YoVDO

Tracing: The Bane of Security Folks - Understanding Kernel Tracing Techniques

Offered By: Linux Foundation via YouTube

Tags

VMware Courses Rootkits Courses Ftrace Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the complex relationship between tracing and security in this 34-minute conference talk by Steven Rostedt from VMware Inc. Delve into the conflicting goals of tracing and security in the Linux kernel, examining how tracing aims to provide maximum information while security strives to conceal it. Learn about the tactics employed by tracing mechanisms, including live text modification and call redirection, which mirror techniques used by rootkits. Gain insights into the challenges of balancing tracing functionality with security concerns, and understand why security professionals must be well-versed in tracing methodologies. Discover topics such as isolation, lockdown, function tracing, and FTrace, concluding with a Q&A session to address audience inquiries.

Syllabus

Intro
What is your goal
Isolation
Lockdown
Conflicting agendas
Security folks must know tracing
Live kernel patching
Function Tracing
Peters
FTrace
FTrace Direct
Conclusion
Questions


Taught by

Linux Foundation

Tags

Related Courses

KernelShark 1.0 is Here - What Does that Mean?
Linux Foundation via YouTube
Cloud Performance Root Cause Analysis at Netflix
GOTO Conferences via YouTube
Investigating C++ Applications in Production on Linux and Windows
NDC Conferences via YouTube
How Much Is Tracing? Measuring the Overhead Caused by the Tracing Infrastructure
Linux Foundation via YouTube
Mentorship Session - Tools and Techniques to Debug an Embedded Linux System
Linux Foundation via YouTube