Stories

Linux kernel map Author, Conan

What: A 2-day workshop is intended to be a walk-through for installing a hardened Linux distribution from source. It will examine manual configuration of the system, building applications from source, compile-time security considerations, hardware security considerations, kernel-mode security considerations, and more.
Who: Codecraft Lab sponsor, Hack All the Things, experts in Cyber Security, offense and defense, Linux, and so, so, so much more will lead the course. Participants will leave with their own secure Linux OS, built from scratch.
When: Saturday, 03/05/16 10am – 6pm & Sunday, 03/06/16 1pm – 6pm
Where: Codecraft Lab in downtown Eau Gallie, 1423 Highland Ave, Melbourne FL 32905
Cost: $60.00 per person
Pre -Registration Required: http://www.codecraftlab.org/product/secure-os/

Workshop Overview

  • 1 Introduction
    • 1.1 Minimalism, Performance, and Security
      • 1.1.1 The Least Privilege Principle
      • 1.1.2 The Least Capability Principle
    • 1.2 Existing Security Features
      • 1.2.1 Hardware Mitigations
      • 1.2.2 Compile-time Mitigations
      • 1.2.3 Execution-time Mitigations
  • 2 Getting Started
    • 2.1 Selecting a boot medium
    • 2.2 Preparing the installation target
      • 2.2.1 Partitioning the disks
      • 2.2.2 Formatting partitions
      • 2.2.3 Mounting the installation target
    • 2.3 Downloading & Extracting the Build Environment
      • 2.3.1 Network Connectivity
      • 2.3.2 Setting the Time
      • 2.3.3 Using a Stage3
    • 2.4 Swapping To & From the Installation Target
  • 3 Configuring the build environment
    • 3.1 Configuring Portage
      • 3.1.1 Setting up make.conf
      • 3.1.2 Getting a snapshot
      • 3.1.3 Finalizing the configuration
    • 3.2 Selecting a profile
    • 3.3 Setting the Timezone
    • 3.4 Setting the Locale
  • 4 System Configuration
    • 4.1 /etc/fstab
    • 4.2 /etc/mtab
    • 4.3 Setting the hostname
    • 4.4 Security Groups
  • 5 Core Components
    • 5.1 Task Scheduling
    • 5.2 Logging System
    • 5.3 Networking
    • 5.4 Security Utilities
    • 5.5 Building Userland
  • 6 Kernel Configuration
    • 6.1 Entering the configuration menu
    • 6.2 Top Menu
    • 6.3 General Setup
      • 6.3.1 Kernel Compression
      • 6.3.2 Unnecessary defaults
      • 6.3.3 Size & Security
    • 6.4 Block Layer
    • 6.5 Processor type and features
    • 6.6 Power management and ACPI options
    • 6.7 Device, Firmware, and Bus Options
    • 6.8 Networking Support
    • 6.9 Filesystems
    • 6.10 Kernel “hacking”
    • 6.11 Security options
    • 6.12 Cryptographic API
  • 7 Bootloader Setup
    • 7.1 Installing Grub
    • 7.2 Configuring Grub
  • 8 Finalizing the Installation
    • 8.1 Setting a root password
    • 8.2 Setting up an encrypted /home directory
    • 8.3 Creating a user
    • 8.4 Setting up sudo
    • 8.5 Optional: Creating an MOTD
  • 9 Purpose-driven Expansion of the Installation
    • 9.1 Desktop Environments
    • 9.2 Server Environments
    • 9.3 Networking & Firewall Configurations
    • 9.4 Access Control Lists & Whitelisting
  • 10 Security Applications & Tools
    • 10.1 Monitoring, Detection, and Prevention
    • 10.2 Diagnostics
      • 10.2.1 Process Inspection
      • 10.2.2 Socket Inspection
      • 10.2.3 File Inspection
Scroll to Top