Service Hardening (SH)
Service Hardening is about configuring services to reduce their attack surface. By combining various low priority configuration issues, an attacker may be able to gain access and even elevate in a system without leaving much traces behind. Training focuses on practices that can be applied to almost any service – without modifying the program code.
Contents of the training:
This course is based on the most frequently occurring configuration security issues that our team has encountered over years of penetration testing.
- The main topics covered are:
- Public Key Certificates – chain verification, status, transparency
- Reverse proxy – IP-address and certificate info forwarding
- TLS – protocol, cipher suites, forward secrecy, CCA
- SSH – host keys and SSHFP, agent forwarding
- DNS – DoT/DoH, DNSSEC
- E-mail – DKIM, SPF, DMARC
- Logging – log tampering, creating meaningful logs
For each topic, first the theory is explained, based on this, the student will attack a service in a lab environment and finally, for selected topics, the student will harden that service to withstand such attack.
Target audience: developers, administrators, testers, security incident handlers and anyone else who has to deal with creating or maintaining services.
Learning method: Practical, lecture, hands-on-lab
More information from here.