Hardening

From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 18:26, 14 June 2007 by Mdpeters (talk | contribs) (New page: ==Information Technology Hardening== In computing, '''hardening''' is the process of securing a system. This work is especially done to protect systems against attackers.<br> <br> This wo...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Information Technology Hardening

In computing, hardening is the process of securing a system. This work is especially done to protect systems against attackers.

This would typically include removal of unnecessary usernames or logins and the disabling or removal of unnecessary services. On a typical Microsoft Windows server, one example would be the disabling of the "print spooler" as this may not be needed.

There are various methods of hardening Unix and Linux systems. This may involve, among other measures, applying a software patch to the kernel such as Exec Shield or PaX; closing open TCP and UDP port system ports; and setting up Intrusion Detection Systems, firewalls and Intrusion Prevention Systems.

There are also hardening scripts and tools like Bastille Linux and Apache/PHP Hardener that can, for example, deactivate unneeded features in configuration files or perform various other protective measures.

See Also