Save 40% on Coursera Plus Annual

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Popping the Penguin - An Introduction to the Principles of Linux Persistence

BSidesLV via YouTube

Start learning Write review
Scrimba Ad

Our career paths help you become job ready faster

Learn More → Boot.dev Ad

Learn Backend Development Part-Time, Online

Learn More →

Overview

Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore the principles of Linux persistence in this BSidesLV conference talk. Delve into topics such as log shipping, event correlation, user account manipulation, and mitigation strategies. Learn about netcat, listening ports, reverse connections, and crontab syntax. Discover techniques for input/output redirection, file identification, and execution. Gain insights into IDS/IPS evasion methods and their rationale. Acquire valuable knowledge on wrapping up persistence techniques and implementing effective mitigation measures. Access additional resources to further enhance your understanding of Linux security and persistence mechanisms.

Syllabus

Intro
Why this talk?
Hackers
Logs: Log shipping
Logs: Event Correlation and Mitigation
User accounts: Going Rogue
Iser accounts: /etc/passwd & shadow
User accounts: mitigation
Netcat
Listening ports
Reverse connections
Method 2: Crontab (syntax)
What's the point of all this?
1/0 redirection: output
1/0 redirection: the pipe
1/0 redirection: input
1/0 redirection: identifying files
1/0 redirection: execution
dev/tcp - the command
IDS/IPS evasion: the reason
IDS/IPS evasion: execution
Wrapping it all up: Mitigation
Resources

Taught by

BSidesLV

Reviews

Start your review of Popping the Penguin - An Introduction to the Principles of Linux Persistence

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.