Documente Academic
Documente Profesional
Documente Cultură
Host Hardening
Series of actions to be taken in order to
make it hard for an attacker to
successfully attack computers in a
network environment
Computer system #1
Computer system #2
Operating System
Computer Hardware
14
Computer system #3
Client &
server
application
programs
Operating System
Computer Hardware
16
17
OS Vulnerability test
2010 by omnired.com
OS tested:
OS market share
Win XP, Win Server 2003, Win Vista Ultimate,
Mac OS Classic, OS X 10.4 Server, OS X 10.4 Tiger
FreeBSD 6.2, Solaris 10, Fedora Core 6, Slackware 11.0, Suse Enterprise 10, Ubuntu 6.10
Tools used to test vulnerabilities:
Scanning tools (Track, Nessus)
Network mapping (Nmap command)
All host with OS installation defaults
Results
Microsoft's Windows and Apple's OS X are ripe with remotely accessible vulnerabilities and
allow for executing malicious code
The UNIX and Linux variants present a much more robust exterior to the outside
Once patched, however, both Windows and Apples OS are secure.
18
You performed an Out-of-the-box installation of Windows XP and Linux FreeBSD 6.2 on two
different computers. Which computer is more likely to be secure ?
a)
Windows XP
b)
Linux FreeBSD 6.2
c)
They will have the same level of security
What needs to be done, first, in order to prevent a hacker from taking over a server with
OS installation defaults that has to be connected to the Internet?
a)
Lock the server room
b)
Configure the firewall to deny all inbound traffic to the server
c)
Download and install patches for known vulnerabilities
19
Security Baseline
Because its easy to overlook something in the hardening process,
businesses need to adopt a standard hardening methodology: standard
security baseline
Need to have different security baseline for different kind of host; i.e.
Different security baselines for different OS and versions
Different security baselines for different types of server applications
(web service, email service, etc.)
Different security baselines for different types of client applications.
20
21
Elements of Hardening
Physical security
Secure installation and configuration
Fix known vulnerabilities
Remove/Turn off unnecessary services (applications)
Harden all remaining applications
Manage users and groups
Manage access permissions
For individual files and directories, assign access
permissions to specific users and groups
A
c
c
o
r
d
i
n
g
t
o
22
b
a
s
e
l
i
n
e
OS Installation
Create a single partition on HDD
Format disk using NTFS file system
Install Win XP and Service Pack 3
Fixing OS vulnerabilities
Download and install latest patches
Turn on Windows Automatic Updates checking
Configure Windows Firewall
Block incoming connections except KeyAccess and Remote Assistance
Turn off unnecessary services
Turn off Alerter, Network Dynamic Data Exchange, telnet
Application Installation
Centrally assign applications using group policies
Fixing applications vulnerabilities
Turn on each applications automatic update checking
23
Hardening servers
25
27
Inetd = Internet daemon; i.e. a computer program that runs in the background
28
Program A
Program B
4. Start and
Process
This Request
Program C
Program D
1. Client Request
To Port 123
inetd
3. Program C
Port 23
Port 80
Port 123
Port 1510
2. Port 123
Program A
Program B
Program C
Program D
/etc/inetd.config
29
(If PID=47)
30
31
File 1
File 2
Other Files in
Policy List
Tripwire
File 1 Signature
File 2 Signature
File 1
File 2
Other Files in
Policy List
Tripwire
File 1 Signature
File 2 Signature
File Integrity problem: many files change for legitimate reasons. So it is difficult to know which
32
ones the attacker changed.
33
REFERENCIAS:
https://wikis.utexas.edu/display/ISO/Redhat+Linux+Hardening+Checklist
http://www.tecmint.com/linux-server-hardening-security-tips/
https://www.suse.com/documentation/sles11/singlehtml/book_hardenin
g/book_hardening.html
https://security.berkeley.edu/node/143