Containing an Attack with Linux Containers and AppArmor/SELinux presented at Shmoocon 2016

by Jay Beale,

Summary : In the system hardening space, we’ve been using chroot jails to contain compromised programs. These jails were better than nothing, but were easily escaped by many attackers. As Linux containers become more mature, we can use them to replace these jails. This talk will teach you how to use Linux Containers, through both Docker and Ubuntu’s new LXD, to create far better jails for programs, containing their compromise. You will leave this demo-heavy talk immediately able to use both technologies to create containers for both attack containment and to rapidly develop and host software.
Jay Beale (@jaybeale) has created several defensive security tools, including Bastille Linux and the CIS Linux Scoring Tool, both of which have been used throughout industry and government. He has served as an invited speaker at many industry and government conferences, a columnist for Information Security Magazine, SecurityPortal and SecurityFocus, and a contributor to nine books, including those in his Open Source Security Series and the “Stealing the Network” series. Jay is a founder and serves as both the Chief Technology Officer and Chief Operating Officer of the information security consulting company, InGuardians.