Securing a Host Computer

Download Report

Transcript Securing a Host Computer

Securing a Host
Computer
BY STEPHEN GOSNER
Definition of a Host
Host
 In networking, a host is any device that has an IP address.
Hosts include
 Servers
 Clients(including mobile phones)
 Routers(including home access routers)
 Firewalls
Securing a Host
Numerous protective measures
Securing a Host
Host Hardening
-The process of protecting a host against attacks.
Not consisted of a single protection
Consists of a number of protections that often have little in common
with each other.
Protections include:
 Back up the host regularly **(High Priority)
 Restrict physical access to the host.
 Encrypt data if appropriate.
Securing a Host
Host Protections cont. :
Install the operating system with secure configuration options.
Replace all default passwords with strong passwords.
Install and configure a host firewall.
Install and maintain patches for known operating system
vulnerabilities.
Manage users and groups along with their access permissions.
Install and maintain an antivirus protection software.
Operating Systems
With built-in security features, operating systems play a key role in
Host Security.
Operating systems allow you to create and set passwords for user
accounts.
The operating system has a system administrator account that a
user/owner can use to manage access permissions, passwords, and
security features to help secure the computer system.
Different operating systems provide different tools and interfaces,
each with their own pros and cons.
Operating Systems
Microsoft’s server operating system
Windows Server
Early versions, such as Windows Server NT had poor security.
Later versions, such as Windows Server 2008, are much more secure.
Pros:
 Makes the installation of patches very simple, as they are usually automatic.
 Includes server software firewalls, the ability to encrypt data, and much
more.
 Minimizes the number of running applications and utilities.
Operating Systems
Windows Server:
Cons:
Windows systems are the most attacked systems on the internet.
It is important that system and application updates are done regularly
before connecting to the internet.
It is also important to configure a current antivirus protection software
with all Windows systems due to its high attack rate.
Operating Systems
Unix Servers:
Unix is a popular operating system for the largest servers.
Broad functionality
High reliability
Unix is not a single operating system, but contains many
different versions.
Generally run the same applications.
Compatible with other versions in the kernel(core part) of the
operating system.
Operating Systems
Linux:
◦ The most popular version of Unix, for PC’s.
◦ Desirable because it’s free.
◦ A single copy of Linux may be installable on multiple servers.
◦ Linux contains only the kernel of Unix, and packaged with many other
programs.
Cons:
◦ May require more labor to administer.
◦ The many different versions make this operating system difficult to harden.
Operating Systems
Key Procedures when configuring Windows and LINUX Server’s
Disable the guest account.
Configure an update method to install and update patches regularly.
Disable any unused or unwanted services.
Verify appropriate local security settings.
Ensure that the Windows Firewall is on and the settings are configured.
Choose strong passwords for any and all accounts associated with
Administrator privileges.
Vulnerabilities and Patches
Vulnerabilities:
 Security weaknesses that open a program to attack.
 Vulnerability finders search for these weaknesses in order to create fixes.
 Occasionally vulnerability information is leaked and exploit programs are
created to take advantage of it.
Testing
 Attempts to find any weaknesses in a firm’s protection suite befor hackers do.
Fixes
Work-Arounds
 Series of manual steps the systems administrator must take to fix the problem.
Vulnerabilities and Patches
Patches
Small program that fixes a particular vulnerability
Service Packs
Vulnerability fixes and sometimes functionality improvements
combined into a single large update.
Version Upgrades
Software upgrade to newer version
Often fixes vulnerabilities and contains improved security features.
Firewalls
Firewall
Provides protection against outside attackers by controlling the
network traffic.
Two major forms of firewalls
 Hardware- aka network firewalls
 Software- typically built within OS
Hardware firewalls are separate devices that run on their own
operating system
Software firewalls are built within your OS which give added
security, but not as effective as hardware firewalls.
Hardware firewalls are more costly.
Antivirus
Antivirus and Spyware Software
Computer software used to prevent, detect, and remove malicious
software.
Originally developed to detect and remove computer viruses.
Modern antivirus software is able to protect your computer from
Browser Helper Objects, browser hijackers, ransomware, keyloggers,
backdoors, rootkits, Trojan horses, worms, and much more.
Should be turned on at all times, especially when connected to the
Internet.
Should be updated and ran daily for best overall performance.
Subscription should also be renewed yearly for new virus, spyware, and
malware protections.
Conclusion
In conclusion, there are many different strategies to securing a host
computer. There is no one-answer, and all necessary precautions
should be taken to ensure overall protection. While there is no
guarantee to prevent your computer from being attacked, these
strategies can and should be taken to ensure the security of a host
computer.