream most of its enhancements. The development team has grown and is lead by Shawn Webb and Oliver Pinter. The project has implemented robust ASLR, mprotect restrictions, ptrace restrictions, procfs/linprocfs restrictions, among many other hardening and exploit mitigation techniques.


Presenters:

  • Shawn Webb - Cofounder at HardenedBSD
    Shawn Webb is an opensource fanboy. Interested in security since a teenager, he's now on the defensive side. He is the cofounder of HardenedBSD and gas worked on several key exploit mitigation technologies for it.

Links:

Similar Presentations: