Welcome to Rootkit Country
|
|
- Wesley Fowler
- 5 years ago
- Views:
Transcription
1 Welcome to Rootkit Country CanSecWest 03/2011
2 Graeme Neilson Security Consultant & Researcher Aura Software Security
3 Rootkit == cancerous software A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. Wikipedia BIOS Kernel System Applications
4 Patches and Gum Mandatory access control Memory access restrictions File integrity checks (checksums, hashes) Immutable files (secure run levels, ro filesystems) Signed software Encrypted software
5 UTMs / Firewalls / Routers? Why are they a target? Route traffic Mirror traffic Layer 2 control VPN endpoint Management network connectivity Choke points for many networks Endpoint physical access can be outside owner's control.
6 UTMs / Firewalls / Routers? How can they be attacked? Insider Social Engineering Physical Access Supply Chain [ Exploits ] Can I trust the integrity of the operating systems? How easy is it to rootkit these devices?
7 Platforms
8 1. Go shopping. Roll your 0wn 1. Obtain firmware. Download, backups, compact flash, hard disk, VM 2. Identify the firmware. Linux, FreeBSD, vxworks, proprietary 3. Gain root level access. ñ Break restricted shell ñ Crack password ñ Bypass encryption ñ Reverse engineer firmware ñ NO custom hardware 4. Determine layer to attack. BIOS, Kernel, System, Application
9 WatchGuard OS XTMOS Linux Arch Bootloader Storage i686 GRUB Removable CF Firmware Format Gzip image with custom header Restricted Shell Root access Integrity yes Hardcoded password Checksum command
10 SilkGuard Rootkit Root access: add static compiled shell busybox add authorized_key to /root/.ssh/ remount rootfs read write Layers to attack: kernel, libraries and applications
11 Netgear ProSecure OS Linux Arch MIPS Bootloader GRUB Storage Removable CF Firmware Format SquashFS Root access Random password at boot File System RO unionfs Integrity none
12 NetHill Rootkit Root access: squashsfs 3.4 (big-endian support) new rootfs.img with root password blanked Layers to attack: apt-get can be enabled system-map & config present on system /dev/kmem (LKM), libraries, application
13 CheckPoint Secure Platform OS CP Linux (RHEL) Arch i686 / Virtual Bootloader GRUB Storage ISO Firmware Format ISO Restricted Shell Yes Root access Yes File System ext Integrity none
14 LuckyPoint Rootkit Root access: Built in through expert mode RHEL but no SELinux Layers to attack: System map and config available but /dev/ mem restricted to first 2056 records Libraries and applications
15 Checkpoint Nokia Nokia IP71 common endpoint device for CheckPoint SP - has removable, flashable BIOS - BIOS integrity check is a simple checksum - BIOS modification and rootkit possible
16 Fortinet FortiOS OS Arch Bootloader FortiOS Linux i686 GRUB Storage Firmware Format Gzip Restricted Shell Root access File System Integrity Removable CF yes no Encrypted AES CBC FortiBIOS Firmware encrypted, signed & hashed
17 Export-F Rootkit Root access: Fortigate will load firmware with no certificate, no hash, unencrypted start of MBR must contain a filename matching a device & version ID kernel must have a specific name Layers to attack: Load replacement kernel and file system
18 Sonicwall OS Arch Bootloader? Storage SonicOS vxworks i686 Secure Compact Flash Firmware Format Encrypted / Compressed Restricted Shell Root access File System Integrity Yes No vxworks Signature
19 Cancer Free Root access: Removable Storage Compact Flash...but its unreadable... Removable BIOS...but its unreadable... Firmware can be backed up...but its signed...
20 Cisco IOS - Da Los Rootkit Sebastian Muniz, Killing the myth of Cisco IOS rootkits: DIK OS IOS Arch MIPS / PowerPC Bootloader Proprietary Storage Flash Firmware Format Compressed Restricted Shell Yes Root access No File System Memory Integrity Checksum
21 Juniper ScreenOS OS Arch Bootloader Storage ScreenOS PowerPC Proprietary Flash Firmware Format Compressed (modded LZMA or GZIP) Restricted Shell Root access File System Integrity Yes No Memory Checksum, optional signature
22 l Hand code PowerPC ASM into firmware Junboro Light Rootkit Root Access: l Firmware is compressed (non standard LZMA header) l Reverse engineer format l Disassemble ScreenOS Reverse engineer firmware checksum algorithm l Firmware is signed but certificate can be loaded and unloaded Layers to attack: l Flat memory, monolithic firmware, access to everything
23 Juniper JUNOS OS Arch Bootloader Storage ScreenOS i686 / Virtual FreeBSD Flash, HDD Firmware Format Package Restricted Shell Root access File System Memory Yes Yes RO iso9660 Restricted access Integrity Veriexec, secure level 1, Package hashes, optional signature
24 Junboro Rootkit Root access Root by default but there are restrictions JUNOS binaries are symlinks from rw fs to iso9660 ro fs Secure run level 1 is set Veriexec used for integrity and to stop unknown binaries running +x shell scripts will not run directly but will run if invoked by /bin/sh Layers to attack: JUNOS doesn't require/enforce signed packages Install trojaned package using customised +INSTALL script
25 Demos Make Arch OS 1. Fortinet Intel Linux 2. Juniper PPC ScreenOS 3. Juniper VM JUNOS
26 Device & OS Encrypt Sign Immutable Integrity Memory Sonicwall Y Y Y Y - Juniper JUNOS N Y Y Y - Fortinet Y Y N Y - Juniper ScreenOS N Y N Y - Cisco IOS N N N Y - Checkpoint N N N N Y Netgear N N N N N Watchguard N N N N N
27 Conclusion Some platforms don't even try to ensure integrity A PS3 has better integrity protection than most platforms (IP vs your data?) Often signatures and encryption requirements can be bypassed Do periodic offline comparisons of system binary / firmware hashes Check supply chain, third party support
28 References Runtime Kernel Mem Patching, Silvio Cesare Killing the myth of Cisco IOS rootkits: DIK (Da Ios rootkit), Hacking Grub for fun and profit, Phrack Volume 0x0b, Issue 0x3f, CoolQ Static Kernel Patching, Phrack Volume 0x0b, Issue 0x3c, jbtzhm Playing Games With Kernel Memory... FreeBSD Style, Phrack Volume 0x0b, Issue 0x3f, Joseph Kong Implementing and detecting ACPI BIOS rootkit, BH-Fed-06-Heasman.pdf
29 Questions?
Netscreen of the Dead Developing a Trojaned Firmware for Juniper Netscreen Appliances
Netscreen of the Dead Developing a Trojaned Firmware for Juniper Netscreen Appliances Cast Graeme Neilson Security Consultant Aura Software Security graeme@aurasoftwaresecurity.co.nz Trailer What if a
More informationEmbedded lightweight unix
Embedded lightweight unix ELWIX its free now! Universal embedded system http://www.elwix.org/ Michael Pounov Since 2004 like propriatary OS Give best practices and features from *BSD
More informationAndroid Bootloader and Verified Boot
Android Bootloader and Verified Boot Lecture 7 Security of Mobile Devices 2018 SMD Android Bootloader and Verified Boot, Lecture 7 1/38 Bootloader Recovery Verified Boot Bibliography SMD Android Bootloader
More informationBasic Linux Security. Roman Bohuk University of Virginia
Basic Linux Security Roman Bohuk University of Virginia What is Linux? An open source operating system Project started by Linus Torvalds kernel Kernel: core program that controls everything else (controls
More informationTPM v.s. Embedded Board. James Y
TPM v.s. Embedded Board James Y What Is A Trusted Platform Module? (TPM 1.2) TPM 1.2 on the Enano-8523 that: How Safe is your INFORMATION? Protects secrets from attackers Performs cryptographic functions
More informationOwning the Network: Adventures in Router Rootkits
Owning the Network: Adventures in Router Rootkits Michael Coppola Who am I? Security Consultant at Virtual Security Research in Boston, MA (we're hiring!) Student at Northeastern University Did some stuff,
More informationTUX : Trust Update on Linux Kernel
TUX : Trust Update on Linux Kernel Suhho Lee Mobile OS Lab, Dankook university suhho1993@gmail.com -- Hyunik Kim, and Seehwan Yoo {eternity13, seehwan.yoo}@dankook.ac.kr Index Intro Background Threat Model
More informationSystems View -- Current. Trustworthy Computing. TC Advantages. Systems View -- Target. Bootstrapping a typical PC. Boot Guarantees
Trustworthy Computing s View -- Current Trent Jaeger February 18, 2004 Process 1 Web server Process 2 Mail server Process 3 Java VM Operating Hardware (CPU, MMU, I/O devices) s View -- Target TC Advantages
More informationHackveda Training - Ethical Hacking, Networking & Security
Hackveda Training - Ethical Hacking, Networking & Security Day1: Hacking windows 7 / 8 system and security Part1 a.) Windows Login Password Bypass manually without CD / DVD b.) Windows Login Password Bypass
More informationThe Early System Start-Up Process. Group Presentation by: Tianyuan Liu, Caiwei He, Krishna Parasuram Srinivasan, Wenbin Xu
The Early System Start-Up Process Group Presentation by: Tianyuan Liu, Caiwei He, Krishna Parasuram Srinivasan, Wenbin Xu 1 Boot Process Booting is the initialization of a computerized system In Linux,
More informationSubverting the Linux Kernel Linux Kernel Rootkits 101
Subverting the Linux Kernel Linux Kernel Rootkits 101 Kernel Rootkits? A collection of program(s) that hide an attacker's presence and activities on a compromised system Typically allows an attacker to
More informationLinux Systems Security. Security Design NETS Fall 2016
Linux Systems Security Security Design NETS1028 - Fall 2016 Designing a Security Approach Physical access Boot control Service availability and control User access Change control Data protection and backup
More informationBinary Analysis Tool
Binary Analysis Tool Quick Start Guide This tool was developed by: Sponsored by Version 4 Table of Contents Getting and installing the tool...3 Technical requirements...3 Get the tool...3 Confirm it is
More informationPersistent BIOS Infection
CORE SECURITY TECHNOLOGIES 2009 Persistent BIOS Infection The early bird catches the worm Anibal L. Sacco (Ssr Exploit writer) Alfredo A. Ortega (Ssr Exploit writer) Agenda Introduction A bit of history
More informationUEFI Secure Boot and DRI. Kalyan Kumar N
UEFI Secure Boot and DRI Kalyan Kumar N Agenda Introduction RDK Boot Loader DRI (Disaster Recovery Image) RootFS Validation Build Environment Introduction Standardization of the RDK set-top box firmware
More informationFirmware Rootkits: The Threat to the Enterprise. John Heasman, Director of Research
Firmware Rootkits: The Threat to the Enterprise John Heasman, Director of Research Agenda Recap of ACPI BIOS rootkit and limitations Brief overview of the PCI Bus Abusing expansion ROMs Abusing PXE Detection,
More informationBootloader D. Balakrishna, Research Associate, IIIT-H Bootloaders are important when we are developing embedded systems, depending on the capabilities of the board and processor on which an embedded system
More informationStrengthening the Chain of Trust. Kevin Lane HP Jeff Bobzin Insyde Software
presented by Strengthening the Chain of Trust Kevin Lane HP Jeff Bobzin Insyde Software August Updated 22, 2014 2011-06-01 Agenda Quick Intro to UEFI UEFI Myths Using Linux + Secure Boot Continuing the
More informationAdding hardware support to Buildroot
Adding hardware support to Buildroot Pierre Ficheux (pierre.ficheux@openwide.fr) CTO Open Wide / OS4I 08/07/2010 1 Several ways to get a distribution Using commercial product (Wind River, MV, ) => / $$$
More informationOperating system hardening
Operating system Comp Sci 3600 Security Outline 1 2 3 4 5 6 What is OS? Hardening process that includes planning, ation, uration, update, and maintenance of the operating system and the key applications
More information5. Easy Installation and Management
5. Easy Installation and Management 5.1. Provided as Software Programs SoftEther VPN is not a hardware VPN product. You can download it and install it today on your computer. If you want to try SoftEther
More informationABOUT ZEPCAM SOFTWARE INSTALLATION MANAGEMENT AND BACKUPS. Description What is it Installation requirement Server requirement
1 ABOUT ZEPCAM SOFTWARE Description What is it Installation requirement Server requirement INSTALLATION Create a bootable USB Networking Disk partitioning Bootloader configuration Setup Registration Administrator
More informationOS Security IV: Virtualization and Trusted Computing
1 OS Security IV: Virtualization and Trusted Computing Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 More questions? 3 Virtual machine monitor +-----------+----------------+-------------+
More information1Z Oracle Linux 6 Implementation Essentials Exam Summary Syllabus Questions
1Z0-460 Oracle Linux 6 Implementation Essentials Exam Summary Syllabus Questions Table of Contents Introduction to 1Z0-460 Exam on Oracle Linux 6 Implementation Essentials.. 2 Oracle 1Z0-460 Certification
More informationKey Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge
Key Threats Internet was just growing Mail was on the verge Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering Key Threats Code Red and Nimda (2001), Blaster (2003), Slammer
More informationCOS 318: Operating Systems. File Systems. Topics. Evolved Data Center Storage Hierarchy. Traditional Data Center Storage Hierarchy
Topics COS 318: Operating Systems File Systems hierarchy File system abstraction File system operations File system protection 2 Traditional Data Center Hierarchy Evolved Data Center Hierarchy Clients
More informationTERRA. Boneh. A virtual machine-based platform for trusted computing. Presented by: David Rager November 10, 2004
TERRA Authored by: Garfinkel,, Pfaff, Chow, Rosenblum,, and Boneh A virtual machine-based platform for trusted computing Presented by: David Rager November 10, 2004 Why there exists a need Commodity OS
More informationStrategic Infrastructure Security
Strategic Infrastructure Security Course Number: SCPSIS Length: Certification Exam There are no exams currently associated with this course. Course Overview This course picks up right where Tactical Perimeter
More informationInstallation of Fedora 12 with CD
Prepared by investech.wordpress.com Installation of Fedora 12 with Net Install CD Version 1.0 investech.wordpress.com 07-12-09 This document is produced under Creative Common License (Attribution No Derivatives).
More informationHost. Computer system #1. Host Hardening
Host Hardening Series of actions to be taken in order to make it hard for an attacker to successfully attack computers in a network environment (March 28, 2016) Abdou Illia Spring 2016 Host In network
More informationCourse 55187B Linux System Administration
Course Outline Module 1: System Startup and Shutdown This module explains how to manage startup and shutdown processes in Linux. Understanding the Boot Sequence The Grand Unified Boot Loader GRUB Configuration
More informationQUICKSTART GUIDE FOR BRANCH SRX SERIES SERVICES GATEWAYS
APPLICATION NOTE QUICKSTART GUIDE FOR BRANCH SRX SERIES SERVICES GATEWAYS Configuring Basic Security and Connectivity on Branch SRX Series Services Gateways Copyright 2009, Juniper Networks, Inc. Table
More informationStorage and File System
COS 318: Operating Systems Storage and File System Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall10/cos318/ Topics Storage hierarchy File
More informationCIT 480: Securing Computer Systems
CIT 480: Securing Computer Systems Operating System Security CIT 480: Securing Computer Systems Slide #1 Topics 1. OS Security Features 2. Bypassing OS Security 1. Boot time security 2. BIOS security 3.
More informationSoftware Vulnerability Assessment & Secure Storage
Software Vulnerability Assessment & Secure Storage 1 Software Vulnerability Assessment Vulnerability assessment is the process of identifying flaws that reside in an OS, application software or devices
More informationAdvanced Unix System Administration
Advanced Unix System Administration Lecture 5 February 14, 2007 Steven Luo Shared Libraries The dynamic linker Binaries have a symbol table containing functions, etc. and
More informationTrusted Computing and O/S Security. Aggelos Kiayias Justin Neumann
Trusted Computing and O/S Security Aggelos Kiayias Justin Neumann O/S Security Fundamental concept for O/S Security: separation. hardware kernel system user Each layer may try to verify the outer layer
More informationObjectives. Classes of threats to networks. Network Security. Common types of network attack. Mitigation techniques to protect against threats
ITE I Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Objectives Enterprise Network Security Describe the general methods used to mitigate security threats to Enterprise networks
More informationUsing Linux as a Secure Boot Loader for OpenPOWER Servers
Using Linux as a Secure Boot Loader for OpenPOWER Servers Nayna Jain Thiago Jung Bauermann IBM Linux Technology Center Disclaimer This work represents the view of the author and does not necessarily represent
More informationOperating systems and security - Overview
Operating systems and security - Overview Protection in Operating systems Protected objects Protecting memory, files User authentication, especially passwords Trusted operating systems, security kernels,
More informationOperating systems and security - Overview
Operating systems and security - Overview Protection in Operating systems Protected objects Protecting memory, files User authentication, especially passwords Trusted operating systems, security kernels,
More informationSurviving in the wilderness integrity protection and system update. Patrick Ohly, Intel Open Source Technology Center Preliminary version
Surviving in the wilderness integrity protection and system update Patrick Ohly, Intel Open Source Technology Center Preliminary version Motivation for the talk Why bother? Why yet another talk? What s
More informationLogging In to the Sensor
CHAPTER 12 This chapter explains how to log in to the sensor. It contains the following sections: Overview, page 12-1 Supported User Roles, page 12-1 Logging In to the Appliance, page 12-2 Connecting an
More informationCOMMAND. JTAC support info. request suport information. Restore factory settins
COMMAND JTAC support info request suport information Restore factory settins load override /packages/mnt/jbase/sbin/install/default-juniper.conf load factory-default Shell Commands (file related) start
More informationCST8177 Linux II. Linux Boot Process
CST8177 Linux II Linux Boot Process Reference information from the text, http://www.linuxdoc.org and several other web sites Linux Boot Process Topics covered in this slide-set Basic definition of the
More informationWell, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via
Well, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers. Michael Cherny @chernymi Sagie Dulce @SagieSec
More informationTrusted Computing and O/S Security
Computer Security Spring 2008 Trusted Computing and O/S Security Aggelos Kiayias University of Connecticut O/S Security Fundamental concept for O/S Security: separation. hardware kernel system user Each
More informationI Don't Want to Sleep Tonight:
I Don't Want to Sleep Tonight: Subverting Intel TXT with S3 Sleep Seunghun Han, Jun-Hyeok Park (hanseunghun parkparkqw)@nsr.re.kr Wook Shin, Junghwan Kang, HyoungChun Kim (wshin ultract khche)@nsr.re.kr
More informationEXAM - JN ACX, Specialist (JNCIS-ACX) Buy Full Product.
Juniper EXAM - JN0-740 ACX, Specialist (JNCIS-ACX) Buy Full Product http://www.examskey.com/jn0-740.html Examskey Juniper JN0-740 exam demo product is here for you to test the quality of the product. This
More informationEMBEDDED LINUX ON ARM9 Weekend Workshop
Here to take you beyond EMBEDDED LINUX ON ARM9 Weekend Workshop Embedded Linux on ARM9 Weekend workshop Objectives: Get you exposed with various trends in Embedded OS Leverage Opensource tools to build
More information18-642: Security Mitigation & Validation
18-642: Security Mitigation & Validation 11/27/2017 Security Migitation & Validation Anti-Patterns for security mitigation & validation Poorly considered password policy Poorly considered privilege management
More informationIntroduction p. 1 Why Linux? p. 2 Embedded Linux Today p. 3 Open Source and the GPL p. 3 Free Versus Freedom p. 4 Standards and Relevant Bodies p.
Foreword p. xix Preface p. xxi Acknowledgments p. xxvii About the Author p. xxix Introduction p. 1 Why Linux? p. 2 Embedded Linux Today p. 3 Open Source and the GPL p. 3 Free Versus Freedom p. 4 Standards
More informationLinux Essentials. Smith, Roderick W. Table of Contents ISBN-13: Introduction xvii. Chapter 1 Selecting an Operating System 1
Linux Essentials Smith, Roderick W. ISBN-13: 9781118106792 Table of Contents Introduction xvii Chapter 1 Selecting an Operating System 1 What Is an OS? 1 What Is a Kernel? 1 What Else Identifies an OS?
More informationCompTIA Linux+ Guide to Linux Certification Fourth Edition. Chapter 2 Linux Installation and Usage
CompTIA Linux+ Guide to Linux Certification Fourth Edition Chapter 2 Linux Installation and Usage Objectives Prepare for and install Fedora Linux using good practices Outline the structure of the Linux
More informationLinux+ Guide to Linux Certification, Third Edition. Chapter 2 Linux Installation and Usage
Linux+ Guide to Linux Certification, Third Edition Chapter 2 Linux Installation and Usage Objectives Install Red Hat Fedora Linux using good practices Outline the structure of the Linux interface Enter
More informationHITB Amsterdam
Closer to metal: Reverse engineering the Broadcom NetExtreme s firmware Guillaume Delugré Sogeti / ESEC R&D guillaume(at)security-labs.org HITB 2011 - Amsterdam Purpose of this presentation G. Delugré
More informationMan in the Middle Attacks and Secured Communications
FEBRUARY 2018 Abstract This document will discuss the interplay between Man in The Middle (MiTM/ MITM) attacks and the security technologies that are deployed to prevent them. The discussion will follow
More informationAccessing and Using GRUB Mode
About GRUB Mode and the Configuration Register, page 1 Accessing GRUB Mode, page 2 Using the GRUB Menu, page 3 Modifying the Configuration Register (confreg), page 4 Changing the Configuration Register
More informationINSTALLATION. Security of Information and Communication Systems
Security of Information and Communication Systems INSTALLATION Table of contents 1.Introduction...2 2.Installation...3 2.1.Hardware requirement...3 2.2.Installation of the system...3 2.3.Installation of
More informationCisco Secure Boot and Trust Anchor Module Differentiation
Solution Overview Cisco Secure Boot and Trust Anchor Module Differentiation Cisco Trust Anchor Technologies provide the foundation for Cisco Trustworthy Systems. Cisco Secure Boot helps ensure that the
More informationSysadminSG RHCSA Study Guide
SysadminSG RHCSA Study Guide This is the RHCSA Study Guide for the System Administration Study Group. The study guide is intended to be printed by those who wish to study common tasks performed by many
More informationVNS3 Configuration. Quick Launch for first time VNS3 users in Azure
VNS3 Configuration Quick Launch for first time VNS3 users in Azure Table of Contents Setup 3 Notes 9 Create a Static IP 12 Create a Network Security Group 14 Launch VNS3 from Marketplace 19 VNS3 Unencrypted
More informationWhy bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions?
Jeroen van Beek 1 Why bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions? 2 Inadequate OS and application security: Data abuse Stolen information Bandwidth
More informationIntrusion Prevention Method on LKM (Loadable Kernel Module) Backdoor Attack. Ji-Ho CHO, Han LEE, Jeong-Min KIM and Geuk LEE *
2016 International Conference on Applied Mathematics and Mechanics (ICAMM 2016) ISBN: 978-1-60595-399-1 Intrusion Prevention Method on LKM (Loadable Kernel Module) Backdoor Attack Ji-Ho CHO, Han LEE, Jeong-Min
More informationJanuary 28 29, 2014San Jose. Engineering Workshop
January 28 29, 2014San Jose Open Network Linux A Common Linux Platform for OCP Switches Rob Sherwood Big Switch Networks CTO Outline Proposed in November OCP workshop Goal: Common community target à faster
More informationAt course completion. Overview. Audience profile. Course Outline. : 55187B: Linux System Administration. Course Outline :: 55187B::
Module Title Duration : 55187B: Linux System Administration : 4 days Overview This four-day instructor-led course is designed to provide students with the necessary skills and abilities to work as a professional
More informationViral Infections in Cisco IOS
Viral Infections in Cisco IOS Ariel Futoransky Black Hat USA Las Vegas, August 2008 Researchers Gerardo Richarte Corelabs Core Security Technologies Sebastián Muñiz Sr. Exploit Writer Core Security Technologies
More informationExpert Reference Series of White Papers. BitLocker: Is It Really Secure? COURSES.
Expert Reference Series of White Papers BitLocker: Is It Really Secure? 1-800-COURSES www.globalknowledge.com BitLocker: Is It Really Secure? Mark Mizrahi, Global Knowledge Instructor, MCSE, MCT, CEH Introduction:
More informationThe Big Chill. Freezing Data for Analysis
The Big Chill Freezing Data for Analysis The Magic Button Absolute Zero Processes Disks Memory Network Internet... Or, speed yourself up Heisenberg s Principle of System Analysis Real - impossible to know
More informationAccurate study guides, High passing rate! IT TEST BOOK QUESTION & ANSWER. Ittestbook provides update free of charge in one year!
IT TEST BOOK QUESTION & ANSWER Ittestbook provides update free of charge in one year! Accurate study guides, High passing rate! Exam : RH133 Title : Red Hat Linux System Administration Version : Demo 1
More informationRooting Android. Lecture 10. Security of Mobile Devices. SMD Rooting Android, Lecture 10 1/33
Rooting Android Lecture 10 Security of Mobile Devices 2018 SMD Rooting Android, Lecture 10 1/33 Root Root Access on Different Types of Builds Root Access on Production Builds Full Rooting Tutorial Bibliography
More informationHow To Reinstall Grub In Windows 7 Without Losing Data And Programs
How To Reinstall Grub In Windows 7 Without Losing Data And Programs So if I install Windows 7 using CD again, will I lose Ubuntu? then yes you will lose Ubuntu, however if you reinstall Windows without
More informationExam Questions RH133
Exam Questions RH133 Red Hat Linux System Administration https://www.2passeasy.com/dumps/rh133/ 1.John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network.
More informationSystem Configuration as a Privilege
System Configuration as a Privilege Glenn Wurster, Paul C. van Oorschot School of Computer Science Carleton University, Canada HotSec 2009 11 Aug 2009 Glenn Wurster, Paul C. van Oorschot System Config
More informationAlternatives to Solaris Containers and ZFS for Linux on System z
Alternatives to Solaris Containers and ZFS for Linux on System z Cameron Seader (cs@suse.com) SUSE Tuesday, March 11, 2014 Session Number 14540 Agenda Quick Overview of Solaris Containers and ZFS Linux
More information"Charting the Course... MOC B: Linux System Administration. Course Summary
Description Course Summary This four-day instructor-led course is designed to provide students with the necessary skills and abilities to work as a professional Linux system administrator. The course covers
More informationComputer Network Vulnerabilities
Computer Network Vulnerabilities Objectives Explain how routers are used to protect networks Describe firewall technology Describe intrusion detection systems Describe honeypots Routers Routers are like
More informationInstalling caos with Cinch on Floppy Disk
Installing caos with Cinch on Floppy Disk Troy Andrew Johnson May 21, 2004 Abstract cinch is the caos Linux (http://www.caosity.org/) installer. Prerequisites What you need: two floppy disks (at least)
More informationFRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months
FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months MODULE: INTRODUCTION TO INFORMATION SECURITY INFORMATION SECURITY ESSENTIAL TERMINOLOGIES
More informationDocker for HPC? Yes, Singularity! Josef Hrabal
Docker for HPC? Yes, Singularity! Josef Hrabal IT4Innovations josef.hrabal@vsb.cz support@it4i.cz Virtual Machine Hardware (CPU, Memory, NIC, HDD) Host OS (Windows, Linux, MacOS) Hypervisor (VirtualBox,
More informationUEFI, SecureBoot, DeviceGuard, TPM a WHB (un)related technologies
GOLD PARTNER: Hlavní partner: Hlavní odborný partner: UEFI, SecureBoot, DeviceGuard, TPM a WHB (un)related technologies Ing. Ondřej Ševeček GOPAS a.s. MCSM:Directory MVP:Security CISA CISM CEH CHFI ondrej@sevecek.com
More information(Ubuntu 10.04), the installation command is slightly different.
Grub Manual Install Ubuntu 10.04 Without 1st option : get a disk including Boot-Repair, 2nd option : install Boot-Repair in Ubuntu or when you can't boot Windows after installing Ubuntu, or when GRUB is
More informationGladiator Incident Alert
Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates,
More informationViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project
ViryaOS RFC: Secure Containers for Embedded and IoT A proposal for a new Xen Project sub-project Stefano Stabellini @stabellinist The problem Package applications for the target Contain all dependencies
More informationAcronis Disk Director 11 Home. Quick Start Guide
Acronis Disk Director 11 Home Quick Start Guide Copyright Acronis, Inc., 2000-2010. All rights reserved. "Acronis", "Acronis Compute with Confidence", "Acronis Recovery Manager", "Acronis Secure Zone",
More informationArch Linux Grub You Need To Load The Kernel First
Arch Linux Grub You Need To Load The Kernel First Preface. A bootloader is the first software program that runs when a computer starts. It is responsible for loading and transferring control to the Linux
More informationDigging Into The Core of Boot
Digging Into The Core of Boot Yuriy Bulygin Oleksandr Bazhaniuk @c7zero @ABazhaniuk Agenda Intro Recap of MMIO BAR Issues in Coreboot & UEFI Coreboot ACPI GNVS Pointer Issue SMI Handler Issues in Coreboot
More informationStorage and File Hierarchy
COS 318: Operating Systems Storage and File Hierarchy Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics Storage hierarchy File system
More informationUndermining the Linux Kernel: Malicious Code Injec:on via /dev/mem
Undermining the Linux Kernel: Malicious Code Injec:on via /dev/mem Anthony Lineberry anthony.lineberry@gmail.com Black Hat Europe 2009 Overview What is a rootkit? Why is protec:on difficult? Current protec:on
More informationHow To Reinstall Grub In Windows 7 With Cd Rom
How To Reinstall Grub In Windows 7 With Cd Rom Sep 23, 2014. I have the Windows 7 install disk (not an upgrade disk). it to CD-ROM, from there you can install windows by inserting the w7 disc and following
More informationCOS 318: Operating Systems
COS 318: Operating Systems File Systems: Abstractions and Protection Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics What s behind
More informationFreeSWAN with Netgear ProSafe VPN Client
FreeSWAN with Netgear ProSafe VPN Client Mini Howto - setup & Configure Netgear ProSafe VPN Client V10.1 (on Win2K Pro) & FreeSWAN V1.98b with Certificates. By Ratware (April 2004) Netgear ProSafe VPN
More informationSimple custom Linux distributions with LinuxKit. Justin Cormack
Simple custom Linux distributions with LinuxKit Justin Cormack Who am I? Engineer at Docker in Cambridge, UK. @justincormack 3 Tools for building custom Linux Tools for building custom Linux Existing
More informationWhy bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions?
Jeroen van Beek 1 Why bother? Default configurations Buffer overflows Authentication mechanisms Reverse engineering Questions? 2 Inadequate OS and application security: Data abuse Stolen information Bandwidth
More informationScreenOS 5.4.0r4 FIPS Reference Note
31 January 2008 Part No. 093-1649-000 Revision 02 Before You Begin Before carrying out any step to secure a Juniper Networks security appliance, check that the product has not been tampered with. You should
More informationPRODUCT DOCUMENTATION. Backup & Replication v5.0. User Guide.
PRODUCT DOCUMENTATION User Guide Backup & Replication v5.0 www.nakivo.com Table of Contents Solution Architecture... 4 Deployment...11 System Requirements... 12 Deployment Scenarios... 15 Installing NAKIVO
More informationOP-TEE Using TrustZone to Protect Our Own Secrets
OP-TEE Using TrustZone to Protect Our Own Secrets ROM-Code Bootloader Kernel Root File System ELC Europe 2017, 23.10.2016 Marc Kleine-Budde Slide 1 - http://www.pengutronix.de - 2017-10-23
More informationThe Geometry of Innocent Flesh on the Bone
The Geometry of Innocent Flesh on the Bone Return-into-libc without Function Calls (on the x86) Hovav Shacham hovav@cs.ucsd.edu CCS 07 Technical Background Gadget: a short instructions sequence (e.x. pop
More informationComputer System Administration Homework 3 File Server. fchsieh / zswu
Computer System Administration Homework 3 File Server fchsieh / zswu Overview Image that you are a TA of course, the professor want you to build a file server that students can submit their homework To
More informationAdvanced x86: BIOS and System Management Mode Internals UEFI SecureBoot. Xeno Kovah && Corey Kallenberg LegbaCore, LLC
Advanced x86: BIOS and System Management Mode Internals UEFI SecureBoot Xeno Kovah && Corey Kallenberg LegbaCore, LLC All materials are licensed under a Creative Commons Share Alike license. http://creativecommons.org/licenses/by-sa/3.0/
More information