In this chapter the authors present essential server security components and develop a set of logical steps to build hardened servers. The authors outline techniques to examine servers in both the Linux/ UNIX and the Windows Environment for security flaws from both the internal and external perspectives. Ultimately, the chapter builds a complete model which includes advice on tools, tactics, and techniques that system administrators can use to harden a server against compromise and attack.
Whether in an international firm with multiple server farms or a non-profit with one or two repurposed desktop workstations as servers, it is a common problem that a server is set up and simply left to run without ensuring security is maintained until new services must be added or a problem occurs.
Server compromise may certainly happen at the inception of the server deployment, but over time additional security flaws are typically uncovered and these revelations are extremely dangerous to established servers that systems administrators have not monitored and audited. On average over 80 attacks happen per day (Moitra & Konda, 2004) with some days (usually during a new virus outbreak) averaging in the thousands, so hardening a server against attacks is critical to protect an organization’s infrastructure and data.
Our discussion focuses on those systems offering external services because they are highly susceptible to compromise, often provide the point of entry for e-commerce transactions, and are typically mission critical systems for an organization. However, servers located on an organization’s intranet or a smaller local network can benefit from these approaches as well.
Throughout the discussion, we stress two general concepts that are important to “hardening” the servers in use: 1) monitoring the servers for security flaws, and 2) isolating the servers by task. Because one may approach this differently depending on the server’s software architecture, each of these tasks will be discussed in different frameworks—the Microsoft Server and the Linux/UNIX server.