Introduction to System Hardening Basic Security Configuration

Introduction to System Hardening Basic Security Configuration

System hardening is a crucial practice in the field of cybersecurity and information technology. It involves implementing various security measures to strengthen the security of computer systems, servers, and network devices, making them more resistant to potential cyber threats and attacks. The main objective of system hardening is to minimize the attack surface and reduce vulnerabilities, thus enhancing the overall security posture of an organization’s IT infrastructure.

The following are some key components and principles of system hardening:

  1. Baseline Configuration: Establishing a secure baseline configuration is the foundation of system hardening. This involves configuring the operating system, applications, and services to adhere to security best practices. Unnecessary features and services that could be potential entry points for attackers are often disabled or removed.
  2. Patching and Updates: Keeping software and firmware up to date with the latest security patches is essential for closing known vulnerabilities. Regularly applying updates helps protect systems against exploits that target outdated software.
  3. Strong Authentication: Implementing strong authentication mechanisms, such as two-factor authentication (2FA) or multi-factor authentication (MFA), adds an extra layer of security, reducing the risk of unauthorized access.
  4. Access Control: Restricting user access to only the resources they need is a fundamental principle of system hardening. This includes assigning the least privilege necessary for users and ensuring that administrative access is tightly controlled.
  5. Encryption: Encrypting sensitive data, both at rest and in transit, helps protect it from unauthorized access or interception. Full disk encryption and secure communication protocols (e.g., TLS/SSL) are commonly used for this purpose.
  6. Firewalls and Network Segmentation: Deploying firewalls and implementing network segmentation help control the flow of traffic and prevent lateral movement within the network. This isolation limits the impact of potential breaches.
  7. Intrusion Detection/Prevention Systems (IDS/IPS): IDS and IPS solutions are used to monitor network traffic and detect potential signs of intrusion or malicious activities. They can automatically take action to block or mitigate threats.
  8. Audit and Monitoring: Enabling logging and auditing mechanisms allows organizations to monitor system activities, track potential security incidents, and perform forensic analysis in the event of a breach.
  9. Disable Unused Services: Disabling or removing unnecessary services and protocols reduces the attack surface and minimizes potential points of exploitation.
  10. Security Awareness Training: Educating users about security best practices and potential threats is crucial in preventing social engineering attacks and ensuring that the human element is not a weak link in the security chain.

System hardening is an ongoing process, as new threats and vulnerabilities emerge regularly. Regular security assessments, vulnerability scans, and penetration testing help identify weaknesses that need to be addressed. By implementing system hardening practices, organizations can significantly improve their resilience against cyber threats and safeguard their critical assets and data.

Basic Security Configuration
Automated Security Analyzers – Lynis
Basics Of Shell Scripting

Introduction to System Hardening

================================
Hardening is usually a process of securing the system by reducing its surface of vulnerability.
A system in which 5 different services are running.
5 systems in which 5 services are running, one service per system.
More chances of comporomising is in first setup.
Critical Systems —> On which servers, database, APIs are running
Non-Critical Systems –> In House PC, Reception Systems
Hardware system –> Sensors, CCTV, Biometric
VAPT –> We scan the systems accordingly.
Professionals will deal with Critical System
Little Experience Will deal with Non-Critical System
Freshers|Noobez will deal will Hardware System
Why We need System Hardening?
=============================
To secure
To patch
To prevent the system from being compromised
All the organisation use AD (Active Directory) system for securing their devices and network. But they cannot fulfil the requirements for securing the whole system completely. There is always a gap, because they cannot configure the system manualy. Here we as system auditors come into existance for completely Configuring the system manually.
What are the things we need to keep in mind.
1. Software Patching
2. Outdated Applications and versions
3. OS Updated or not
4. Minimum Information revealing

How will you secure your system for System Hardening

1. Update The System
2. Password Protected
3. Acha khasa Anti-Malware
4. Firewall
5. IDS and IPS
6. Closing the services and Ports
7. Disabling Autorun
8. Disabling USB
9. Passwords
_____________________________________________________
|Sr. No | Task  | Location | P. Status | Current Status |
——————————————————
1. |Openiing firewall | Start-> Control Panel -> System Security -> Firewall | Disabled | Enables
msconfig
regedit
Group Policy –> gpedit.msc
secpol –> security policies
We create a checklist for all different OS
Windows 10 –> 350 Controls
Hard Wire Coding
Universal Coding
ISO 27001 Compliance
ISMS –> Information Security Management System,
Most widely used ISO Compliance Bible
–> CISO
–> CIO
Lead Auditor
HIPAA

Tools for scaning in System Hardening

=================
1. SPARTA –> GUI Based
2. LYNIS –> CLI Based tool, for unix/linux based Systems
Shell Scipting
==============
MS OS –> .exe
Linux –> .sh
MS OS –> Notepad, Wordpad
Linux –> vi, vim, leafpad, gedit, nano
nano filename.sh
Edit it and save it
chmod +x filename.sh
chmod 777 filename.sh
./filename.sh
Tool
====
Shell SCripting
—————
Tool -> netdiscover
Tool -> nmap
Linux OS –
Editor -> gedit | nano | leafpad | vi | vim etc
Extension : .sh
chmod 777 file.sh
./file.sh
file name —-> scann.sh
#/bin/bash/
ping www.google.com
—-exit——
chmod 777 scann.sh
netdiscover -> machines are runing in my network
#/bin/bash/
ping -c 1  172.16.3.134 |grep “64 bytes”
ping -c 1  172.16.3.136 |grep “64 bytes”
ping -c 1  172.16.3.137 |grep “64 bytes”
ping -c 1  172.16.3.145 |grep “64 bytes”
192.168.0.23
192.168.0.0-192.168.0.255
working of for loop
——————–
for(i = 0; i < 10;i++)
{
print i;
}
0
1
2
3
4
5
6
7
8
9
i value –> 1-255
192.168.0.i
192.168.0.1
192.168.0.2
192.168.0.3
**.**.**.**
192.168.0.255
192.168.0.12
192.168.0.0-192.168.0.255
192.168.0.1
192.168.0.2
192.168.0.3
for Loop Implementation
for ip in $(seq 1 255);do
ping -c 1 172.16.3.$ip | grep “64 bytes”
done
ping -c 1 192.168.0.1 | grep “64 bytes”
ping -c 1 192.168.0.2 | grep “64 bytes”
ping -c 1 192.168.0.3 | grep “64 bytes”
ping -c 1 192.168.0.255 | grep “64 bytes”
Test.sh file
Using for loop
#/bin/bash/
for ip in $(seq 1 255);do
ping -c 1 172.16.3.$ip |grep “ttl” |cut -d ” ” -f4 |cut -d “:” -f1
done
64 bytes from 192.168.0.5: icmp_seq=1 ttl=64 time=1.59 ms
cut -d ” “
64
bytes
from
192.168.0.5:
icmp_seq=1
ttl=64
time=1.59
ms
https://pastebin.com/kyaZpqLz

Follow Us On Cyber Point Solution Youtube Channel : Click Here

Follow Us on Social Platforms to get Updated : twiter,  facebookGoogle Plus

Learn More Ethical Hacking and Cyber Security click on this link. cyber security

Leave a Reply

Your email address will not be published. Required fields are marked *