Langsung ke konten utama

Hardening Host

HARDENING HOST
Farah Hanin Nafisah / 2103161013

a.      Definition of hardening and hardening host
Definition of "hardening" in general means doing the hardening process of a soft layer. So, the layer becomes stronger and more resistant of damage. In computing, hardening usually defines as the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions. In principle a single-function system is more secure than a multipurpose one. Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services.
This principle is also used to implement hardening host that affect host security. Hardening host is a procedure that minimizes the threat that comes with setting configuration ,and deactivating applications and services that are not needed. Hardening host provides a variety of safeguards in computer systems.This protection is provided in various layers, called "coated defense". The layers are the OSI layers such as application, transport, physical etc.

b.      Purpose and function of hardening host
The purpose of Hardening Host is to eliminate the risk of threats that can occur on the computer, this is usually done by deleting all programs or files that are not needed.
The function of "hardening host" process is to increase the level of security on the host.

c.       Elements of Hardening Host
The following are elements of Hardening Host
1.      Security Policy

Security Policy is divided into various fields based on its use, the fields includes:
a. Policy on computer usage
b. Cannot lend an account to someone else.
c. It is not allowed to take / put files from office computers, etc.
d. Policy usage of program installation
e. Can not install the program without the permission of the IT staff
f. Cannot install illegal programs, etc.
g. Policy on Internet usage
h. Not allowed to use the internet for carding, hacking d
i. Not allowed to use the internet to access sites that have the potential to spread viruses, etc.
j. Policy for using Email
k. You may not use office e-mail for mailing list activities, etc.

2.      Cryptography

Cryptography (cryptography) is the science and art of storing a message safely
a. Encryption and Decryption
b. Symetric Cryptography
c. Asymetric Cryptography

3.      Firewall

Firewalls are composed of rules that are set both for hardware, software and  its system .This has a purpose to protect computers in the network, either by filtering, limiting or rejecting a connection request from services outside the network such as the internet.

4.      IDS (Intrusion Detection System)

One common way of automating surveillance infiltration is to use IDS. IDS will detect the type of attack from "signature" or "pattern" on network activity. It can even block suspicious traffic.

5.      Backup
Backup is the process of making backup data by copying or archiving computer data ,so the data can be reused if there is damage or loss.

Backup has two purposes. The main purpose is to restore data if the data is lost, either because it is erased or because it is corrupted. The second goal is to return the data to a certain point in the past. Because of its function, the backup process requires the user to duplicate data, which ultimately depletes the capacity of the storage media. This prompted the discovery of technologies to streamline backup data storage, such as deduplication and compression.

6.      Audit System

Audit System is form of supervision and control of information technology infrastructure as a whole. This information technology audit can work together with financial audits and internal audits, or with other similar monitoring and evaluation activities.

7.      Digital forensics

Digital forensics deals with:
a. Check the active connection
b. Checking listening ports after an incident
c. Check the active process after the incident
d. Checking the logged user log
e. Check the log system
f Checking access log services, etc.


d.      Basics in Strengthening Hardening Host
1.      Encryption / Description

Encryption technology is one mechanism to improve security. Your sending data is modified ,so it is not easily to tap. Many services on the Internet still use "plain text" for authentication, such as using a userid and password pair. This information can be seen easily by tapping programs or sniffers. Examples of services using plain text include: remote access using telnet and rlogin, file transfer using FTP ,Email access via POP3 and IMAP4 ,sending email via SMTP ,and web access via HTTP .

2.      Firewall

Computers and networks that connected to the internet are need to be protected from attacks. A firewall is a fairly efficient way to do it. In general, the firewall will separate the public network and private network. The firewall works by observing the IP (Internet Protocol) packet that passes through it. Based on the configuration of the firewall, access can be arranged based on the IP address, port, and direction of information. Details of the configuration depend on each firewall.

3.      Logs

A system administrator must see the log of the system from time to time. By looking at the log, the system administrator can see the activities that occur and most likely can anticipate ,if some suspicious activities occur.

4.      IDS (Intrusion Detection System)

One common way of automating surveillance infiltration is to use IDS. IDS will detect the type of attack from "signature" or "pattern" on network activity. It can even block suspicious traffic.

IDS can be computer-based or host-based IDS. On a computer network-based IDS, IDS will receive a copy of the packet aimed at a host to then check the packages. If it turns out that a dangerous package is found, the IDS will warn the system manager. Because the package being checked is only a copy of the original package, then even if a malicious package is found, the packet will still reach the host it is destroying.

5.      Intrusion Prevention System (IPS)

Intrusion Prevention System (IPS) is a system that is widely used to detect and protect a security system from attacks by outside and inside parties.

An IPS is more active than an IDS. Working with a firewall, an IPS can give a decision whether a package can be accepted or not by the system. If IPS finds that the packet being sent is a malicious package, then IPS will notify the system firewall to reject the data packet.

6.      Honeypot

"HoneyPot" is a "feed" server which is a distraction. The purpose of the honeypot is they don't run services like most servers ,but pretend to run them ,so they allow intruders to think that they really are the real "server". Honeypot is also useful to see techniques that used by intruders .

7.      Configuration

As discussed earlier, a careful configuration will help you to withstand the possibility of an attack. Most of the cases of web defacement occur due to a misconfiguration that causes third parties to take advantage of this error.

8.      Anti Virus

Anti-virus is software to deal with viruses that attack the security of computer network systems.


e.       Chart of Hardening Host



INFORMATION :
a. Admin performs configuration or settings on the server.
b. The admin also performs digital forensics on the server to check access logs.
c. Admin checks logs through the server, logs contain various information history of network activity
d. The honey pot is a duplicate of the original server that lets hackers enter, so the way hackers attack the network can be known.
e. On the server a firewall has been installed to protect various network attacks from outside the network such as viruses, worms, trojans, malicious programs and filter incoming internet access ... firewall is only installed on the server, because if the server is protected it means that the client is protected, this is because of access from the client is given by the server itself
f. Admin through the server running ids, ids will automatically monitor every activity in the network and block data traffic in the event of an attack or access to it.
g. Admin via server sends messages / files by cryptography so that the files are kept confidential to the client.
h. All users in the network must comply with the security policy or rules of use that have been made.

f.       Software Used to Strengthening Hardening Host
1.        Batille Linux
Bastille's hardening program locks the OS, actively configures the system to improve security and reduce its vulnerability. Bastille supports Red Hat (Fedora Core, Enterprise, and Numbered / Classic), SUSE, Debian, Gentoo, and Mandrake with HPUX.

Users / administrators are allowed to choose how to do hardening on the OS. In the default hardening setting, Bastille will ask if the user has a question.

2.        JASS for Solaris systems
The SolarisTM Security Toolkit, also known as the JumpStartTM Architecture and Security Scripts (JASS) toolkit, provides flexible and flexible mechanisms to minimize, harden, and secure Solaris Operating Environment systems.

3.        Syhunt Apache / PHP Hardener
Syhunt Apache / PHP Hardener is used to evaluate security threats and identify appropriate countermeasures at the web server configuration stage, thus providing extra protection against web hacking and is the highest level of application security.

g.      How to Work Hardening Host
1.      Penetration System
System Penetration is a method for evaluating the security of a computer or network system by simulating possible attacks from irresponsible parties.
2.      Patching
Patch is making improvements to existing security holes. This is done by detecting existing damage and then making repairs.

h.      How to Strengthen Hardening Host
1.      Create a non-root user
2.      Add non-root to the sudoers group
3.      Add public SSH key to non-root user
4.      Deny all inbound trafic with ufw firewall
5.      Open required ports withing the ufw firewall
6.      Update SSH config – Password less login
7.      Update SSH config – Disable root login
8.      Update SSH config – Change SSH port
9.      Unattended upgrades
10.  Postfix for emails
11.  Logswatch to send daily summary emails
12.  Fail2ban
13.  Set the timezone to UTC and install NTP
14.  Secure shared memory
15.  Add a security login banner
16.  Harden the networking layer
17.  Prevent IP spoofing


i.        Example of hardening host
The example of hardening host are Installing a firewall, installing antivirus, deleting cookies, creating passwords, and deleting unnecessary programs.


Link praktikum Hardening Host :

 Praktikum Hardening Host

Komentar

Posting Komentar

Postingan populer dari blog ini

galeri dynamic 2016 (6)

Posting Komentar
Baca selengkapnya

Firewall

Nama    : Farah Hanin Nafisah NRP     : 2103161013 Kelas    : 3 D3 IT A FIREWALL A.     PENGERTIAN Firewall adalah suatu perangkat software atau hardware, atau kombinasi antara software dan hardware, yang bertugas menyaring paket-paket yang lewat sesuai dengan aturan yang dimilikinya. Selain itu, firewall juga mencegah akses yang tidak memiliki kuasa atau dari jaringan pribadi. B.      PRINSIP Prinsip mekanisme dari firewall adalah memblok lalu lintas, lalu mengijinkan lalu lintas jaringan. Firewall dapat melindungi jaringan dari serangan pihak luar. Namun, tidak bisa melindungi serangan luar yang tidak melalui firewall, dan dari serangan seseorang yang ada di dalam jaringan kita. C.     PEMASANGAN Firewall dipasang di titik persimpangan, atau pintu masuk antara dua jaringan, yaitu jaringan pribadi dan jaringan publik seperti internet, dan antara jaringan pribadi dengan jarin...
Posting Komentar
Baca selengkapnya

Artikel dynamic 2016 (2)

Kali ini,aku bakal ngeposting tentang kesan pesanku selama ngelakuin kegiatan dyamic hari selasa tgl 20 september 2016 sama hari jumat 23 september 2016. Pada hari selasa kemaren,acara dynamicnya seru banget.Materinya keren banget soalnya ada materi tentang kewirausahaan dan aku tertarik banget sama materinya.Kita diminta untuk maju kedepan apabila diantara kita ada yang sudah menghasilkan uang lewat blog atau web.Dan siapa yang bisa menjadi seorang marketing.Sehingga dari situ kita bisa mengetahui siapa saja yang bisa kita ajak kerajasama.Dan dari situ kita dapet hal penting yaitu jika ada peluang,maka ambillah .Selain tentang kewirausahaan,kita juga diberi materi tentang pkm.Pematerinya itu mbak berlian.Dia sering mengikuti lomba dan udah menangin pkm.Mbak ber hebat banget.Dia memotivasi kita buat ikut pkm juga. Pada hari jumat,acara dynamic juga gak kalah seru.Di hari itu,kita ditunjukin berbagai macam komunitas di IT.ada android,weddev,gamekita,osc,sama itp.Setiap komunitas...
Posting Komentar
Baca selengkapnya