There's a whole world of system tracing, instrumentation, and profiling built into nearly every Linux system that goes untouched by most. While originally developed to help with debugging and performance tuning, the same tools can be used to provide security insights that are difficult or almost impossible to get any other way. In this interactive session we will discuss these tracing systems, suggest tips on how to use them, and provide some actionable takeaways on types of data you can extract, all in just a few lines of code.
This webcast is designed for developers and systems administrators who run Linux systems and want more visibility into what those systems are doing, either for performance reasons, or for security (or both!).
During this webcast you will learn:
- Best practices on how to use the `perf` cli to gather profiling information on applications.
- Top tips on how to use Linux kprobes and uprobes to instrument specific functions in the kernel or userland.
- How to implement a simple script to monitor the DNS requests and TCP connections made by any program on the system.