Wednesday, November 25, 2009

Software installation

Blog Has Moved

Link to the same post in the new blog: Software installation

One of the most important rules of server hardening is limiting the exposure surface.

I guess it's ok to install a product (from operating system to office applications) on a developer or users desktop using the default installation method (in many cases it means full product installation, since most of us don't bother to read what it means and just click next to continue).

However, on a production environment, any additional component means additional exposure surface, additional disk space and additional CPU and memory usage, which are very critical on production environments.
It is time to read the product documentation, and understand what does each and every component is doing on the system.
Customize or minimal installation is the best practice on this case.
We don't need any sample pages, product documentation or help files, or even demo scripts/web application/databases.

Another best practice is to limit anonymous, guest or any other non-authenticated access to sensitive areas of our application, such as administrative sections in web applications.
The best practice is to configure authentication for administrative sections, using built-in application capabilities such as strong passwords, dedicated accounts with privileges to certain parts of the application, certificate authentication or if nothing else is possible, using file system permissions according to the hosted operating system.

Another crucial part, for applications that start their own service to listen to outside requests, is to use the least-privileges security model, which means, non-administrative/root account to load the service, with limitation for running the specific application and least amount of privileges to the operating system.
The reason for that is if I am using an application that depends on JAVA for example, and there is a flaw in the JAVA runtime that allows it to break the JAVA security mechanism, your server might be vulnerable as well.

Another point to think about is software upgrades. You may be doing a good job during application installation and configuration, but the next product upgrade or security hotfix, might bring back sample applications or change the file system privileges.


Post a Comment

Subscribe to Post Comments [Atom]

<< Home