70 likes | 89 Views
NEED OF HOST HARDENING. The Need for Host Hardening. Leaving the system in its default configuration provides attackers with too many opportunities for obtaining unauthorized access to the host.
E N D
The Need for Host Hardening • Leaving the system in its default configuration provides attackers with too many opportunities for obtaining unauthorized access to the host. • If there is a well-tuned firewall in front of the machine, it's hard to anticipate every way in which attackers may access the protected system. • In a network security system, each measure we take to lock down the host's configuration provides us with the basis for offering secure and reliable services to the system's users.
The Need for Host Hardening • A significant issue in host-level security is the applications installed on the system. • Any software enabled on a system may be exploited due to vulnerabilities in the application or the underlying OS. • A configuration flaw or a coding error can provide the attacker with access to the underlying host, offering an internal "island" from which to conduct further attacks. • For example, buffer overflow exploits against a vulnerable application can allow an attacker to execute privileged commands on the targeted system.
The Need for Host Hardening • From a security perspective, the most reliable way of locking down the host's configuration is to begin with a minimalist system just the core OS (freshly patched, of course) with only administrative accounts and tightly restricted access rights. • You would then add user accounts, install applications, and relax permissions only to the extent needed for the system to function properly. • Installing unnecessary components with loose permissions in a default configuration, unnecessarily increase the host's risk profile.
The Need for Host Hardening • When devising hardening procedures for hosts on your network, keep in mind the cost you incur from applying the hardening techniques and maintaining the systems that have been locked down. Not all hosts should be hardened to the same extent. • If an end-user workstation, a web server, and a VPN server have different responsibilities on the network, their extent of appropriate hardening is different as well. • You need to achieve the right balance between security and functionality to determine what exposure to threat is acceptable while still providing critical business services.
The Need for Host Hardening • An essential aspect of host hardening is ensuring the secure configuration of the underlying OS. • Securing the OS involves disabling or removing unnecessary services, daemons, libraries, and other extraneous components that find their way onto the system as part of the default OS installation.