The state of Linux security in 2016 - CISOfy · PDF fileLINUX SECURITY SUMMIT DIRTY COW Nessus...

Linux SecurityState of Linux Security in 2016

Michael Boelenmichael.boelen@cisofy.com

DBLUG, 7 December 2016

Michael Boelen● Open Source

○ Lynis, Rootkit Hunter

● Business and Community○ Founder of CISOfy○ Board member and program committee NLUUG

2

Blog: Linux-Audit.com

3

Agenda

Topics● Highlights● Future● Discussion

4

Highlights

The Past: Services

● Telnet● “r” services● Finger

6

The Past: Tooling

7

2016

Kernel security● Vulnerabilities● Linus himself● Grsecurity

8

2016

● Drown attack● Dirty COW● Cryptsetup initrd

(root shell)

9

Compromise

● Linux.PNScan (routers)● Linux.Rex.1 (p2p botnet)

10

What about good things?

11

Conferences

12

Core Infrastructure Initiative

● Badge program● Census project● Education● Tooling

13

CII Example

● Questions● Proof● Score

14

The Future

15

Some Thoughts for 2017

● Docker● Nftables● Frameworks● Kernel patching● Auditing

16

Questions?

Connect● Twitter (@mboelen)● LinkedIn (Michael Boelen)

17