Network Defenses + Hardening

Host-based firewalls

don’t provide much insight into the traffic they are filtering since they often simply block or allow specific applications, services, ports, or protocols

A host-based intrusion prevention system (HIPS)

analyzes traffic before services or applications on the host process it. A ___ can take action on that traffic

Service hardening

one of the fastest ways to decrease the attack surface of a system is to reduce the number of open ports and services that it provides by disabling ports and protocols

Network hardening

A common technique used in hardening networks is the use of VLANs to segment different trust levels, user groups, or systems

Default passwords

Changing default passwords is a common hardening practice

Removing

unnecessary software

Operating system hardening

• Setting the password history

• Setting maximum password age

• Setting the minimum password length

• Requiring password complexity

• Disabling the storage of passwords using reversible encryption

Hardening the Windows registry

invovles configuring permissions for the Registry, disallowing remote Registry access if it isn’t required for a specific need, and limiting access to Registry tools like regedit

Windows group policy and hardening

Microsoft provides the Security Compliance Toolkit (SCT), which is a set of tools that work with Microsoft’s security configuration baselines for Windows and other Microsoft applications

Hardening Linux: SELinux

SELinux is a Linux kernel-based security module that provides additional security capabilities and options on top of existing Linux distributions