HP OSMS white paper: Security of Open Source Middleware Stacks
used in a trusted network environment. In either case, remove them
and use secure equivalents: SSH, SCP, SFS, and SFTP.
• Remove all unneeded network services, which are services that are
not explicitly used by the system. Also remove sub-component
services that a particular configuration does not use.
If services are needed only occasionally, you should stop them and
prevent them from restarting upon system boot. Alternatively, use
firewall rules to manage network access. For example, allow Samba
to accept connections from the local network and not from outside
the firewall.
• Eliminate unneeded packages.
On deployed systems, remove compilers and tool chain libraries. The
goal is to eliminate any tools that an unwelcome adversary can use
against you. By removing the extraneous packages, you might find
that your normal set of tools is no longer available for debugging and
diagnostics. This can be bothersome, but remember that leaving only
the required components on a deployed server is a form of minimal
privilege enforcement. Give the servers only what they need and you
might give attackers less of what they need.
Automating Secure Configurations
Keeping track of all the critical configurations is complex. Increasing this complexity is the fact that a
system’s configuration needs change over time. For example, secure configurations often turn up as a
default in future package releases, so systems no longer need special configurations during deployment.
Conversely, new releases offer new functionality, and might require new security modifications. Because
of these changing requirements, using a configuration tool makes sense. Give the important task of keeping
configurations current to professionals in the security field.
The Bastille Linux open source project is ideal for securely configuring a system. Bastille is an interactive
script, which examines the configuration of a system and suggests hardening changes. Two important
goals of Bastille are:
• Provide educational information regarding safe security practices through a hands-on interactive
script.
• Provide a means to secure a system through systematic configurations.
Bastille is also customizable for specific systems. You can harden an OSMS environment to match a default
configuration file, or you can use an extension of the Bastille defaults for a specific system. Bastille can
configure several systems in the same manner, and it can perform security regression testing after making
changes to a system.
Bastille guides you through the hardening process by explaining each security issue, allowing you to
choose whether to implement a hardening configuration, explaining the consequences of each choice, and
suggesting preferred choices. Bastille detects default passwords, enables the implementation of the principle
of least privilege, removes suid programs, and provides a local system firewall, and it also mitigates
many other security issues.
Bastille adheres to many security best practices. Properly configuring a system is complicated and requires
a considerable amount of knowledge. Using Bastille simplifies this task and provides access to a
collaboration of effort from others in the security field. Systems configured using Bastille benefit by not
being overly complicated and by conforming to a well-formed configuration script that has been reviewed
by others in the security field.
For more details, see the Bastille Linux Web site at:
http://www.bastille-linux.org
Essential Security 19