System Hardening

System hardening is a term used frequently. But what does it exactly mean and are you doing it right?

In simple terms, any system or device out of the box comes with all its bells and whistles belling and whistling. Which is great if you’re going to use it to backup your holiday pictures at home. But if it’s going to be deployed as part of your critical infrastructure, you need to harden it up a bit. Think of it like a Rocky montage to get it into shape.

When it’s been hardened, all unnecessary bells and whistles are turned off, disabled or simply ripped out. Leaving only the bare minimum needed to run the service. This leaves a much smaller surface to attack. A bit like how a boxer will turn sideways, tuck their chin in and keep their hands up to make it harder for their opponent to hit the smaller target. Of course, you could end up turning off everything. In which case you will be left with a perfectly secure, yet somewhat unusable system.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s