Chapter 14. Host Hardening

What exactly do we mean by host hardening? It has several meanings in the field of computer security, such as limiting network access to a system by the traditional method of turning off unnecessary network services, by firewalling, or by enforcing authentication to use a service. Almost everyone who has installed recent versions of Microsoft Windows has been exposed to a rudimentary firewall system. An easy-to-use firewall is also built into Mac OS X. Modern versions of Linux contain powerful firewall capabilities. You can read more about firewalls in Chapter 13.

Host hardening can also mean that existing services are available only to certain users at certain times. This can mean that a user will operate under a lower privilege and be granted higher-level privileges as the need arises. Most Unix users are familiar with the command su, and you might at least know about the sudo program. On Windows, you have the option to run the system as an unprivileged user and only run processes as an Administrator using the Run As... service. (Most people don’t, and choose to log into their systems as an Administrator.)

You can also harden a system by testing common weak points and make security changes accordingly. For example, you can check that all your users have strong passwords, ones that are difficult to guess or stumble upon. You can run automatic update software to ensure that the system has incorporated security updates from your vendor, or trusted third parties. ...

Get Security Power Tools now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.