Presented at
SOURCE Seattle 2017,
Oct. 4, 2017, 10:45 a.m.
(45 minutes)
In this presentation, Jay Beale will demonstrate how an attacker gains access on a server running WordPress and then demonstrate how to break that same attack with a free, open source tool called AppArmor that’s been part of the Linux kernel for years. With his black hat on, he’ll show you how to attack the WordPress server, where he’ll install a web shell and begin scanning for more machines to compromise. Next, Jay will don his white hat and show you how to configure AppArmor to prevent that same attack. AppArmor uses the same Linux Security Modules interface that ties SELinux into the kernel, but doesn’t have the same steep learning curve found in SELinux. You’ll leave this presentation able to use AppArmor to defend a program of your choice on Linux. You’ll also understand what other mechanisms exist at this level of Linux security, including seccomp, containers, and capabilities.
Presenters:
-
Jay Beale
- CTO & COO at InGuardians
Jay Beale (Twitter: @jaybeale and @inguardians) has been working in Linux security since 1999, when he began creating several defensive security tools, including Bastille Linux/UNIX and the CIS Linux Scoring Tool, both of which were used widely throughout industry and government. He has taught the Linux Lockdown class at Black Hat since 2001. He has served as an invited speaker at many industry and government conferences, including Black Hat, Def Con, MISTI, SANS, RSA, ShmooCon, DerbyCon, and LinuxWorldExpo, since 1999. Jay has been a columnist for Information Security Magazine, SecurityPortal and SecurityFocus, and a contributor to nine books, including those in his Open Source Security Series and the “Stealing the Network” series. Jay is a founder and both the CTO and Chief Operating Officer of the information security consulting company InGuardians.
Similar Presentations: