1 / 25

Operating System Hardening

Operating System Hardening. Based on slides accompanying the book Network Defense and Countermeasures by Chuck Easttom (2018). Objectives. Properly configure a secure Windows system Properly configure a secure Linux system Apply appropriate operating system patches to Windows

jedm
Télécharger la présentation

Operating System Hardening

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Operating System Hardening Based on slides accompanying the book NetworkDefense and Countermeasures by Chuck Easttom (2018)

  2. Objectives • Properly configure a secure Windows system • Properly configure a secure Linux system • Apply appropriate operating system patches to Windows • Apply application patches • Securely configure a web browser

  3. Introduction • Securely configuring the operating system and its software is a critical step in system security that is often neglected. • It is not enough to just implement firewalls and proxy servers, it is also important to secure internal machines and the applications and information they house.

  4. Configuring Windows Properly • Key configuring tasks include • Disable unnecessary services • Configure the Registry • Enable the firewall • Configure the web browser

  5. Windows Accounts and Users • Disable default user accounts and groups • Disabling the default administrator account is better than renaming it. • Other accounts to disable if not used • IUSR_MachineName • ASP.NET • Database accounts • Assign each account the least privileges needed to perform the job  The principle of least privileges

  6. Windows Security Policies • Password policies • History, age, length, complexity • Account lockout policies • Other issues • Users should not write passwords down • Users should not share passwords • Users should have the least privileges required • Have separate admin accounts and standard user accounts • Only use the admin accounts for tasks that require admin privileges

  7. Default Windows Password Policies

  8. Password Setting Recommendations

  9. Windows Lockout Policies

  10. Recommended Lockout Policies

  11. Registry Basics • Hierarchical Database • Edit using regedit • Top-level sections • HKEY_CLASSES_ROOT • HKEY_CURRENT_USER • HKEY_LOCAL_MACHINE • HKEY_USERS • HKEY_CURRENT_CONFIG

  12. Registry Editing Caution Incorrect editing of your registry can render parts of your operating system unusable. If you are new to registry editing, do not practice on a production machine that has critical data.

  13. Securing the Registry • Restrict Null session access • Restrict Null session access over named pipes • Restrict anonymous access • Change TCP/IP stack settings • Disable default administrative shares • Disable remote access to the Registry • Restrict anonymous access to the Registry

  14. Securing the Registry

  15. Working with Window Services • Services run without direct user intervention • Referred to as daemons in Linux/Unix • Disabling unneeded services can increase security • Use the Services.msc console to manage services • Be careful not to disable a service that’s needed; Use the Dependencies tab to see whether other services depend on the one you are about to disable

  16. Encrypting File System (EFS) • Encrypts files and folders for greater security • Uses a method based on public key encryption • Virtually transparent to the user • Built into Windows and easy to use

  17. Security Templates • A security template contains hundreds of possible settings that can control a single or multiple computers • Settings include user rights, permissions, and password policies • Enable administrators to deploy settings with Group Policy Objects (GPOs)

  18. Security Templates • Hisecdc.inf: Domain controllers (more secure) • Securedc.inf: Domain controllers (less secure) • Hisecws.inf: Client computers and member servers • Securews.inf: Client computers and member servers • Setup security.inf: Reapplies the default security settings of a freshly installed computer

  19. Configuring Linux Properly • Many security principles apply in Linux as they do in Windows • Commonalities between Windows and Linux • Default users and policies (names are different) • All services not in use should be shut down • Browser must be configured securely • Routinely patch the OS

  20. Configuring Linux Properly cont. • Differences between Linux and Windows • No application should run as the root user • Root password must be complex and changed frequently • Disable all console-equivalent access for regular users • Hide your system information

  21. Patching the Operating System • Allow Windows Update to run automatically in Windows to keep the OS up to date • In Linux, open up a terminal window and type sudo apt-get upgrade.

  22. Configuring Browsers • Privacy settings • Block third-party cookies • Prompt for first-party cookies • Always allow session cookies • Security settings • Limit what can run • Unsigned components • ActiveX • Java

  23. Configuring Browsers • Each browser has its own way of changing settings • General principles: • Limit cookies • Do not allow ActiveX to run without your knowledge • Do not allow any scripts to execute without your knowledge

  24. Summary • Hardening of operating systems is a critical part of network security • Proper security configuration can make hacking more difficult • Encrypted File System (EFS) can secure information on the local computer • Disable unneeded services in Windows • Proper Registry settings are also key in a Windows environment

  25. Summary • Failure to properly configure Registry settings will greatly reduce the security of the computer • Securing the browser can limit exposure to malware

More Related