Securing a Host Computer BY STEPHEN GOSNER

Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include  Servers  Clients(including mobile phones)  Routers(including home access routers)  Firewalls  Securing a Host  Numerous protective measures

Securing a Host  Host Hardening -The process of protecting a host against attacks.  Not consisted of a single protection  Consists of a number of protections that often have little in common with each other.  Protections include:  Back up the host regularly **(High Priority)  Restrict physical access to the host.  Encrypt data if appropriate.

Securing a Host  Host Protections cont. :  Install the operating system with secure configuration options.  Replace all default passwords with strong passwords.  Install and configure a host firewall.  Install and maintain patches for known operating system vulnerabilities.  Manage users and groups along with their access permissions.  Install and maintain an antivirus protection software.

Operating Systems  With built-in security features, operating systems play a key role in Host Security.  Operating systems allow you to create and set passwords for user accounts.  The operating system has a system administrator account that a user/owner can use to manage access permissions, passwords, and security features to help secure the computer system.  Different operating systems provide different tools and interfaces, each with their own pros and cons.

Operating Systems  Microsoft’s server operating system  Windows Server  Early versions, such as Windows Server NT had poor security.  Later versions, such as Windows Server 2008, are much more secure.  Pros:  Makes the installation of patches very simple, as they are usually automatic.  Includes server software firewalls, the ability to encrypt data, and much more.  Minimizes the number of running applications and utilities.

Operating Systems Windows Server:  Cons:  Windows systems are the most attacked systems on the internet.  It is important that system and application updates are done regularly before connecting to the internet.  It is also important to configure a current antivirus protection software with all Windows systems due to its high attack rate.

Operating Systems  Unix Servers:  Unix is a popular operating system for the largest servers.  Broad functionality  High reliability  Unix is not a single operating system, but contains many different versions.  Generally run the same applications.  Compatible with other versions in the kernel(core part) of the operating system.

Operating Systems Linux: ◦The most popular version of Unix, for PC’s. ◦Desirable because it’s free. ◦A single copy of Linux may be installable on multiple servers. ◦Linux contains only the kernel of Unix, and packaged with many other programs. Cons: ◦May require more labor to administer. ◦The many different versions make this operating system difficult to harden.

Operating Systems  Key Procedures when configuring Windows and LINUX Server’s  Disable the guest account.  Configure an update method to install and update patches regularly.  Disable any unused or unwanted services.  Verify appropriate local security settings.  Ensure that the Windows Firewall is on and the settings are configured.  Choose strong passwords for any and all accounts associated with Administrator privileges.

Vulnerabilities and Patches  Vulnerabilities:  Security weaknesses that open a program to attack.  Vulnerability finders search for these weaknesses in order to create fixes.  Occasionally vulnerability information is leaked and exploit programs are created to take advantage of it.  Testing  Attempts to find any weaknesses in a firm’s protection suite befor hackers do.  Fixes  Work-Arounds  Series of manual steps the systems administrator must take to fix the problem.

Vulnerabilities and Patches  Patches  Small program that fixes a particular vulnerability  Service Packs  Vulnerability fixes and sometimes functionality improvements combined into a single large update.  Version Upgrades  Software upgrade to newer version  Often fixes vulnerabilities and contains improved security features.

Firewalls  Firewall  Provides protection against outside attackers by controlling the network traffic.  Two major forms of firewalls  Hardware- aka network firewalls  Software- typically built within OS  Hardware firewalls are separate devices that run on their own operating system  Software firewalls are built within your OS which give added security, but not as effective as hardware firewalls.  Hardware firewalls are more costly.

Antivirus  Antivirus and Spyware Software  Computer software used to prevent, detect, and remove malicious software.  Originally developed to detect and remove computer viruses.  Modern antivirus software is able to protect your computer from Browser Helper Objects, browser hijackers, ransomware, keyloggers, backdoors, rootkits, Trojan horses, worms, and much more.  Should be turned on at all times, especially when connected to the Internet.  Should be updated and ran daily for best overall performance.  Subscription should also be renewed yearly for new virus, spyware, and malware protections.

Conclusion In conclusion, there are many different strategies to securing a host computer. There is no one-answer, and all necessary precautions should be taken to ensure overall protection. While there is no guarantee to prevent your computer from being attacked, these strategies can and should be taken to ensure the security of a host computer.