What is Hardening - Systems
Operating systems contain a vast number of settings, features and options. If these are set incorrectly it can lead to attack and compromise. Hardening the system involves changing settings to help ensure the system is secure.
Default settings are often "open", "insecure" or "off". Security standards must be defined and implemented for all hosts. These vary from one platform to another - for example, NT4, Windows 2000, Unix, HPUX, AIX and Solaris.
Settings will also vary according to the role of the server e.g.: Domain Controller, File/print server, Web server.
Systems should be regularly audited against the intended/documented configuration, and you should consider automating the implementation/auditing process. This can be done by using a "golden CD", by implementing group policies under Win 2K, or by using a third party security audit tool.
© Crown Copyright. Material taken from the DTI - Department for Trade and Industry. Reproduced under the terms and conditions of the Click-Use Licence.