WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Like this CertiGuide? Get it in PDF format!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Need more practice? 300 additional Security+ questions!
Get It Here!

Google
Web CertiGuide






Table Of Contents  CertiGuide to Security+
 9  Chapter 3:  Infrastructure Security (Domain 3.0; 20%)
      9  3.5  Security Baselines
           9  3.5.1  OS/NOS Hardening

Previous Topic/Section
3.5.1  OS/NOS Hardening
Previous Page
Pages in Current Topic/Section
1
2
34
Next Page
 3.5.1.1  File System
Next Topic/Section

Some Areas to Look At When Hardening an OS
(Page 2 of 4)

Installed Options



Operating systems typically don’t come in just one configuration. Rather, at installation time, you can select from a wide variety of installation options to customize the OS to your particular needs. The more components that are installed on an OS, the more possible targets there are for intruders to exploit. In the past, most OS’s defaulted to installing any option a user might possibly want, to make it easy for naïve users who “just took the defaults” to access these OS features.

In recent years, the pendulum has swung back the other way, favoring security over ease of installation and variety of features, and vendors are now thinking carefully about security implications before installing an option by default. The next version of Windows, .NET Server, includes a limited set of features in its default installation. And some Linux distributions don’t even include an FTP server by default – quite a surprise to those who consider UNIX to be the quintessential “Internet OS”.

Gotcha!

Do you just “take the defaults” when installing an OS? If so… do you know what those defaults install and what they don’t? If you don’t know, consider finding a spare machine and performing an install of an OS used in your environment, and review the list of options it installs, with an eye toward discovering ones you can eliminate.



Previous Topic/Section
3.5.1  OS/NOS Hardening
Previous Page
Pages in Current Topic/Section
1
2
34
Next Page
 3.5.1.1  File System
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.