The host's perimeter, operating system (OS), and applications are our last line of defense against network attacks. If an attacker manages to get through or around your firewall, or if you are defending against malicious code or an insider, it is up to the host to limit the scope of the potential compromise. In Chapter 9, “Host Hardening,” we explained how to configure the system's OS and related applications to help the host withstand local and network-based attacks. We locked down the file system, disabled unnecessary accounts and services, enforced strong passwords, fine-tuned group membership, and applied patches. This chapter builds on the concepts of hardening by demonstrating how hosts can play an active ...