IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [hardening]

the process of tightening security on a system.

By shoring up our defenses we hope to prevent unauthorized access and maintain one or more of The 5 Pillars. When we speak of "hardening" something we are often referring to the process of tightening security on a system by way of editing configurations. It can, however, also involve spreading out and practicing good Defense in Depth.

279 questions
8
votes
1 answer

Why does checksec.sh highlight rpath and runpath as security issues?

The tool checksec.sh is used to examine compile time hardening options such as NX, RELRO, PIE and so on. It also reports if the binary has RPATH or RUNPATH set, using the following logic: These are flagged as red when present. What is the security…
Cybergibbons
  • 1,251
  • 2
  • 9
  • 21
5
votes
2 answers

How to harden my Buffalo LinkStation Pro?

The Buffalo LinkStation Pro Duo that we use can be pretty easily hacked into. The good thing about this is that this NAS runs Linux and can therby be improved in features, e.g. running an NFS or LDAP service as well. The bad thing is, anyone with…
Tobias Kienzler
  • 7,868
  • 11
  • 44
  • 71
5
votes
1 answer

Hardening a Chromebook

I have a Chromebook I routinely use for things like e-banking and other things where a security breach would be catastrophic. I've read it is a very secure OS by nature due to its small surface area for attacks. That said, are there any steps I…
mercurial
  • 908
  • 1
  • 9
  • 17
4
votes
2 answers

Read-Only Hard Drives

Has anyone come across a 2.5 SSD or HDD that has a physical read-only switch similar to this? Or an enclosure that can render a hard drive read only?
P0LYmath
  • 309
  • 3
  • 11
4
votes
2 answers

Mainframe security

I am new to mainframe security testing practice. So far I have read a few articles on that even security of mainframe can be compromised. I would like to know if there are any such checklists that the security tester follow while testing a…
user3349548
  • 43
  • 2
2
votes
0 answers

Hardening evaluation of shared objects files

In order to evaluate if security mechanisms are applied on binary files during compilation I usually use the checksec tool. My question is: if I want to check an .so file, which checksec's fields should I consider? I'll try to explain me better. I'm…
andrew
  • 41
  • 2
2
votes
2 answers

Hardening a perimeter router

What are some of the steps that could be taken to harden a perimeter (internet facing) router from attacks by potentially malicious users?
user10211
2
votes
2 answers

What's the distinction between a missed hardening opportunity and security flaw?

It's my understanding that a missed hardening opportunity is less important to be fixed than a security flaw, but what criteria does one use to decide what to classify something that is wrong with a secure system?
sethmlarson
  • 1,517
  • 11
  • 18
1
vote
2 answers

Hardening network infrastrucure?

I would like to know, what are the best hardening methodologies, procedures, and books to use when hardening your network? Especially for the following: Windows /Linux Server SQL server Microsoft Information Services (IIS)
P3nT3ster
  • 867
  • 8
  • 10
1
vote
0 answers

Scanner to assess hardening of IT System (Network and compute servers)

Does Symantec Compliance Control Suite helps scanning the servers (windows, Unix), network routers and switches for system hardening of the devices? I believe the typical vulnerability scanners (example McAfee Vulnerability Manager) are only good…
Rans
  • 11
  • 1