CompTIA® Network+ Exam Notes : Network Device Hardening

4. Network Security

4.5 Network device hardening

There are three basic ways of hardening.

1. Operating system hardening: Here the operating system is hardened (making tough to intrude). Few points that would help in hardening an operating system:

  • Changing default administrator account names, and passwords
  • Using file access and user access permissions
  • Applying any OS hot fixes as and when they are available

2. Network hardening: This involve the following

  • Restricting access to network shares
  • Disabling/removing protocols and services that are not required.
  • Applying Firewalls such as CheckPoint FireWall or NAT (Network Address Translation)
  • Restricting wireless access where it may lead to vulnerability

3. Application Hardening: Applications such as DNS servers, Web server, Mail servers, File and print servers can be hardened by the following means:

  • Applying latest patches and hotfixes
  • Installing anti-virus software where applicable, such as mail server
  • Changing the default user names and passwords that the applications use.

All Microsoft Windows operating systems Windows 95 and above contain built in support for File and Printer Sharing. This networking feature is useful on home networks but can be a security concern on public networks. It is preferred to disable this feature if connected to the Internet.

Disabling Unused ports: Disable Unused Ports. A simple method that many administrators use to help secure the network from unauthorized access is to disable all unused ports on a switch. For example, if a Catalyst 2960 switch has 24 ports and there are three Fast Ethernet connections in use, it is good practice to disable the 21 unused ports.

Previous   Contents   Next


Network+ Cram Notes Contents certexams.com ad