Linux Security and Hardening

In computer security, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle, a single-function system is more secure than a multipurpose one. Reducing available ways of attack typically includes changing default passwords, removal of unnecessary software, unnecessary usernames or logins, and disabling or removal of unnecessary services.

What is Hardening means:

Hardening, when applied to computing, is the practice of reducing a system’s vulnerability by reducing its attack surface.

Hardening may involve a reduction in attack vectors by culling the pathways, or vectors, attackers would use. It may range from adhering to blanket policies such as Zero Trust, the Principle of Least Privilege (PoLP), or Defense In Depth, but also manifest as certain task lists such as implementing workforce training, segmenting resources, automating security updates, resetting default passwords, hashing passwords, and ceasing to store or transmit data unless it is encrypted.

Reducing attack vectors through hardening also involves system owners cutting unnecessary services or processes. Overall, a system that provides more services has a much broader attack surface than one performing just one function.

In this course, You will learn how to hardening your  Unix and Linux systems.