This class will dive into each individual feature HardenedBSD has completed, how to utilize each feature, and its status in regards to upstreaming to FreeBSD. Live demos will be shared along with sample code.
The HardenedBSD project launched due to the complexity of ASLR and other exploit mitigation techniques being implemented by Shawn Webb and Oliver Pinter. Originally started as simply a staging area to hold code and test it, the HardenedBSD project has become a full-fledged fork of FreeBSD that aims to upstream most of its enhancements. The development team has grown and is lead by Shawn Webb and Oliver Pinter. The project has implemented robust ASLR, mprotect restrictions, ptrace restrictions, procfs/linprocfs restrictions, among many other hardening and exploit mitigation techniques.