During the presentation, speaker told his story of software protection to ensure the router's performance. He lead the participants through all the stages, from setting up a task to a Linux configuration and Kernel for security. He shared libraries and real examples of using security tools (SSL, ciphersuites, cgroups, tomoyo etc.) and suggest alternative tools.
This presentation by Serhii Voloshynov (Senior Software Engineer, Consultant, GlobalLogic, Kharkiv) was delivered at GlobalLogic Kharkiv Embedded TechTalk #3 on November 16, 2018.
4. Confidential
About Authors
Serhii and Andrii have more than 10
years of development experience.
Recently we implemented mission-
critical secure wireless gateway, and
plans to share experience of building
such systems.
9. Confidential
...The botnet, which
included Smart TVs
and smart fridges,
delivered more than
750,000 malicious
emails.
https://bgr.com/2014/01/20/smart-tvs-fridge-hacked/
18. Confidential
Secure connections - SSL/TLS
- The connection is private (or secure) because symmetric
cryptography is used to encrypt the data transmitted.
- The identity of the communicating parties can be
authenticated using public-key cryptography.
- The connection is reliable because each message
transmitted includes a message integrity check using a
message authentication code to prevent undetected loss
or alteration of the data during transmission.
19. Confidential
Connections - best practices
- Remove default user/account. Use strong passwords
- Use Secure Protocols
- Use Secure Ciphers
- Use proper versions of 3rd party components
- Use proper settings, for instance
https://community.openvpn.net/openvpn/wiki/Hardening
https://raymii.org/s/tutorials/Strong_SSL_Security_On_lighttpd.html
20. Confidential
Mirai
….By the end of its first day, Mirai had
infected over 65,000 IoT devices.
At its peak in November 2016 Mirai had
infected over 600,000 IoT devices.
23. Confidential
Control Groups (cgroups)
Cgroups (abbreviated from control groups) is a
Linux kernel feature that limits, accounts for, and
isolates the resource usage (CPU, memory, disk I/O,
network, etc.) of a collection of processes.
The control groups functionality was merged into
the Linux kernel mainline in kernel version 2.6.24,
which was released in January 2008.
25. Confidential
Tomoyo
Tomoyo Linux is a MAC implementation for Linux
that can be used to increase the security of a
system, while also being useful purely as a
systems analysis tool. It was launched in March
2003.
Tomoyo was merged in Linux Kernel mainline
version 2.6.30 It is currently one of four standard
Linux Security Modules (LSM), along with
SELinux, AppArmor and SMACK.
26. Confidential
Tomoyo Principles
In an operating system (OS), each program or
process is mostly unrestricted in the tasks that
they are able to perform.
A security focused OS should implement some
form of restriction that prevents a process from
performing tasks that they should not perform, or
that the administrator specifically wants to
prevent them from performing.
28. Confidential
Tomoyo Principles - domains
Every process in a system belongs to
a domain, which is determined by its
execution history.
/sbin/init ..... /bin/bash
/sbin/init ..... /usr/sbin/sshd /bin/bash
29. Confidential
Tomoyo Principles - Profiles
Profile 2
Permit requests even if
not permitted by policy
Profile 0
Permit requests
Profile 3
Reject requests unless
permitted by policy
Profile 1
Permit requests after
appending to policy
Не только инвесторы и производители
Не только виндовс
В отличие от домашнего компьютера
Как же обстоит дело у производителей
Самый свежий
Самый курьезный
В процессе анализа
сбанансированность
Криптография с открытым ключом
Шифрование – сокрытие информации, передаваемой от одного компьютера к другому;
Аутентификация – проверка авторства передаваемой информации;
Целостность – обнаружение подмены информации подделкой.
SSL v2 is insecure and must not be used.
SSL v3 is insecure when used with HTTP. It’s also obsolete and shouldn’t be used.
TLS v1.0 is also a legacy protocol that shouldn't be used, but it's typically still necessary in practice.
TLS v1.1 and v1.2 are both without known security issues, but only v1.2 provides modern cryptographic algorithms.
Suites with weak ciphers (typically of 40 and 56 bits) use encryption that can easily be broken.
RC4 is insecure.
3DES is slow and weak.
SSL v2 is insecure and must not be used.
SSL v3 is insecure when used with HTTP. It’s also obsolete and shouldn’t be used.
TLS v1.0 is also a legacy protocol that shouldn't be used, but it's typically still necessary in practice.
TLS v1.1 and v1.2 are both without known security issues, but only v1.2 provides modern cryptographic algorithms.
Suites with weak ciphers (typically of 40 and 56 bits) use encryption that can easily be broken.
RC4 is insecure.
3DES is slow and weak.
Если вы считаете что это очевидные вещи
Управлять рядом ограничений для выбранных множеств процессов в системах на основе ядра Linux можно используя средства Cgroups
Распределять и ограничивать ресурсы
сЕкьюрная ОС
-introduced by Butler W. Lampson in 1971.
-Домены это процессы и взаимосвязь между процессами domain transition. Базовый домен это всегда.О него разрастаются все остальные.
<kernel> - домен<kernel> /sbin/init - доменПри этом учитывается, как был запущен процесс и кто его родитель.
инструменты/конфиг файлы