• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Security Architecture

MIS 5214 - Section 001 - David Lanter

Security Architecture

MIS 5214.001 ■ Spring 2024 ■ David Lanter
  • Homepage
  • Instructor
  • Syllabus
  • Deliverables
    • Assignments
    • Case Studies
      • Case Study 1 – A High Performance Computing Cluster Under Attack: The Titan Incident
      • Case Study 2 – Data Breach at Equifax
    • Participation
    • Team Project
  • Harvard Coursepack

Boyle and Panko Chapter 7 Host Hardening

March 13, 2024 by David Lanter 23 Comments

Filed Under: 09 - Host Hardening Tagged With:

Reader Interactions

Comments

  1. Jon Stillwagon says

    March 16, 2024 at 1:23 pm

    In this chapter host hardening is a variety of things that will be used to protect the host from attacks and there are a number of protections someone can use on the host. The number of defensive measures someone can use on your host machine to protect it from attacks are backing up the host regularly. You can even install secure configuration options to the operating system which is changing all the default passwords to stronger and more effective passwords. One other protection that is used on the host machine is by minimizing the number of applications and operating services which will reduce the attack surface on the host.

    Log in to Reply
    • Yannick Rugamba says

      March 18, 2024 at 7:55 pm

      Hey Jon you make good points. To add to that – the chapter really stresses minimizing the attack surface by disabling/removing any unnecessary apps, services and protocols from servers after hardening. Every extra component left enabled is another potential vector for attack. Pruning lean is key.

      Log in to Reply
    • Celinemary Turner says

      March 18, 2024 at 8:24 pm

      Hi Jon ,
      Several defensive measures you mentioned are essential in hardening a host machine and reducing its attack vulnerability. Implementing these protections limits an attacker’s potential entry points, making it more difficult to compromise the system.

      Log in to Reply
    • Ooreofeoluwa Koyejo says

      March 20, 2024 at 12:04 am

      In addition to these good points, it is important to apply secure configurations and controls according to the security categorization of the host/asset. For assets that host critical data, defence in depth would be a principle to guide the implementation of security controls.

      Log in to Reply
  2. Ooreofeoluwa Koyejo says

    March 17, 2024 at 12:32 am

    Patching is the process involved in applying security fixes to the vulnerabilities identified on servers and computing devices. While it is beneficial to address weaknesses identified in servers, the process from identification to resolution also has some challenges such as
    1. The number of patches to be applied: the changing nature of technology leads to rapid development and versions of software which introduces new weakness that requires patching.
    2. Cost of patch installation: while patches are made available freely by the software vendors, the operational cost of installing patches can be high for the technical operations team.
    3. Prioritizing patches: this requires risk analysis based on the cost and nature of the assets to which the patches need to be applied to.
    4. Patch installation risks: applying patches can impact operational efficiency, freezing the machines due to the changes and data resident on the servers.

    Log in to Reply
    • Celinemary Turner says

      March 18, 2024 at 8:31 pm

      Yes, Oore, the challenges you highlighted associated with patching underscore the complexity and importance of effective patch management. It requires a strategic approach to ensure timely and efficient application of security fixes while minimizing disruptions and ensuring business continuity.

      Log in to Reply
    • Eyup Aslanbay says

      March 19, 2024 at 10:50 pm

      You’ve neatly captured the main challenges of patching, from managing numerous updates and associated costs to prioritizing and handling risks. This shows a deep understanding of an essential cybersecurity process.

      Log in to Reply
      • Ooreofeoluwa Koyejo says

        March 20, 2024 at 12:06 am

        The risk assessment process shows us how to go from the known to the unknown by identifying vulnerabilities and threats to determine the impact level of any occurrence. With this information, security professionals can make guided judgments that are implemented for the protection of those assets.

        Log in to Reply
  3. Yannick Rugamba says

    March 17, 2024 at 5:25 pm

    Hardening hosts (servers, PCs, mobile devices, etc.) is crucial because even if firewalls and other network defenses stop most attacks, some attacks will inevitably reach the hosts. The chapter outlined many important elements of host hardening like secure configuration, minimizing applications and services, patching vulnerabilities, managing users/groups and permissions, encryption, host firewalls, logging, and vulnerability scanning. Consistent application of security baselines and use of pre-hardened disk images can help ensure hosts are properly locked down against threats.

    Log in to Reply
    • Jon Stillwagon says

      March 17, 2024 at 9:03 pm

      Yes, hardening the host can be beneficial because like you said if all else fails you can harden the host. Even if they don’t reach all the way to the host but you are monitoring the malwares progress hardening the host could be the best move right way for example like worms before they even reach the system.

      Log in to Reply
  4. Edge Kroll says

    March 17, 2024 at 7:23 pm

    Host hardening involves fortifying any device with an IP address to mitigate various forms of attacks. A significant advantage of the host hardening process within a virtualization environment is the ability for system administrators to establish a unified security baseline for each server or remote client within the organization. By cloning a hardened virtual machine, the likelihood of incorrectly configuring a server is minimized, reducing configuration time and eliminating the necessity to install applications, patches, or service packs separately.

    Log in to Reply
    • Jon Stillwagon says

      March 17, 2024 at 9:18 pm

      yes all those protections help and even back ups can help significantly from stuff like ransomware. Where everyone got targeted but one system that hasn’t been fully affected can still be saved from a back up.

      Log in to Reply
    • Celinemary Turner says

      March 18, 2024 at 8:40 pm

      Yes, Cloning a hardened virtual machine enables administrators to replicate a secure configuration across multiple devices, ensuring consistency and reducing the attack surface.

      Log in to Reply
    • Eyup Aslanbay says

      March 19, 2024 at 10:50 pm

      Host hardening in a virtualization environment clearly shows how cloning a hardened virtual machine can streamline security and reduce configuration errors.

      Log in to Reply
  5. Eyup Aslanbay says

    March 17, 2024 at 7:44 pm

    This chapter focuses on strengthening host security. It covers key strategies like backups, vulnerability assessments, log monitoring, encryption, managing users, and limiting applications and physical access. A critical aspect of this protection strategy is the management and application of patches. While patches are essential for safeguarding hosts against emerging vulnerabilities, they can sometimes lead to certain drawbacks. Implementing patches may, at times, limit functionality and require significant time and resources.

    Log in to Reply
    • Jon Stillwagon says

      March 17, 2024 at 9:25 pm

      I didn’t think about the drawbacks for some of the hardening practices that can be used on the host machine. It makes sense that sometimes there are downtimes of several ours on systems which is reason why they are taking so long is because they are implementing patches or other hardening techniques.

      Log in to Reply
      • Eyup Aslanbay says

        March 18, 2024 at 10:03 pm

        Absolutely, I didn’t know until Chapter 7.2 that they mentioned some risks associated with installing patches

        Log in to Reply
        • Eyup Aslanbay says

          March 18, 2024 at 10:37 pm

          *7.3.4

          Log in to Reply
  6. Celinemary Turner says

    March 17, 2024 at 8:17 pm

    One key point I took away from this chapter is that many different aspects of host hardening must all come together to form an optimally hardened network. This multitude of aspects includes but is not limited to group policy objects being in alignment with written network policies, having adequately configured and active antivirus / anti-malware software on all hosts, systematically pushing out software updates to all hosts, having a complete inventory of network resources, hardening enabled and active services on all systems, systematically auditing the network and systems, and more.
    Auditing of network and systems. It is penetration testing, which is crucial to refining system hardening because it may discover some outliers that network admins overlook during an already long and exhausting system hardening experience. This can include endpoints and software that are not inventoried, software updates that are neglected, and more.

    Log in to Reply
    • Bo Wang says

      March 19, 2024 at 9:03 pm

      There is also a situation where a supplier suspends an update of a system and replaces it with a completely new one.

      Log in to Reply
    • Edge Kroll says

      March 19, 2024 at 11:26 pm

      Hi celinemary,

      The emphasis on auditing, particularly through penetration testing, is crucial in refining system hardening efforts. Penetration testing serves as a vital tool in uncovering vulnerabilities and weaknesses that might have been overlooked during the hardening process. These could include endpoints and software that were not properly inventoried, neglected software updates, misconfigurations, or other gaps in security measures.

      Log in to Reply
  7. Bo Wang says

    March 17, 2024 at 9:34 pm

    Firms recognize the challenge of managing complex security measures and thus rely on standard security baselines. These baselines consist of specific actions to enhance security across various types and versions of operating systems, as well as for servers with different functions like webservers and email servers. Similar to pilot checklists for aircraft, these baselines help prevent oversights. Some companies take additional steps by creating thoroughly tested secure software installations and saving them as disk images. This enables future installations to be based on these reliable configurations.

    Log in to Reply
    • Edge Kroll says

      March 19, 2024 at 11:27 pm

      Hi Bo,

      I agree with your post, by establishing specific actions tailored to different types and versions of operating systems, as well as servers with varying functions such as webservers and email servers, organizations can streamline the process of hardening their systems. These baselines serve as a foundational framework upon which organizations can build their security strategies, ensuring a robust defense against a wide range of threats.

      Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • 01 – Introduction (1)
  • 01 – Threat Environment (3)
  • 02 – System Security Plan (6)
  • 03 – Planning and Policy (7)
  • 04 – Cryptography (4)
  • 05 – Secure Networks (7)
  • 06 – Firewalls (5)
  • 08 – Access Control (7)
  • 09 – Host Hardening (5)
  • 10 – Application Security (6)
  • 11 – Data Protection (4)
  • 12 – Incident and Disaster Response (5)

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in