Buy custom Server Security essay
Most servers operate on general-purpose OS which has several security issues which can be avoided by appropriate configuration of OSs underlying the servers. After planning and deploying OS installation, some processes are carried out to improve system security. This paper explains how generic security measures for most OSs improve system security as discussed below.
Hardening and configuring the operating system.
Hardening refers to the process of securing the OS by reducing surface vulnerability.
This means disabling unnecessary functions in a system. Hardening is done by removing or disabling unnecessary services, applications, and protocols. This done to ensure that the server is dedicated to a single purpose only and this enhances security in the following ways.
Most attackers use other computer services to attack the host or impair the server. Each service is an avenue for compromise and the more the services the larger the surface vulnerability. Hence, less services means more secure. Some services may either be impaired or incompatible with the server. They may cause the server to have attack loopholes. Hence, disabling or removing them eliminates risk of having loopholes and also improves server efficiency. The host could be configured to suit the requirements of a given service. Such a service on the system may require either different hardware or software configuration. This could negatively affect system performance and also cause vulnerability. Reducing services reduces log entries hence it becomes easier to detect unexpected behaviors (NIST, 2008).
Configuring users, groups and permissions
The server administrator configures the operating system so that it can authenticate users. The system prompts the user to provide proof that he/she is authorized for such access. The administrator creates user groups and user accounts and assigning them passwords. The process also involves disabling or removal of unneeded default accounts such as guest accounts, root level accounts and so on. Attackers use these accounts because their names and passwords are known to them. Hence, disabling or removing them eliminates the attack avenue. Configuring computer to prevent guessing is another important aspect (NIST, 2008). Some attackers use automated software tools to guess passwords. This is achieved by ether limiting the number of log in attempts so that the account blocks after a given failed trials or setting some minutes of inactive between failed login and next login trial. This should discourage attackers from password guess.
Configure resource controls
This is used to reduce intentional and unintentional security bleaches. They include specification of access privileges for individual files, directories, and devices and other computational resources, as well as, limiting execution privileges for system related tools. Denying read or writes privilege may help protect data confidentiality and integrity respectively. Users may execute system related tools and reconfigure them and render the system vulnerable to attack (NIST, 2008).
Get a Price Quote:
Install and configure additional security controls, such as anti-virus, host-based firewalls and IDS, if needed
Additional software is installed, configures and maintained to complement security controls absent in the OSs. They include anti-malware which detect and eradicate malwares, house-hold intrusion detection and prevention software (IDPS) which detect attacks against the server by checking file integrity and changes to critical files. Then there is host based firewall which protects the server from unauthorized access. Other methods include disk encryption technologies which either hide information or make it unusable to attackers.
Test the security of the basic operating system to ensure that the steps taken adequately address its security needs Justify each of these steps
This refers to periodical security testing. It is aimed at identifying vulnerabilities and ascertaining security controls are properly configured. Methods such as vulnerability scanning and penetration testing are used. Vulnerability scanner uses automated vulnerability scanner to detect vulnerabilities. This is done at least weekly or monthly to ensure potential vulnerabilities are detected and fixed quickly. Penetration testing is done annually and involves checking for system weakest points and fixing them accordingly (NIST, 2008).
Buy custom Server Security essay