Posts by Theofilos Petsios

Don’t Get Kicked Out! A Tale of Rootkits and Other Backdoors
November 14, 2019
Introduction When it comes to rootkits and other backdoors, everything is on the table. There exists a vulnerability that can be exploited in a system binary to gain root access? There’s a rootkit1 for that. You allow kernel modules? A plethora of nefarious goodies can be part of your system! Your new chip is made […]
Kernel Configuration Glossary
February 28, 2019
In our post “Millions of Binaries Later: a Look Into Linux Hardening in the Wild”, we examined the security properties of different distributions. In the following, we provide a glossary for the security-relevant kernel configuration options discussed in that post (scraped from the Linux Kernel Driver Database). Option Description Significance CONFIG_X86_SMAP Supervisor Mode Access Prevention […]
Linux Hardening in the Wild
February 28, 2019
TL;DR: Millions of Binaries Later In this post, we explore the adoption of Linux hardening schemes across five popular distributions by examining their out-of-the-box properties. For each distribution, we analyzed its default kernel configuration, downloaded all its packages, and analyzed the hardening schemes of their enclosed binaries. Our dataset includes the OpenSUSE 12.4, Debian 9, […]