Overview
One of the benefits provided by the Windows and Unix platforms has been their flexible
architecture, ease of use, allowing users to work on disparate tasks and freedom
to execute software within the environment. However the more flexibility that you
provide makes those systems more vulnerable to exploitation and attacks. Server
Hardening allows you to protect against disruptive attacks and misuse that cost
organisations time and money. Strengthening the operating system allows for a secure
and controlled operating environment, protecting against exploitable vulnerabilities
and the ‘insider threat’.
Most operating systems have there own specific recommendations about how to harden
their systems to protect against environmental risks such as host system compromise
via abuse of root privilege or the theft or loss of storage media. Security is often
evaluated by how well servers adhere to vendor specific checklists rather than assessing
their systems on how vulnerable they are to attacks. It is important to look at
the overall security of the system rather than just having a ‘tick in the box’.
Assessments should take in factors such as protection against data loss due to improper
authentication, loss of data integrity and confidentiality, and compromised system
integrity. More specifically, they should be protected against
Root Attack – All operating systems have an administrative account(s) that
have complete access to all resources on that host. Control over administrator user
privileges should be defined and validated on a separated system providing strong
authentication. These accounts should still be restricted from having complete control
over the operating system and the data that resides on it.
Worms and Trojans – The operating system needs to defend against unauthorised
applications from running and propagating within the environment. This includes
any worms, trojans, viruses and spyware. Zero-day protection is necessary for protecting
critical systems from exploiting the system.
Buffer Overflow Attacks – This can be controlled by denying privileges to
unauthorised processes and users.
Unintended Admin Privilege – Many users will attack the operating system
to elevate their user access to admin level. This is common in windows based systems,
where an attacker can modify the registry to change user accounts and passwords.
Unauthorised Data Viewing - Prevent backup administrators, contractors and
storage outsourcing partners from viewing data under management, or performing tasks
outside an authorised time window, based on data-owner policies.
Audit Log Tampering – Have an audit trail of what users are doing within
the environment. Ensure that these audit files are secure and cannot be tampered.
Also prevent unauthorised access to critical files such as database audit logs that
track accesses and modifications to data, making IT systems more ‘auditable.’
Hardware/Media Theft - Stored data should be encrypted to ensure that theft
of hardware and storage media is useless if an attacker attempts to extract the
information
Strengthening the operating system provides a secure and controlled operating environment,
which secures the environment from both external and internal threats. Server Hardening
within operating systems prevents users from gaining side-door access to the system
and helps to ensure a more secure and stable environment.
Website Links
|
|
Contact Us |
|
For more information about this solution feel free to Contact
Us for a free WebEx
|
|
Server Hardening Product Solutions |
Check out our cross platform server hardening solution which can protect your systems against hackers, contract employees and administrators.
Click Here to view our product range.
|
|