Server Hardening – Linux

by May 30, 2018

Server Hardening – Linux

by May 30, 2018

 

In today’s IT era, faster technological advancements have given ways to increased security threats.  Security holds a major role in making the information systems efficient, which in turn determines today’s business success. So today, ensuring and maintaining information system security is the major responsibility of a competent technical support team.

Since servers are the major part of any computing system, ensuring server security holds the highest priority in maintaining information system security. We all know that server hardening is the process to enhance server security through a variety of advanced security measures.

Just like the meaning of the word ‘hardening’, server hardening means taking a ‘soft’ (meaning lesser in strength) material and making it ‘hard’ (meaning stronger, more resistant to damage, etc.). Hardening makes a server operating system more secure. Hardened servers are more resistant to security issues compared to the non-hardened ones.

Server hardening has gained more importance due to the following reasons :

  • Now, every computing system has been connected via the internet and as per available statistics, online attacks amount to thousands per hour.
  • Nowadays, many applications and system software have been designed to be used over the internet. This can deliver so many technological advancements, but with a highly increased security risk.

Like any other operating systems, the tips to follow on Linux Server Hardening are,

  1. Keep the operating system updated, especially security patch updates.
  2. Proper documentation – Documentation should be done with information like Name of the person who does hardening, Date, Machine details (Name, IP address, MAC address, Inventory number (the number given to the intended system by the owning organization)), etc..
  3. Securing the boot directory – In operating systems like Linux, Unix, etc., boot directory contains the files used in booting (the initial set of operations or boot sequences performed by a computer when it is switched on.) its operating system. In Linux, Linux kernel (the center of a computer operating system which provides basic services to all other parts of the operating system) resides in the boot directory. To ensure security, boot directory can be locked to read only permissions, so that it cannot be altered.
  4. Implement password policies & regulate password usage – Ensure strong passwords by putting rules for password creation, Make it a must to change default passwords, Change passwords on a regular basis and strictly avoid their reuse. Protect BIOS with a separate password, to keep it out from any changes.
  5. Have a proper disaster recovery plan – Backups have enormous value in the case of security risks / other disasters. For important systems/servers, backups can be stored in a different location. Backups need to be well-managed as well. Critical systems can be partitioned to be secure and to give performance even in the case of system errors.
  6. Adopt encryption to maintain confidentiality – Mostly, Linux will have the option to encrypt hardware before installation. This can protect in case of thefts by not allowing the data to be read in the case of installation on an outside machine. A software which can be used for encrypting Linux Hardware is TrueCrypt.
  7. Avoid / Minimize unnecessary software on the system – Check the installed packages on Linux OS and remove those which are unwanted. Servers should possess the least number of applications installed on them and this is very important while server hardening.
  8. Allow permissions based on system criticality – Based on how critical the intended system is in the business, permissions for various actions can be regulated (like not allowing USB sticks, etc.).
  9. Secure network and related parameters – Secure Linux host network activities. Use Linux Firewall by applying iptable rules to filter every incoming, outgoing as well as forwarded packets. SSH or Secure Socket Shell is a network protocol by which system administrators will be able to access a remote computer. Secure SSH using basic measures like changing the default SSH configuration, etc..
  10. Consider enabling SELinux – SELinux or Security Enhanced Linux is a security feature of Linux kernel, aimed to give protection against misconfiguration or compromised demons. SELinux define security policies. These policies can instruct & limit the actions and access of insecure server programs (or demons) and avoid risks. But because it can cause problems during web hosting, SELinux is not recommended in web hosting servers.

Mostly, Linux has been considered as highly secured, but this is a false assumption. This makes hardening a critical as well as an essential method to make Linux operating system robust against security threats.

Categories
Tags
May 2018
M T W T F S S
 123456
78910111213
14151617181920
21222324252627
28293031