API tools faq
paste
viprajput

G2 S17 Introduction to System Hardening

viprajput
Sep 22nd, 2019
78
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.32 KB | None | 0 0
raw download clone embed print report
  1. GRADE 2 SESSION 17
  2. ===================
  3.  
  4. Introduction to System Hardening
  5. ================================
  6.  
  7. System hardening is a auditing process in which we try to scan and check each and every aspect of security from settings to updated versions of system softwares which may or may not lead to a system compromisation.
  8. To reduce the surface of vulnerability.
  9.  
  10. Windows: Critical Systems with OS (Servers 2008 onwards)
  11. Windows: Non Critical Systems with OS (Simple OS inhouse computers)
  12. Windows: Hardware Devices in scope (CCTV Camera with Windows Mobile OS inside it etc.)
  13.  
  14. System Hardening is a very critical audit process in which every aspect of security is being considered to be a serious issue, majority of the comapnies are maintaining the system security with AD control framework. Hence no one audit a single pc manualy which is the gap which we fullfil as an auditor on the client site.
  15.  
  16. Sample Checklist of Windows 7 : Control List
  17.  
  18. Good Firewall > Inbound and Outbound Rules.
  19. Antivirus
  20. Disable Autorun
  21. Disable USB
  22. Never download or surf on unknown source
  23.  
  24. msconfig.msc
  25. secpol.msc
  26. gpedit.msc
  27. regedit.exe
  28.  
  29.  
  30. - Setting SEcurity Policies using secpol.msc and gpedit.msc
  31. - Banning malicious hamful extensions such as (.bat) for Windows using regedit.exe
  32. - Checking Startup and Persistence Process using msconfig.msc
  33.  
  34.  
  35. ISO 27001 Compliance - Bible for system auditing and system hardening(ISMS - INFORMATION SECURITY MANAGEMENT SYSTEM)
  36. In the whole ISO series, ISO 27001 and 27002 is considered to be the most widely and bestly used compliance.
  37. CSO
  38. CISO
  39. Lead Auditors
  40.  
  41. - Perimeter Security : Perimeter security refers to natural barriers or built fortifications to either keep intruders out or to keep captives contained within the area the boundary surrounds.
  42.  
  43. Basic Security Configurations : Checking the outdated softwares in the environment, checking the old hardware having old firmware application running, applications running with vulnerable version. etc.
  44.  
  45. Automated Security Analyzers
  46. -> Script (For Example: Sub Domain Finder : GITHub)
  47. -> nmap
  48. -> SPARTA
  49.  
  50. Linux Based System Hardening
  51. ----------------------------
  52. - Lynis
  53.  
  54. Lynis - Security auditing and hardening tool, for UNIX-based systems.
  55. Lynis is a security auditing for UNIX derivatives like Linux, macOS, BSD, and others. It performs an in-depth security scan and runs on the system itself. The primary goal is to test security defenses and provide tips for further system hardening. It will also scan for general system information, vulnerable software packages, and possible configuration issues. Lynis was commonly used by people in the "blue team" to assess the security defenses of their systems. Nowadays, penetration testers also have Lynis in their toolkit.
  56.  
  57. Goals
  58. ======
  59. The main goals are:
  60. --------------------
  61. Automated security auditing
  62. Compliance testing (e.g. ISO27001, PCI-DSS, HIPAA)
  63. Vulnerability detection
  64.  
  65. The software (also) assists with:
  66. ---------------------------------
  67. Configuration management
  68. Software patch management
  69. System hardening
  70. Penetration testing
  71. Intrusion detection
  72.  
  73.  
  74. Typical users of the software:
  75. ------------------------------
  76. System administrators
  77. Auditors
  78. Security officers
  79. Security professionals
  80.  
  81. Installation
  82. ============
  83. Git
  84. Clone or download the project files (no compilation nor installation is required) ;
  85.  
  86. git clone https://github.com/CISOfy/lynis
  87. Execute:
  88.  
  89. ./lynis audit system
  90.  
  91.  
  92. --------------------------------------------------------------------------
  93.  
  94.  
  95. Bash Scripting
  96. ==============
  97.  
  98. Creating a tool like Netdiscover which shows active hosts in a network.
  99.  
  100. File name : searchip.sh
  101.  
  102. - ping 192.168.0.1, ping 192.168.0.2 etc
  103. - ping -c 1 192.168.0.1, ping -c 1 192.168.0.2 etc
  104. - ping -c 1 192.168.0.1 | grep "64 bytes", ping -c 1 192.168.0.2 | grep "64 bytes" etc.
  105. - ping -c 1 192.168.0.1 | grep "64 bytes" | cut -d " " -f4, ping -c 1 192.168.0.2 | grep "64 bytes" | cut -d " " -f4 etc.
  106. - ping -c 1 192.168.0.1 | grep "64 bytes" | cut -d " " -f4 | cut -d ":" -f1 , ping -c 1 192.168.0.2 | grep "64 bytes" | cut -d " " -f4 | cut -d ":" -f1 etc.
  107.  
  108. - Looping statement
  109. for i in $(seq 1 255);
  110. do
  111. ping -c 1 192.168.0.$i | grep "64 bytes" | cut -d " " -f4 | cut -d ":" -f1
  112. done
  113.  
  114. ------------------------------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!