Security and why you need to review yours.
12 November 11:00am - 11:50am @ Cromwell 1-2
50 minutes conference
Covering why selective grants are important to protect against certain attack vectors. Why user passwords need to be complex. Dissecting MySQL's authentication handshake, and a look at Scapy. Deploying SELinux in targeted enforcing mode; and how to not be afraid of it. Performance implications of deploying selinux. Why it's important to deploy and properly configure selinux. -- UPDATED AGENDA FROM SLIDES (WIP) 1) Why rigid grants are important. 2) Why password complexity is important. 3) What’s an “attack surface” and how to limit it. 4) SELinux: why you should be using it. 5) What's a CVE and why should you care? 6) 0-days, and F.U.D 7) 5.6 Security features 8) Q&A ---
Information Security Architect, Percona
David has been a Linux systems admin for around 14 years, and generally in different roles - development, network admin, support, DBA, and more. He is a Fedora user and a fan of puppet (not so much the hat - nor Bert & Ernie, however). As time allows, he contributes to the EPEL packages for Openstack. He has an interest in infosec, and so is generally paranoid about security. He is also familiar with metasploit, sqlmap, john, oclHashCat, and has also written a few python tools. Living in Whitchurch, United Kingdom, he holds a 2nd dan black belt in Ju-Jitsu and, with his Father and Uncle, helps to teach at a local non-profit club with ages ranging from 6+. He also teaches computing to students at a local school using the Raspberry Pi as the platform running Raspbian. He is proud that they're starting to grow beyond basic networking and logical programming patterns to get the students thinking about solving problems with basic robotics