Hardening (English word meaning hardening) Computer security is the process of securing a system by reducing vulnerabilities in it, this is achieved by eliminating software, services, users, etc. Unnecessary in the system and closing ports that are not in use as well as many other methods and techniques that will see during this brief summary introduction to Hardening systems.
Making life difficult for the attacker. That is the summary of the rationale for the Hardening of operating systems, you could say that is a set of activities that are carried out by the administrator of an operating system to enhance the maximum possible security of your computer. Its purpose, obstructing the work of the attacker and gain time in order to minimize the consequences of an imminent security incident and even, in some cases, prevent it entirely concrete.
One of the first things you need to make clear the Hardening of operating systems is not necessarily able to forge "invulnerable" teams. It is important to remember that, depending on the model of defense in depth , the host is only one layer of it. In other words, a factor to consider in the large number of points to be taken into account to defend "globally" system.
Among the characteristics of a hardening process activities you can be counted as follows:
Configurations necessary to protect themselves from possible physical attacks or hardware of the machine.- The establishment of complex passwords for booting the computer and BIOS settings.
- Disabling system boot to any drive other than your primary hard disk , and server cases.
- Disabling Optical, USB or similar devices to prevent any entry of malware from an external storage medium.
Safe installation of the operating system, such as using a file system that has security features, and the concept of minimal installation, ie, avoiding the installation of any system component than necessary for the operation of the system.
Activation and / or appropriate service configuration automatic updates to ensure that the team will have all security patches that deliver the vendor a day.
Installation, configuration and maintenance of security software such as antivirus, antispyware, and antispam filter according to system needs.
Configuring the local system policy, considering several important points:
Policy robust passwords with caducables keys , historical storage of passwords (for not using cyclic passwords), account lockouts for failed attempts and password complexity requirements.Rename and subsequent disablement standard system accounts.
Correct assignment of user rights, so to reduce the potential elevation of privilege, and always trying to limit the minimum privileges and / or rights of active users.
Setting general security options, such as those related to shared access routes, system shutdown, startup and logoff and network security options.
Restrictions software, based on the possible use of whitelisting software allowed more than blacklisting it.
Activation system audits, keys to a record of some characteristic attack attempts such as password guessing.
Configuring system services. At this point it is necessary to always try to disable all services that are not going to provide necessary functionality for system operation. For example, if your computer does not have wireless network cards, wireless network service should be disabled.
Setting network protocols. As far as possible, it is advisable to use systems Address Translation (NAT) to route internal teams within an organization. Disabling all those network protocols unnecessary in the system and limit the use thereof to a minimum. TCP / IP is a protocol that was not born thinking about safety, so limiting their use to strictly necessary is imperative.
Setting appropriate security permissions on files and folders on the system. As far as possible, explicitly deny any file permission to anonymous accounts or do not have access password. Set proper level permissions folders and files is key to avoid unwanted access to their content.
Setting security options of different programs, such as email clients, web browsers and in general any type of program that has interaction with the network.
Remote Access Setup. If not strictly necessary, it is good to disable remote access. However, when you need to have remote control of the machine, it must be set properly, restricting access to a limited number of users.
Proper configuration of user accounts, trying to work most of the time with limited access accounts and disabling administrator accounts. It is strongly recommended to use the impersonificación users to perform administrative tasks instead of log in as administrators.
File encryption units according to the needs of the system, considering an external storage for decryption keys. also consider the option of working with ciphers instant messaging and email.
We invite you to contact our sales department mail ventas@postech.com.mx or using our form contact online and so allow us to support you to develop a solution tailored to their needs in information technology and communications.