Home > On-Demand Archives > Q&A Sessions >

Live Q&A - Hardening Linux for Embedded Systems

Aljoscha Lautenbach - Watch Now - EOC 2024

Live Q&A - Hardening Linux for Embedded Systems
Aljoscha Lautenbach
Live Q&A with Aljoscha Lautenbach for the talk titled Hardening Linux for Embedded Systems
M↓ MARKDOWN HELP
italicssurround text with
*asterisks*
boldsurround text with
**two asterisks**
hyperlink
[hyperlink](https://example.com)
or just a bare URL
code
surround text with
`backticks`
strikethroughsurround text with
~~two tilde characters~~
quote
prefix with
>

Thomas.Schaertel
Score: 1 | 2 months ago | 1 reply

Hi Aljoscha,
thank you very much for your talk. I even wasn't aware of linPEAS, maybe as I'm focusing most of the time on developing a solution. On the other side, most systems are guarded by the company's firewalls, so security falls short within the dev cycle, while we are fighting with different distributions and kernel versions to implement something. So I learned already a lot from your talk. Do you have any recommendation/resource on hardening e.g. a book?
Thanks a lot!
Thomas

Aljoscha LautenbachSpeaker
Score: 0 | 2 months ago | no reply

Hi Thomas!
I'm glad it was helpful! I am not personally aware of a book on Linux hardening, but that doesn't mean that there is no such book. The difficulty with hardening is that it is such a broad topic and you can approach it from so many different angles. Apart from reading the official Linux documentation, my main recommendation would be to learn the attacking techniques, so that you know what to look out for. Until I learned how to exploit a misconfigured cron job, I never would have looked for it. And learning the basics of penetration testing is quite fun!

10:10:45 From BobF to Everyone:
	Is there significant overheads, in terms of (bloated) kernel code size specifically in the context of hardening embedded systems?
10:12:40 From Kouakou to Everyone:
	Thanks for the talk
	vendors are selling secure elements (ics) that they highly recommend to pass the coming regulations. where does the technics you present stand according to these solutions
10:16:50 From BobF to Everyone:
	Any comments with regard to what Microsoft (embedded Windows) is doing in securing embedded systems?
10:18:28 From BobF to Everyone:
	Thought I'd throw it out (the query) !!
10:19:36 From Jacob Beningo to Everyone:
	It’s a good question! Thanks for asking it!
10:25:13 From Lyden Smith to Everyone:
	thank you!

OUR SPONSORS

OUR PARTNERS