Host Hardening is exactly what it sounds like: the systematic strengthening of a host’s position with respect to potential security threats. To put in slightly militaristic terms, hardening is what you do when you’re digging in because you intend to be there for a while and you expect outside “interest.”
Hardening is necessary because all security systems have weaknesses. That, you might think, is what antivirus, firewall and intrusion-detection systems are for, and you’d be right. All of these things are a part of the host hardening process, but there is more to it than that. Host hardening involves a greater level of complexity than simply installing protection systems.
The fact is that pirates (excuse the dramatic term) and hackers get through security systems all the time and this fact seems mystifying given all the lengths people go through to protect themselves. What’s going wrong? Antivirus programs, firewalls and intrusion detection systems all work by looking for things they’ve seen before, or things that are similar to things they’ve seen before. A system can be impenetrable to all known threats, but all it takes is one new one and the jig is up, as they say.
Additionally, security is made difficult by the fact that we all want everything to work whenever we want it, with no effort. Computer systems, even server systems, come with all kinds of features and services that are ready-to go out of the box. Our computers are now so powerful, and our storage capacity is so large, that we can have all kinds of extra things going on, so systems are designed to cater to a huge range of “common” uses and computing profiles. The end result is that most of our systems are running all kinds of technology we barely understand that creates potential weak points for our security systems. An intrusion detection system won’t stop access that is normal for a given piece of software, but that software might, in normal usage, give access to a part of the system that should have been cut off from outside access.
Steps in the typical hardening process (aside from the typical firewall, intrusion detection steps) are systematically disabling all the services that are not specifically needed to do what you want to do. If you have any piece of software that isn’t specifically required, eliminate it from you system. Any communication protocol that isn’t necessary, disable it. Files that don’t need to be altered should be read only. Users that don’t need access shouldn’t have access. Any services that can be performed by a more secure piece of software should be replaced. The idea is to remove any back door to your system that might be exploited using legitimate software.
The extra benefit of hardening a system in this way is that it will be much more efficient and streamlined. There will be less potential for conflicts and errors. That is, of course, if it is done properly. To successfully harden a system you really have to know what you’re doing. You need to know how all the features you want to use work and make sure you don’t disable anything that is required. Many companies prefer to hire professional host hardening services to make proper analyses of their practices and act appropriately.
Related posts:
- Additional Security With A Host Based IDS Security is, of course, always a concern. It is...
- Uses of a Host Based Firewall Any machine, whether a personal computer or a server, opens...
- Information Security and OpenSSH Server The basic premise of the information age is that information...
- Webhosting: Host Integration Services Networks do an incredible amount of work. It may...
- What is a Dynamic Virtual Host? The term “dynamic virtual host” is a fairly simple...
Related posts brought to you by Yet Another Related Posts Plugin.
{ 0 comments… add one now }