For a long time in Pandora FMS blog we have devoted ourselves to defining and shelling with elegance that extensive and convoluted glossary offered by technology terminology.
You know our saying: The key is to make an impression in technical talks with your boss!
Therefore, today we are going to choose a very trendy word in the meetings of executives in The City of London and in those among the new school of developers in Silicon Valley:
Big-boss-campaign!
Didn’t you know it? Seriously?
Well… yes, calm down, we’re kidding. As it says in the title and in the keyword, today we will delve into the explanation of the term “Hardening”. One of the most preppy words that our head of support Mario Pulido will help us dissect, also known over here as “The quiet man”.
Do you already know what hardening is and how it can help you?
Very good afternoon, Mario. We are sorry to unexpectedly enter your quarters here, but a doubt has suddenly come to us and our dear readers:
What is hardening?
Very good afternoon, Dimas! Don’t worry, you just caught me at my Zen tea break. So, no problem, I’ll fill you in!
In computing, hardening is a set of activities carried out by system administrators to shield systems as much as possible against the possible attacks they may receive.
I understand, but what kind of “activities” do you mean?
Ufff, there are many, I’ll improvise a list if you want me to.
Yes, sure, go ahead!
Take a look at this:
- Service deletion. Delete all services that won’t be used in the system. That way you avoid having some open door for attackers with default configurations that are always the most vulnerable.
- Updated software. It is very important for all applications being used in the system to be updated, as well as the security patches of the operating system itself. That way we’ll rule out the possibility of having a known and fixed vulnerability in our system and we will close that door to attackers.
- Protection against possible physical attacks. Disk Encryption, safe BIOS Configuration, Firmware update, disable auto logon, disable USB usage… Any blockage that you may activate in the face of the possibility of a physical attack is necessary.
- Active and updated security applications. Use of antivirus, anti-spam, firewall… Having a policy for the usage of this type of software and an automatic update system. Through the firewall it is necessary to keep all unnecessary accesses and ports closed.
- Use of encrypted data and disk encryption. It is important that whenever there is confidential information, there is encryption or an encryption policy of the means by which this information is sent or stored.
- Do not open mails from unreliable senders. It is essential to have an email server with spam blocking options and avoid opening attachments or mails from unknown senders to avoid possible attacks.
- Periodic system audits. All systems must be audited periodically to check for possible attacks, or attempted attacks, that may have taken place in our systems to, that way, take measures of higher securitization levels in environments that may suffer a higher number of attacks.
- Correct backup management and monitoring. It is essential to have full backup creation and management of all the most critical services in the organization, as well as their reliable monitoring so that, in the event of an attack or system degradation, you may recover a new instance as soon as possible with the backups saved.
- Monitoring important metrics for safety. Logs, accesses, number of connections, service load (CPU, Memory), disk growth. All these metrics and many more are important to find out if you are suffering an attack. Having them monitored and knowing them in real time can get you rid of many attacks or service degradations.
The use of inventory modules to monitor installed software, installed patches, users… gives us a detailed report of how our server park is, as well as through the inventory alerts themselves you may find out whether any user installed any software not allowed in the organization.
Yes, sir, there is work to be done. And what does Pandora FMS have to do with hardening?
In these last two points I mentioned to you is where Pandora FMS comes in. By monitoring all these metrics and the subsequent report generation you will have an overview of your systems and may identify, at a glance, systems with security issues.
Want to know more about how Pandora FMS can help you?
Dimas P.L., de la lejana y exótica Vega Baja, CasiMurcia, periodista, redactor, taumaturgo del contenido y campeón de espantar palomas en los parques. Actualmente resido en Madrid donde trabajo como paladín de la comunicación en Pandora FMS y periodista freelance cultural en cualquier medio que se ofrezca. También me vuelvo loco escribiendo y recitando por los círculos poéticos más profundos y oscuros de la ciudad.
Dimas P.L., from the distant and exotic Vega Baja, CasiMurcia, journalist, editor, thaumaturgist of content and champion of scaring pigeons in parks. I currently live in Madrid where I work as a communication champion in Pandora FMS and as a freelance cultural journalist in any media offered. I also go crazy writing and reciting in the deepest and darkest poetic circles of the city.
