Server Hardening

Server hardening is a process of general system hardening which involves the ‎secure use of advanced safety measures in the hardware, firmware, and software ‎layers of data, ports, components, function, and permissions of a server.

• Maintaining the operating system of a server patching and updating ‎
• Regularly updating the software of a third party that is essential to server ‎operations and removing software from a third party that does not respect the ‎established safety cyber standards ‎
• USB ports disabled at boot‎

---

Software Application Hardening

The process of updating or installing additional security measures to safeguard ‎both standard and third-party apps installed on your server is known as software ‎application hardening, or simply application hardening.

• Making use of firewalls‎
• ‎Using anti-virus, anti-malware, and anti-spyware software ‎
• Data- Encryption via software eg. SHA-256‎

---

Operating system hardening

Patching and installing sophisticated security measures to secure a server's operating ‎system is known as operating system hardening (OS). Automatically installing updates, ‎patches, and service packs are one of the greatest ways to establish a hardened state for ‎the operating system.‎ ‎ ‎

• Discarding non-essential drivers ‎
• ‎Encrypting the hard disc drive (HDD) or solid-state drive (SSD) that stores and hosts ‎your operating system ‎
• ‎‎Authenticating and limiting system access permissions‎

---

Database Hardening

Database hardening is protecting both the contents of a digital database and the ‎database management system (DBMS), which is the database application that users use ‎to store and analyze data in a database.‎

Database hardening is primarily comprised of three steps:‎

1. Managing and restricting user privileges and access
2. Disabling database services and functions that are no longer needed
3. Encrypting and securing database data and resources‎

The following are examples of database hardening techniques:‎-

• Administrators' and administrative privileges and functions are restricted
• Encrypting database data in transit and at rest ‎
• Adherence to RBAC (role-based access control) policies ‎ ‎

---

Network hardening

Network hardening is the process of securing the basic communication ‎infrastructure of multiple servers and computer systems that are connected to a ‎network.‎ ‎ ‎

Network hardening is accomplished primarily through the installation of an ‎intrusion prevention system (IPS) or intrusion detection system (IDS), both of ‎which are typically software-based. These applications automatically monitor and ‎report suspicious network activity, assisting administrators in preventing ‎unauthorised network access.‎ ‎ ‎

Network hardening techniques include:‎- ‎

• ‎ Properly configuring and securing network firewalls ‎
• Auditing network rules ‎and network access privileges, disabling specific network protocols and unused or ‎unnecessary network ports, encrypting network traffic, and disabling network ‎services and devices that are not presently or never used.‎ ‎