Generic Hardening

Download document-> Generic Hardening doc

Hardening:

Hardening is the process of securely deploying systems with the practice of ‘least privilege’. Hardening includes:

  • Understanding what you actually need to run on the system
  • Documentation (Policy, Standards & Guidelines)
  • Operating systems
  • Virtual servers
  • Coding
  • Application settings
  • Database setup & configuration
  • Network devices
  • Portable device

Platform hardening:

Platforms are depended upon to deliver data in a secure, reliable fashion. There must be assurance that data integrity, confidentiality and availability are maintained. One of the required steps to attain this assurance is to ensure that the platforms are installed and maintained in a way that prevents unauthorized access, unauthorized use, and disruptions in service

DEFINITIONS

  • Hardened System
    • (H) Is the final state we are trying to achieve
  • Baseline OS Hardening
    • (Bos) Is the Baseline Operating System hardening
  • Application / System Function Hardening
    • (Af) Is any hardening of applications that may reside on top of the operating system, such as Apache, IIS, Oracle or specific functions, such as File/Print, DNS/DHCP, etc
  • Base Hardening
    • Base hardening = Baseline Operating System Hardening + Application or System Function hardening
    • (B) = (Bos) + (Af)
  • Custom Hardening
    • (C)Is any additional hardening applied to the system, such as’ Specialized Security Limited Functionality’ settings, DMZ settings, addition system service settings (KIOSK, Bastion Host, etc), custom OS specific security controls(TCPWrappers, Bastille, etc.)
  • Virtual System (Needs Host OS)
    • (C)Is the Virtual Machine hardening
  • Is the Virtual Machine hardening
    • (VOS) Is the Virtual Server hardening – VM Ware ESXi

Hardening Formula

Putting System Hardening into a mathematical formula:

H = Hardened System

B = Base Hardening

C = Custom Hardening

So…

H = B+C

Hardened System or Secure Deployment

Custom Hardening

Application / Function Hardening

Baseline OS Hardening

In the layered security

Hardened System or Secure Deployment

Baseline OS Hardening

Application / Function Hardening

Custom Hardening

Baseline OS Hardening

Virtual Server Hardening

Hardening Virtual Systems

For Virtual Operating System:

H = Hardened System

Vos = Virtual OS Hardening

B = Base Hardening

C = Custom Hardening

So…

H = Vos+B+C

Also stated as layered security:

Hardened System or Secure Deployment

Virtual OS Hardening

Custom Hardening

Application / Function Hardening

Baseline OS Hardening

Ubuntu 11.04 Alpha 1 x64 Vmware Image

My friend JD uploaded a Vmware image of Ubuntu 11.04 Alpha 1 so am sharing it here :

http://torrents.thepiratebay.org/6065851/Ubuntu_11.04_Alpha_1_x64_Vmware_Image.6065851.TPB.torrent

http://btjunkie.org/torrent/Ubuntu-11-04-Alpha-1-x64-Vmware-Image/44862a8395e727e933dfc80338afeb130f568876fc3b

 

Attributes : 

64 bits 

Gnome desktop

VMWare Image

Compressed size : 832 mb 

Actual size : 3.25 gb 

RAR compression in best mode (took about 20 mins to compress)

Fresh installation

USERNAME: user
PASSWORD: password

Ram 1GB

All other settings default

Installation with easy install, including vmware toolsBuilt on Vmware Workstation Windows 7.1.2 build-301548No software updates done.