Operating System Hardening Tips

 
 
By eweek  |  Posted 2002-03-25
 
 
 
Bullet-proof network operating systems dont exist, but there are some common-sense steps that IT managers can take to make the NOS a less-attractive target for mischief-makers (and worse).

  • Identify and remove unused applications and services. The fewer components intruders can get their hands on, the better off your networks will be.

  • Implement and enforce strong password policies. Remove or disable all unnecessary accounts. This includes immediately removing accounts when workers leave the company.

  • Limit the number of administrator accounts available, and make sure users and IT staff have only the privileges they need to do their jobs.

  • Set account lockout policies to discourage password cracking.

  • Remove unused file shares.

  • Keep an eye out for new security patches and hot fixes.

  • Log all user account and administrative task transactions. This is an extremely important step for forensics if your network OS does get hacked.

  • Beware of "social engineering" tactics. Make sure that no one gives out important security information such as administrator passwords without getting approval from managers.

  • Keep a secure backup solution handy to restore all systems in case of emergency.

    Also in this Special Report

  • Ignorance: The Hackers Best Friend
  • Security Roundtable
  • Here Be Dragons: Web Services Risks
  • Threats to Come
  • Trail of Destruction: The History of the Virus
  • Community Builds Security: Labs Answers Your Security Questions
  • WLAN Hardening Checklist
  • Application Hardening Checklist
  • Rocket Fuel