Work Diary - SystemBack & Third Party Security Tools

Aditya Anand
May 26, 2019 · 4 min read

I have recently joined a startup and have been a part of their InfoSec team. Recently this thought popped up in my mind that I should document the work that I have been doing and how things change when you are independent security personnel to when you start working for an organisation.

Image for post
Image for post

Here it goes…

So in the last article that I wrote about my work, I mentioned the problems I faced and we did come up with temporary solution for that but we are still actually working on the long time solution for it. You can read my previous article by clicking on the link below.

Work Diary - Research Work & Deployment of Security Policies

So, the temporary solution that I came up with was using a tool SystemBack. If you remember from the previous article the problem we were suffering from was that we have to manually install the applications and dependencies on each and every machine and that is totally a waste of time. The list of dependencies and the applications were so long that we nearly had to wait for 15 minutes for everything to be installed on the system of the user and for anyone who has worked in a big organisation knows that this is impossible to carry this task in real life and not feasible at all.

Image for post
Image for post

The other problem that was bugging us was how to deploy the security polices on these systems, we have had the basic policies in place but to micro manage the access control policies we needed to have something that is meant exclusively for this purpose.

Work work work!

So, now that we know the problem of having to install all the applications and dependencies on each and every system over and over again. We needed a solution that would help us from having to do this whole rigorous process over and over. Now, wait for a moment and think what kind of a solution would you have used? What would you have done if you were in such situation? think about it before reading ahead.

The solution I came up with was SystemBack. So what it does is that it helps us create an identical copy of the OS, which you might be working on and then helps you create an .iso file out of it. So once you have the .iso file of your system with all the configurations already done then the only thing that would be needed is to install that on your system and the problem is solved. SystemBack saved us from having to install all the dependencies and now you can also pre-configure the OS according to your need and directly ship out your own custom OS. This is an excellent solution and you have no idea how easy it made things for us. A simple solution that saved 100+ hours of man time of having to run the bash script that installs all these apps and dependencies, not only that but also helping to provide custom designed OS to our employees, with the exact settings that makes it extremely efficient for us to deploy.

Image for post
Image for post

Once, this was done we still needed the tools to micro manage the security policies and set the access control on our environment. I have been currently working on this project and have been trying to research the tools we need to bring in our systems and how to enhance the security of our company multi-fold. These are the few tools I have in my mind

  • SELinux

What next?

As of now I have been working and researching on these tools and how I can implement them, currently I have set them up on a VirtualBox. The next step for us is to install the .iso image of the OS that we have obtained with the help of SystemBack automatically with the help of network boot, so that the SysAdmin won’t even have to install these system on the employee’s machine and the .iso image will be installed in the machine as soon as it is booted up.

P.S. If you have any more information about the third party security tools that I have mentioned above please do feel free to contact me, I can use some help and save my time reading all those documentation files ;)

If you enjoyed it please do clap & let’s collaborate. Get, Set, Hack!

Website : aditya12anand.com | Donate : paypal.me/aditya12anand

Telegram : https://t.me/aditya12anand

Twitter : twitter.com/aditya12anand

LinkedIn : linkedin.com/in/aditya12anand/

E-mail : aditya12anand@protonmail.com

InfoSec Write-ups

A collection of write-ups from the best hackers in the…

Sign up for Infosec Writeups

By InfoSec Write-ups

Newsletter from Infosec Writeups Take a look

By signing up, you will create a Medium account if you don’t already have one. Review our Privacy Policy for more information about our privacy practices.

Check your inbox
Medium sent you an email at to complete your subscription.

Aditya Anand

Written by

CyberSec Professional | Hacker | Developer | Open Source Lover | Website - aditya12anand.com | Donate - paypal.me/aditya12anand

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Aditya Anand

Written by

CyberSec Professional | Hacker | Developer | Open Source Lover | Website - aditya12anand.com | Donate - paypal.me/aditya12anand

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store