There are three basic ways of hardening.
1. Operating system hardening: Here the operating system is hardened (making tough to intrude). Few points that would help in hardening an operating system:
2. Network hardening: This involve the following
3. Application Hardening: Applications such as DNS servers, Web server, Mail servers, File and print servers can be hardened by the following means:
All Microsoft Windows operating systems Windows 95 and above contain built in support for File and Printer Sharing. This networking feature is useful on home networks but can be a security concern on public networks. It is preferred to disable this feature if connected to the Internet.
Disabling Unused ports: Disable Unused Ports. A simple method that many administrators use to help secure the network from unauthorized access is to disable all unused ports on a switch. For example, if a Catalyst 2960 switch has 24 ports and there are three Fast Ethernet connections in use, it is good practice to disable the 21 unused ports.
Network hardening techniques:
Captive Portal: A captive portal is a Web page that the user of a public-access network is obligated to view and interact with before access is granted. Another way of describing a captive portal, is that a captive portal turns a Web browser into an authentication device. Schools, hospitals, and many different types of business enterprises use captive portal as a means for authenticating individual users on a wireless network. When a user connects to a wireless network and then opens their web browser, a specific page will appear asking the user for specific login information. When this is originally set up, usually there is an option to allow almost any user to instantly register with their own personal information (such as name, phone number, and email) or they must enter a specific login name and password
Port security: The purpose of port security is to prevent access to the LAN from un-authorized hosts. You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the workstations that are allowed to access the port. When you assign secure MAC addresses to a secure port, the port does not forward packets with source addresses outside the group of defined addresses. If you limit the number of secure MAC addresses to one and assign a single secure MAC address, the workstation attached to that port is assured the full bandwidth of the port.
Dynamic routing, also called adaptive routing, is a process where a router can forward data via a different route for a given destination based on the current conditions of the communication circuits within a system.
MAC Filtering: In computer networking, Media Access Control MAC Filtering (or EUI filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit address assigned to each network card is used to determine access to the network.
Network scan allows you to determine all active devices on your network.
Active vs Passive scanning: Active scanners directly interact with endpoints by querying them with test traffic packets and reviewing each response to find vulnerabilities. Active scanning is when the tool sends a ping to each device on the network and awaits a response. The scanner then looks at the responses it gets to see if there are inconsistencies or vulnerabilities. Passive scanners "silently" glean network data to detect weaknesses without actively interacting with endpoints.
Penetration testing: Penetration Testing also called pen testing is the practice of testing a computer system, network or Web application to find vulnerabilities that an attacker could exploit.
Examples of Penetration Testing Tools: There is a wide variety of tools that are used in penetration testing and the important tools are
1. NMap- This tool is used to do port scanning, OS identification, Trace the route and for Vulnerability scanning.
2. Nessus- This is traditional network-based vulnerabilities tool.
3. Pass-The-Hash - This tool is mainly used for password cracking.
4. Traceroute can be used in conjunction with nMap to find open ports.
DHCP snooping mitigates the security risks posed by denial-of-service from rogue DHCP servers, which disrupt networks as they compete with legitimate DHCP servers that configure hosts on the network for communication.
Network hardening: This involve the following
Spanning Tree Protocol (STP): STP is a Layer 2 protocol that runs on bridges and switches. The specification for STP is IEEE 802.1D. The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network. During the process of Spanning-Tree Algorithm execution, some redundant ports need to be blocked. This is required to avoid bridging loops.
VLAN hopping: VLAN hopping is a computer security exploit. Here the attacker is able to send traffic from one VLAN into another.
Port Mirroring: Port mirroring also known as SPAN (Switched Port Analyzer), is a method of monitoring network traffic. With port mirroring enabled, the switch sends a copy of all network packets seen on one port (or an entire VLAN) to another port, where the packet can be analyzed.
