INFORMATION SECURITY - ATTACK RESISTANCE & HARDENING OF SYSTEMS
Up-To-Date, Properly Configured Systems Are “Attack-Resistant”
Many exploits used by computer hackers target vulnerabilities in computers that are running unnecessary services. The Code Red worm, for example, infected systems that were running Microsoft’s IIS web server, and in many cases the owners of the infected systems were unaware that the IIS service was turned on. Some services are enabled by default during operating system installation, and there is a tendency sometimes for users to enable them “just in case I decide to use it”. If you are unsure as to whether or not you need a particular service, it is best not to enable it — you can almost always go back and turn it on later if it becomes needed. In short, if you don’t need it, don’t turn it on. If it’s already on, turn it off.
It is also of critical importance, no matter which operating system your computer is running, to keep up to date with and install all current patches and service packs for that operating system, as well as patches for critical services being run on your computer (web server, ftp server, etc.). Make it a practice to check for updates, patches and service packs on a regular basis (weekly is good). The OLLU Information Security website contains links to security and patch sites for most of the major operating systems.