Scribd
Upload
51 views19 pages

Security Hardening 2

The document discusses different types of system hardening including server, software, operating system, database and network hardening. It also discusses CIS benchmarks and provides an example of hardening Linux according to CIS benchmarks by configuring the SSH protocol version.

Uploaded by

Mac Queen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
51 views19 pages

Security Hardening 2

The document discusses different types of system hardening including server, software, operating system, database and network hardening. It also discusses CIS benchmarks and provides an example of hardening Linux according to CIS benchmarks by configuring the SSH protocol version.

Uploaded by

Mac Queen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

Information Security

Instructor:
Syeda Mahnoor Gilani

Department of Computer Science

Air University - Aerospace & Aviation Campus, Kamra


1
Content

• Difference between Security Patching & Hardening


• Types of Security Hardening
⁻ Server
⁻ Software
⁻ Operating System
⁻ Database
⁻ Network
• A look into CIS Benchmarks
• Case Study Security Hardening- Linux
Difference between Security Patching &
Hardening
•Security Hardening
• IT assets such as hardware and software come wit default (insecure)
configurations which become the basis for attacks
• Typical case in point: username and password: “admin, admin”
• Process of securing a system by reducing its surface of vulnerability,
which is larger when a system performs more functions; in principle a
single-function system is more secure than a multipurpose one.
Difference between Security Patching &
Hardening
•Patching
•Fixing vulnerabilities (which may be exploited by malware or
attackers) in software or firmware with vendor released
patches (auto or manual updates)
•Patches are also called fixes.
Types of System Hardening
Types of System Hardening:
(Server)
•involves applying advanced security measures at the hardware,
firmware, and software layers to secure a server’s data, ports,
components, functions, and rights.

OS Maintenance:
✔ Regularly update and patch the server’s operating system.
Third-party Software Management:
✔ Update essential third-party software regularly.
✔ Remove software not meeting cybersecurity standards.
Password Policy:
✔ Implement a strong password policy.
Account Protection:
✔ Lock user accounts after specific failed login attempts.
Types of System Hardening:
(Software/Applications)

•Setting automatic updates for the OS version of all the deployed


software
•Using AppSec tools like anti-virus, firewall, and malware detectors
•Applying encryption and MFA
•Deploying sound IPS and IDS approaches
Software/Applications (1/1)

•Harden account authorization & password policy:


•strengthenthe security measures related to user accounts
and passwords
•Example:
•MFA for account access.
•complex passwords (e.g., mix of upper and lowercase letters,
numbers, symbols).
•Setting a short expiration time for passwords, so users need to
change them regularly. number of failed login attempts
•Limiting the.
Software/Applications (1/2)

•Harden log protocol security configuration:


• enhance the security measures related to how system and application logs are
recorded, stored, and accessed.
• Example:
• Encrypt Logs: Ensure that logs are encrypted, especially if they contain sensitive
data.
• Restricted Access: Only authorized personnel should be able to access and modify
• Regular Backups: Frequently back up logs to a secure location, ensuring data isn't
lost.
• Integrity Checks: Implement measures to verify log integrity, ensuring data hasn't
been tampered with.
• Use Secure Protocols: If transmitting logs, use secure transmission protocols like
TLS/SSL
Software/Applications (1/3)

•File & Directory Access Permission, Patches:


• rules set on files and directories determining who can
access them and what actions they can perform (e.g., read,
write, execute).

•Example: only the HR department might have permission


to read and modify employee salary files

•Patches: designed to fix vulnerabilities, improve


performance, or address other issues in software or
systems.
Software/Applications (1/4)

•Update Software Version:


• Fix vulnerabilities or security issues.
• Introduce new features.
• Improve performance or stability.
• Resolve bugs or issues present in the older version.
Types of System Hardening:
(Operating System)
Types of System Hardening:
(Database Hardening)
• It’s a strategic system-hardening
approach around three processes.

• The first process involves controlling


user access and privilege.
• The second process entails getting rid of
database services that are no longer
needed.
• Last process aims at using the best
encryption and security measures for
protecting databases.
Types of System Hardening:
(Database Hardening)
Types of System Hardening:
(Network)
• safeguard the communication network & all the data-driven
devices and servers (to protect the paths and systems through
which devices and servers exchange data.)
• Mainly, it’s done via two methods.
• The first method involves IPS (helps network engineers stop
any unwanted intrusion into the network).

• The second method that this approach IDS (early and


real-time intrusion detection).

Both are software-based methods and are used to keep a watch


over the network behavior, activities happening, and
performance.
A LOOK AT CIS SECURITY BENCHMARKS

• Center for Internet Security (CIS)


Case Study Security Hardening- Linux

•CIS Red Hat Enterprise Linux & Benchmark

-Control no: 5.2.2; Ensure SSH Protocol is set to 2 (Scored)


-Profile applicability:
-Level1, Server
-Level1, Workstation
Case Study Security Hardening- Linux

•CIS Red Hat Enterprise Linux & Benchmark

-Control no: 5.2.2; Ensure SSH Protocol is set to 2 (Scored)


Description: SSH supports 2 different and incompatible
protocols: SSH1 and SSH2. SSH1 was the original protocol &
was subject to security issues. SSH2 s more advanced and
secure.
Case Study Security Hardening- Linux

•CIS Red Hat Enterprise Linux & Benchmark

-Control no: 5.2.2; Ensure SSH Protocol is set to 2 (Scored)


-Rationale: SSH v1 suffers from insecurities that do not affect
SSH v2.
-Remediation: Edit the /etc/ssh/ssh_config
File to set the parameter as follows:
Protocol 2

You might also like