Server hardening is the process of enhancing the security of a server operating system through a variety of controls and technical configuration settings which results in a more secure server operating environment. Over the past few years I have been involved in various deployments that required a wide range of security and vulnerability management controls to be implemented. More recently I have been involved with defining some of the controls for a set of cloud applications.
Coupled with the work we have been doing on cloud operating system deployment and the security controls associated with such implementations I through I would share a list of some of the top server hardening resources (that includes security guidance, advise and standards) to be found on the web from various government, military and standards bodies.
The list below has been broken down into categories according to operating system and functional components. The list is however to a large extent make up of sources from SANS, the Center for Internet Security (CIS), the NSA, CIA, NIST, DISA and specific product vendors.
Main information repositories:
- SANS Checklists and Step-by-Step Guides
- SANS Critical Security Controls (SANS 20)
- NSA Security Harding Guides
- Security Technical Implementation Guides (STIGs)
- NIST National Checklist Repository
Vulnerability databases:
- NIST National Vulnerability Database
- Open Source Vulnerability Database
- CVE Details
- CVE Mitre
- Repository of Security Incidents (IIT and Scada Focused)
Operating Systems:
- Windows:
- Microsoft Security Tools:
- Linux:
- Mac OS:
- Mobile:
- Other Unix:
Server Components
- Hypervisor
- VMWare Security Guides
- Microsoft Guidance is included in the Microsoft Security Compliance Manager and Windows Server
- Database Servers:
- Web Servers:
- Home Networks: