Loading…

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Security [clear filter]
Saturday, February 23
 

9:00am

Petr Lautrbach - openssh in Fedora and RHEL - internal, features, ...

OpenSSH is free version of SSH. This talk will be about

- the architecture of ssh protocol
- openssh features like channel multiplexing and privilege separation
- Fedora and RHEL improvements like SELinux integration, auditing

 


Speakers
avatar for Petr Lautrbach

Petr Lautrbach

Software Engineer, Red Hat Czech


Saturday February 23, 2013 9:00am - 9:45am
#Lecture room D1

9:50am

Simo Sorce - GSSAPI Privilege separation with GSS-Proxy

GSS-Proxy is a new feature developed in collaboration with the Mit Kerberos Project.
It allows to use an new type of plugin called interposer to offload context establishment to a more privileged process without changeing the GSS API.
This allows to use, for example, kerberos credentials in a process without giving direct access to keytabs or credential caches containing the user TGT.
This talk will explain how this is achieved, and what are the applications, advantages and limitations of the current implementation.
Using the GSS-Proxy protocol as a kernel upcall mechanism to handle GSS auth will also be discussed.


Speakers
avatar for Simo Sorce

Simo Sorce

Sr. Principal Software Engineer, Red Hat
Simo Sorce is a Sr principal software Engineer at Red Hat working in the Identity Management space with long history of involvement in Free Software projects. He joined the Samba Team in 2001 and has since founded or co-founded other projectes in the Identity Management space including... Read More →


Saturday February 23, 2013 9:50am - 10:35am
#Lecture room D1

10:40am

Martin Preisler, Simon Lukasik - System compliance checks

System compliance checks based on SCAP specifications. What we provide for Desktop and Enterprise systems. Demonstrate the work-flow. Talk about challenges and plans.


Speakers
SL

Šimon Lukašík

http://isimluk.livejournal.com/
avatar for Martin Preisler

Martin Preisler

Sr. Software Engineer, Red Hat, Inc., Red Hat
Martin Preisler works as a Software Engineer at Red Hat, Inc. He is working in the Security Technologies team, focusing on security compliance using Security Content Automation Protocol. He is the principal author of SCAP Workbench, a frequent contributor to OpenSCAP and SCAP Security... Read More →


Saturday February 23, 2013 10:40am - 11:25am
#Lecture room D1

11:30am

Dmitri Pal & Simo Sorce - Integrating Linux systems into Active Directory Environment

Integrating Linux into Active Directory environment is a challenging task. There are multiple factors that need to be taken into the account and multiple options to consider. The talk would cover different solutions that can be implemented to integrate Linux systems into the AD environment and discuss factors that affect decision making.


Speakers
avatar for Dmitri Pal

Dmitri Pal

Sr. Engineering Manager, Red Hat, Inc.
Dmitri Pal is a Director of Engineering at Red Hat. He is responsible for the security technologies (SELInux, OpenSCAP, Crypto, Audit) delivered in Red Hat Enterprise Linux identity and management projects and products that include Directory Server, Certificate System, Samba, Kerberos... Read More →
avatar for Simo Sorce

Simo Sorce

Sr. Principal Software Engineer, Red Hat
Simo Sorce is a Sr principal software Engineer at Red Hat working in the Identity Management space with long history of involvement in Free Software projects. He joined the Samba Team in 2001 and has since founded or co-founded other projectes in the Identity Management space including... Read More →


Saturday February 23, 2013 11:30am - 12:15pm
#Lecture room D1

2:10pm

Stef Walter - Polished Active Directory Integration

Active Directory is widely used in enterprise environments, and Linux has had lots of projects, parts and pieces that could be used with Active Directory.

In Fedora 18 we've integrated those parts into a polished experience. We'll discuss the new features in this talk.

But it's not over, there's more to come. We'll show you how to get involved, and what's on the horizon for further Active Directory integration.

Among other things we'll touch on sssd, realmd, and how they're used in Fedora and RHEL.



Speakers
avatar for Stef Walter

Stef Walter

Hacker, manager, and CI freak., Red Hat Inc
Stef is an avid open source hacker. He's contributed to over a hundred open source projects, and can be found preaching about continuous integration and working on the Cockpit Linux admin interface. He's a usability freak. Stef lives in Germany, and works at Red Hat.


Saturday February 23, 2013 2:10pm - 2:55pm
Meeting point 1 B411

2:10pm

Daniel J Walsh - Writing SELinux Policy

This lab/workshop will explain how to write SELinux policy.


Speakers
avatar for Daniel Walsh

Daniel Walsh

Senior Distinguished Engineer, Red Hat
Daniel Walsh has worked in the computer security field for over 35 years. Dan is a Senior Distinguished Engineer at Red Hat. He joined Red Hat in August 2001. Dan is the lead architect of the Red Hat Container Runtime Engineering team. Dan has been working on container technology... Read More →


Saturday February 23, 2013 2:10pm - 3:40pm
Hackfest Lab 1 C525
 
Sunday, February 24
 

9:00am

Steve Grubb - Executable Hardening Measures - How they work and/or don't

This talk will go over all the protection mechanisms that are available to developers and package maintainers. This includes PIE, RELRO, gcc stack protector, and FORTIFY_SOURCE. It will explain what kind of attacks these prevent and how they work. More importantly, this talk will also go over limitations, short comings, and failures of these mechanisms. Some tools and techniques for analysis will be presented. The attendee will leave with a better understanding of how protected any given binary actually is.


Speakers
avatar for Steven Grubb

Steven Grubb

Security Architect, Red Hat
Steve Grubb is a Senior Principal Engineer whose role in Red Hat Engineering is as a Security Architect with a focus on Security Certifications (such as Common Criteriai, SCAP, and FIPS-140) and configuration Guidance (such as DISA STIG, USGCB, and the CIS RHEL Benchmark). He also... Read More →


Sunday February 24, 2013 9:00am - 9:45am
#Lecture room D1