So far we have discussed network-level and application attacks, but those are only part of the equation for a pentester. A pentester must not only know about systems and how to improvise and find ways to identify weaknesses that breach security; they must also know how to address any issues they locate and recommend fixes for the customer.

In this chapter, you’ll learn to:

• Define network hardening
• Understand why you want to do it
• Recognize how hardened systems are by default

Introduction to Network Hardening

In the previous chapter we talked about hardening from the perspective of individual hosts and devices on a network, but not how to harden the network and the services. Much like with hosts, a network ...