Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Hunting Linux Malware for Fun and Flags

RSA Conference via YouTube

Overview

Explore server-side Linux malware threats and learn effective analysis techniques in this 46-minute RSA Conference talk by ESET Senior Malware Researcher Marc-Etienne M.Léveillé. Gain insights into creating a safe environment for studying Linux malware, understanding common artifacts, and investigating file metadata. Discover methods for examining basic filesystem structures, verifying package integrity, and analyzing logs using auditd. Learn to analyze live processes, utilize procfs exe magic links, and perform process memory dumps. Delve into kernel memory analysis, network configuration examination, and network capture techniques. Master two approaches: reversing script-based malware and reverse engineering compiled malware. Acquire practical skills to enhance your Linux security expertise and better protect your infrastructure against evolving threats.

Syllabus

Intro
About this presentation
Why malware on Linux servers?
Why care?
Why understand them?
Artifacts
Common file metadata
Basic filesystem
Package integrity
Logs
Using auditd
Offline filesystem
Analyzing a live process
procfs exe magic link
Process stalling
Process memory dump
Kernel memory
Network configuration
Network capture
Two approaches
Reversing script-based malware
Reverse engineering compiled malware
This week you should
Within three months you should
Next you should

Taught by

RSA Conference

Reviews

Start your review of Hunting Linux Malware for Fun and Flags

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.