Hardening (computing)

In computer security, hardening or system hardening is usually the process of securing a system by making it a 'hard target' by reducing its attack surface vulnerabilities. The attack surface is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one. Hardening is considered an important component of cybersecurity.

Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services. It may also involve patching vulnerabilities and switching off ancillary services that are not essential. Hardening measures can also include setting up intrusion prevention systems, disabling or restricting accounts, reducing file system permissions, using encrypted network connections and enabling host-based network security.

This article is issued from Wikipedia. The text is available under Creative Commons Attribution-Share Alike 4.0 unless otherwise noted. Additional terms may apply for the media files.