Linux Security 2 – Hardening and Securing your Embedded Linux
Hardening and Securing your Embedded Linux
The security of embedded systems is important today and even more in thefuture.
Linux is dominant as an operating system for embedded devices. Even if there is no great ‘attack’ interest in the device itself, the embedded device can be a gateway for malware to access other systems.
In this course, you will learn to identify your Linux device’s security weaknesses and risks, and to take the necessary countermeasures to avoid threats. You will learn techniques to harden the Linux kernel and network interfaces to withstand attack vectors moving in networks.
Objectives:
• Learn the basics of embedded Linux security.• Understand Linux threat model.• Discover the features in Linux kernel to harden security.• Understand Linux Security Modules• Learn how sandboxing can harden your system’s security.
Course Format and how online training works:
• Online course, 3 days, 6 hours each (excluding break time) total 18 hours.• Course dispensed using Teams video-conferencing system.• The training includes many hands-on exercises.• The trainee receives the course material in PDF format before the training.• Labs are conducted on QEMU ARM-based boards.• The trainee connects to the training platform using his web browser, without having to install any tool.• The trainee has access to all the tools he needs to perform the hands-on labs on a target board like a face-to-face training.
Prerequisites:• C Language knowledge• Secured Embedded Linux Platform Build
For in-house training the agenda can be adapted to your needs. Please ask!
Day One
Defining the threat model for embedded Linux
• Potential security risks to an embedded system
• Threat model for embedded Linux
– Identifying Assets and Threats
– Understanding Attack Vectors
– Identifying Security Weaknesses and Risks
– Analyzing Threats and Evaluating Impact
– Countermeasures and Threat Mitigation
• Reducing Attack Surface
• Common Linux Vulnerabilities
• Vulnerable Linux tools
• Check for known vulnerabilities
Basic security features in Linux
• User and Group Management
• File Permissions and Ownership
– Restrict access to sensitive information
– Limit public access to system files
• Adjusting Systems Services
• Input Validation and Improper Input Handling
– Overview of Input Validation and Its Importance
– Input Validation Techniques
– Preventing and Mitigating Input-Related Attacks
• Stack buffer overflow
– Understanding the impact and techniques for mitigating
– Enabling stack protection mechanisms in the Linux kernel
– Address Space Layout Randomization (ASLR)
– Preventing Stack-based Attacks through code review
Privilege Escalation
• Privilege Escalation Attack Vectors
• Horizontal and Vertical Privilege Escalation
• Exploiting SUID executables
• Escalating privileges through misconfigured services
• Multi-User Escalation
• Buffer overflow attacks
• Mitigating privilege escalation attacks
• Best practices for preventing privilege escalation
Network Hardening
• Network Security Overview
• Securing SSH
• Encrypting network traffic
• Using SSL/TLS certificates
• Virtual Private Network (VPN)
• Wireless Network Security
• Intrusion Detection Systems (IDS) and IntrusionPrevention Systems (IPS)
• Firewall on Linux
– Types of firewalls available in Linux
– Configuring firewall using iptables, firewalld or nftables
Day Two
Day Tree
Nohau Training Partner
This course is provided by a Nohau Training Partner, a trusted provider of hands-on training for professionals in embedded systems, software development, and engineering.
