LISBON 10-12
APRIL 2014
LISBON 10-12
APRIL 2014

Edit your talk

Talks > Hard as a rock, shut like a lock

Status

This talk has been approved for this year's edition. Check the calendar for more information.

Language

English

Abstract

Servers get pwnd. That's a fact of life, just like the IRS or death. You can't do much about IRS, or dodge death, but you can at least harden your linux boxes, and make things more difficult for attackers.
Enter GRSecurity. A patch for the linux kernel, providing a ton of security mechanisms that will harden your kernel, and your OS, and not make your life miserable in the process.
In this talk we'll go through the most important features grsec provides, and the advantages of using them, as well as some demos showing how it prevents specific attacks.

Proposal date

2013-12-20 14:33:16

Rate & Comment

You can use this section to optionally comment on this talk (comments are public). Your comment is saved when you press the "comment" button at the bottom. Your thumb decision is private, no one will see it. You can change thumb decision at any time later, the last submission will prevail. You can post as many comments as you want.

You need to be registered and logged in to comment or rate this talk proposal.

Comments

Carlos Rodrigues
on , said:

Hardening is often underestimated or altogether ignored, so I think this may be a good talk. Maybe better if it included something about SELinux (that thing that almost everybody disables) and how it relates to grsecurity.

$geekfactor 0x2

Bruno Morisson
on , said:

+ Carlos Rodrigues, will include info on why I think SELinux sucks :)

$geekfactor 0x0

Filipe Bernardo
on , said:

woowyeah, grsec FTW :)

$geekfactor 0x0

José Lopes (Sá)
on , said:

I've been sitting on GRSecurity for some time, I'll probably be patching before codebits, but will be awesome to see what a pro thinks of it

$geekfactor 0x1

Paulo Pires
on , said:

SELinux? That NSA thing? :-D

$geekfactor 0x0

Jorge Cavaco
on , said:

Interesting ...

$geekfactor 0x1

Rui Grandão Rocha
on , said:

Security is always a plus. Really interested in this one.

$geekfactor 0x0

Igor Antunes
on , said:

Upvoted xD

$geekfactor 0x0

Gustavo Laboreiro
on , said:

What is the downside of using GRSecurity? Why is it not integrated into the kernel mainline? Does it prevent some features? Makes the system harder to use? Impacts user convenience? Could you address these issues on your talk, please?

$geekfactor 0x0

Pedro Costa
on , said:

Computer says yes!!!

$geekfactor 0x0

Pedro Costa
on , said:

Computer says no...

$geekfactor 0x0

Sérgio Laranjeira
on , said:

Security is always a good topic! There is no such thing as too much security.

$geekfactor 0x0

Henrique Rodrigues
on , said:

GRSecurity doesn't get enough attention. I would like to know more about this.

$geekfactor 0x0

Miao Sun
on , said:

Interesting, upvoted!

$geekfactor 0x0

Tiago Sintra
on , said:

I'll be there of course. Teach us, master =)

$geekfactor 0x0

You must log-in in order to comment this.