{"id":65,"date":"2010-05-21T01:32:35","date_gmt":"2010-05-21T01:32:35","guid":{"rendered":"http:\/\/www.technogypsie.com\/science\/?p=65"},"modified":"2010-05-21T01:32:35","modified_gmt":"2010-05-21T01:32:35","slug":"security-hardening-internal-systems-and-services","status":"publish","type":"post","link":"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/","title":{"rendered":"Security+: Hardening Internal Systems and Services"},"content":{"rendered":"<p>\u00a0<\/p>\n<p><strong>Security+: Hardening Internal Systems and Services<\/strong><\/p>\n<p>One of the best defenses at securing your systems and networks is hardening the internal systems and services. This is not a one-time task, but an ongoing maintenance you&#8217;ll need to incorporate. You need to protect the inside and outside of your system and its networks. By first hardening the operating system with proper practices and procedures, implementing hotfixes, service packs, patches, patch management, group policies, security templates, and configuration baselines &#8211; you can iron-clad shield your system from vulnerabilities and weaknesses. One of the first steps is implementing antivirus software. Then one needs to protect their ports and protocols as well as security controls over file and print resources. Comparing and implementing logial access control methods will help with the deployment of various authentication models. Every computer or server has an operating system. Each system type has its own set of vulnerabilities and weaknesses. The most common operating systems for servers are Windows Server 2008 \/ 2003 \/ 2000; Novell Open Enterprise Server; Various Unix implementations such as Solaris; various Linux implementations such as Red Hat Enterprise Linux; and Mac OS X Server. The most common operating systems for workstations are Windows 95\/98\/NT\/2000\/XP\/VISTA; Linux (Debian GNU\/Linux, Ubuntu, Mandriva Linux Corporate Desktop); and Mac OS X. The most common areas of vulnerability with these operating systems are default installations, service exploits, default protocols, default accounts, built-in applications, remote administration, file access methods, physical access, and buffer overflows. Hardening is applying security techniques using the default configuration of a system is altered to attempt to close vulnerabilities and generally protect the system from attacks. These follow Security baselines that are a collection of security and configuration settings that are to be applied to a particular system in the enterprise. These baselines can be monitored by software tools called security analyzers such as Microsoft Baseline Security Analyzer (MBSA) and Security Configuration Wizard (SCW). Software updates are important to watch and implement as they are released. These are released in the forms of patches, hotfixes, rollups, and service packs. These are often regulated by the practice of patch management through evaluation, testing, and implementation. Logging can help track, record, and audit events or maintenance. These are often stored as log files or text files in known locations that can be reviewwed to analyze or audit attacks and vulnerabilities. Security auditing is the process of performing organized technical assessments of system strengths and weaknesses. Unix systems by default are riddled with logging, especially via syslog to protect the kernel, user and system daemon activity. For Unix\/Linux some of these tools can be found at <a href=\"http:\/\/usat.sourceforge.net\/\">http:\/\/usat.sourceforge.net\/<\/a> and for Windows such as the freeware Kiwi Syslog Daemon.<\/p>\n<p><!--more-->Windows event logs can be found in their event viewer and are applied differently than Unix\/Linux methodology. Audit Events monitor account logon events, account management, directory service access, logon events, object access, policy change, privilege use, process tracking, and system events. There are three different processes or applications that can run in the background on computer systems without a particular user being logged in &#8211; these are services, NLMs, and daemons. However, any running process on a system can provide a point of entry for an attacker &#8211; especially unnecessary services, NLMs, or daemons. These should be identified and disabled. Some independent Windows processes that are safe to disable are alerter service, clipbook service, fax service, messenger service, print spooler service, and world wide web publishing service. For Novell, its safe to disable portal.nlm, nsweb.nlm, nwftpd.nlm, named.nlm, dhcpsrvr.nlm, and java.nlm. For Unix\/Linux its safe to disable nfsd, dhcpd, named, Samba, anonftp, and \/etc\/inetd.conf; for Mac-OS the following can be disabled safely are DVD or CD sharing, screen sharing, file sharing, printer sharing, web sharing, remote login, remote management, remote apple events, xgrid sharing, internet sharing, and bluetooth sharing. An administrator can create security templates that are predefined sets of security configuration parameters tha can be applied to a system to enforce security baseline rules. Its a good way to standardize security settings depending on the roles and levels you require. In addition to antivirus software, virtualization technology can be implemented to help harden your system. This separates computing software from the hardware it runs on via an additional software layer adding flexibility and hardware utilization by running multiple operating systems on a single computer or server.<\/p>\n<p>After tackling the operating system, next step of hardening is the directory services. These are network services that store information about all the objects in your network including users, groups, servers, clients, printers, and network services. This can be done through LDAP &#8211; the Lighweight Directory Access Protocol which allows you to make changes or add on to it. Some Directory Management tools can also be implement and come with certain directory services. There are a variety of robust directory services available for free or paid, open and\/or closed source. Some of these are Novell eDirectory, Microsoft Active Directory, Sun Java System Directory Server, OpenDS, OpenLDAP, and Open Directory. Directory Services have some well known vulnerabilities that need to be watched out for such as DOS (Denial of Service), DDos, unencrypted transmission of data, man-in-the-middle attacks, packet sniffing and capture attacks, buffer overflow attacks, and security of user and administrator accounts and passwords.<\/p>\n<p>Group policys are important as a centralized configuration management feature available in Active Directory for Windows. This can be used to control certain desktop workstation features within an enterprise. Even without a windows-style registry, principles of group policy can be incorporated on Unix, Linux, and Mac OS X operating systems. DHCP Servers also need to be hardened. The Dynamic Host Configuration Protocol (or DHCP) is an internet standard protocol that provides for the automatic assignment of IP addresses and other TCP\/IP configurations. Its included with most network operating systems and provides basic network connectivity for most networks.<\/p>\n<p>DHCP can be attacked by MAC address spoofing, scope modifications, rogue DHCP servers, and DHCP for remote clients. Another big vulnerability in a system is the file and print servers that also need to be hardened. These are vulnerable because of default administrative shares, insecure file systems, lack of redundancy, man-in-the-middle vulernabilities, weak default file security, physical disk security, and physical printer security. The Server Message block (SMB) protocol runs on top of network transport protocls such as TCP\/IP and is used to access these shared network services, most especially files and printers though is found primarily in older windows systems, solaris, MAC OS X, and Samba. This two-way communication is especially prone to man-in-the-middle attacks and to DoS attacks. To harden these processes, security adjustments need to be made to prevent unauthorized access to file data and print resources as well as to the data contained in user printouts.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u00a0 Security+: Hardening Internal Systems and Services One of the best defenses at securing your systems and networks is hardening the internal systems and services. This is not a one-time task, but an ongoing maintenance you&#8217;ll need to incorporate. You &hellip; <a href=\"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","_links_to":"","_links_to_target":""},"categories":[25,47],"tags":[],"class_list":["post-65","post","type-post","status-publish","format-standard","hentry","category-computer-science","category-information-technology"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Security+: Hardening Internal Systems and Services - Naturally Science and Lore<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security+: Hardening Internal Systems and Services - Naturally Science and Lore\" \/>\n<meta property=\"og:description\" content=\"\u00a0 Security+: Hardening Internal Systems and Services One of the best defenses at securing your systems and networks is hardening the internal systems and services. This is not a one-time task, but an ongoing maintenance you&#8217;ll need to incorporate. You &hellip; Continue reading &rarr;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/\" \/>\n<meta property=\"og:site_name\" content=\"Naturally Science and Lore\" \/>\n<meta property=\"article:published_time\" content=\"2010-05-21T01:32:35+00:00\" \/>\n<meta name=\"author\" content=\"technotink\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"technotink\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/security-hardening-internal-systems-and-services\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/security-hardening-internal-systems-and-services\\\/\"},\"author\":{\"name\":\"technotink\",\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/#\\\/schema\\\/person\\\/7d9cbe7291739e15ff8d989e506857fd\"},\"headline\":\"Security+: Hardening Internal Systems and Services\",\"datePublished\":\"2010-05-21T01:32:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/security-hardening-internal-systems-and-services\\\/\"},\"wordCount\":1144,\"commentCount\":0,\"articleSection\":[\"Computer Science\",\"Information Technology\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/technotink.net\\\/science\\\/security-hardening-internal-systems-and-services\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/security-hardening-internal-systems-and-services\\\/\",\"url\":\"https:\\\/\\\/technotink.net\\\/science\\\/security-hardening-internal-systems-and-services\\\/\",\"name\":\"Security+: Hardening Internal Systems and Services - Naturally Science and Lore\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/#website\"},\"datePublished\":\"2010-05-21T01:32:35+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/#\\\/schema\\\/person\\\/7d9cbe7291739e15ff8d989e506857fd\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/security-hardening-internal-systems-and-services\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/technotink.net\\\/science\\\/security-hardening-internal-systems-and-services\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/security-hardening-internal-systems-and-services\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/technotink.net\\\/science\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security+: Hardening Internal Systems and Services\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/#website\",\"url\":\"https:\\\/\\\/technotink.net\\\/science\\\/\",\"name\":\"Naturally Science and Lore\",\"description\":\"Science, Natural Wonders and Lore\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/technotink.net\\\/science\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/technotink.net\\\/science\\\/#\\\/schema\\\/person\\\/7d9cbe7291739e15ff8d989e506857fd\",\"name\":\"technotink\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9185dfebad3afe044322ea6774c750b2b758decb9edeffc0898a26f39def320c?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9185dfebad3afe044322ea6774c750b2b758decb9edeffc0898a26f39def320c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/9185dfebad3afe044322ea6774c750b2b758decb9edeffc0898a26f39def320c?s=96&d=mm&r=g\",\"caption\":\"technotink\"},\"url\":\"https:\\\/\\\/technotink.net\\\/science\\\/author\\\/technotink\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security+: Hardening Internal Systems and Services - Naturally Science and Lore","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/","og_locale":"en_US","og_type":"article","og_title":"Security+: Hardening Internal Systems and Services - Naturally Science and Lore","og_description":"\u00a0 Security+: Hardening Internal Systems and Services One of the best defenses at securing your systems and networks is hardening the internal systems and services. This is not a one-time task, but an ongoing maintenance you&#8217;ll need to incorporate. You &hellip; Continue reading &rarr;","og_url":"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/","og_site_name":"Naturally Science and Lore","article_published_time":"2010-05-21T01:32:35+00:00","author":"technotink","twitter_card":"summary_large_image","twitter_misc":{"Written by":"technotink","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/#article","isPartOf":{"@id":"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/"},"author":{"name":"technotink","@id":"https:\/\/technotink.net\/science\/#\/schema\/person\/7d9cbe7291739e15ff8d989e506857fd"},"headline":"Security+: Hardening Internal Systems and Services","datePublished":"2010-05-21T01:32:35+00:00","mainEntityOfPage":{"@id":"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/"},"wordCount":1144,"commentCount":0,"articleSection":["Computer Science","Information Technology"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/","url":"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/","name":"Security+: Hardening Internal Systems and Services - Naturally Science and Lore","isPartOf":{"@id":"https:\/\/technotink.net\/science\/#website"},"datePublished":"2010-05-21T01:32:35+00:00","author":{"@id":"https:\/\/technotink.net\/science\/#\/schema\/person\/7d9cbe7291739e15ff8d989e506857fd"},"breadcrumb":{"@id":"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/technotink.net\/science\/security-hardening-internal-systems-and-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/technotink.net\/science\/"},{"@type":"ListItem","position":2,"name":"Security+: Hardening Internal Systems and Services"}]},{"@type":"WebSite","@id":"https:\/\/technotink.net\/science\/#website","url":"https:\/\/technotink.net\/science\/","name":"Naturally Science and Lore","description":"Science, Natural Wonders and Lore","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/technotink.net\/science\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/technotink.net\/science\/#\/schema\/person\/7d9cbe7291739e15ff8d989e506857fd","name":"technotink","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/9185dfebad3afe044322ea6774c750b2b758decb9edeffc0898a26f39def320c?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/9185dfebad3afe044322ea6774c750b2b758decb9edeffc0898a26f39def320c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9185dfebad3afe044322ea6774c750b2b758decb9edeffc0898a26f39def320c?s=96&d=mm&r=g","caption":"technotink"},"url":"https:\/\/technotink.net\/science\/author\/technotink\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/technotink.net\/science\/wp-json\/wp\/v2\/posts\/65","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technotink.net\/science\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technotink.net\/science\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technotink.net\/science\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/technotink.net\/science\/wp-json\/wp\/v2\/comments?post=65"}],"version-history":[{"count":0,"href":"https:\/\/technotink.net\/science\/wp-json\/wp\/v2\/posts\/65\/revisions"}],"wp:attachment":[{"href":"https:\/\/technotink.net\/science\/wp-json\/wp\/v2\/media?parent=65"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technotink.net\/science\/wp-json\/wp\/v2\/categories?post=65"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technotink.net\/science\/wp-json\/wp\/v2\/tags?post=65"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}