A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
ISDPodcast Button
RootSecure Button
Social-engineer-training Button
Irongeek Button

Web Hosting:
Dreamhost Logo
Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Popping the Penguin: An Introduction to the Principles of Linux Persistence - Mark Kita (BSides Las Vegas 2013) (Hacking Illustrated Series InfoSec Tutorial Videos)

Popping the Penguin: An Introduction to the Principles of Linux Persistence - Mark Kita

Breaking in is half the battle. I've talked to so many people whose only objective is to try and break into systems. I get that. It's awesome, the rush you get when you bring up that shell. But what then' Ops hardening does not end at the outer shell. Once you're in, you still have to navigate the maze of files, directories, and permissions that is the Linux file system. This talk will cover discovering services, utilizing simple and moderate netcat commands, combining netcat with crontab to create access windows, utilizing /dev/tcp to create a reverse shell, obfuscation to avoid IDS/IPS, and providing examples of tools at each step of the way. Some Linux experience needed. If breaking in is half the battle, staying in wins the war.

BIO: Mark Kikta is a Security Consultant with VioPoint which is located in Auburn Hills, Michigan.  Mark supports a variety of operational security programs that includes vulnerability management security monitoring and incident response.  As a former Linux engineer with Secure-24, Mark tries to provide information he wishes he had known when he was starting to work with Linux in the realms of security.

Back to BSides Las Vegas 2013 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2014, IronGeek
Louisville / Kentuckiana Information Security Enthusiast