Best Practices
Because bastion hosts are particularly vulnerable to attack, due to the level of required access with the outside world to make them useful, there are several best practice suggestions to follow:
- Disable or remove any unneeded services or daemons on the host.
- Disable or remove any unneeded user accounts.
- Disable or remove any unneeded network protocols.
- Configure logging and check the logs for any possible attacks.
- Run an intrusion detection system on the host.
- Patching the operating system with the latest security updates.
- Lock down user accounts as much as possible, especially root or administrator accounts.
- Close all ports that are not needed or not used.
- Use encryption for logging in to the server.
Read more about this topic: Bastion Host
Famous quotes containing the word practices:
“To learn a vocation, you also have to learn the frauds it practices and the promises it breaks.”
—Mason Cooley (b. 1927)
“Such is the art of writing as Dreiser understands it and practices it—an endless piling up of minutiae, an almost ferocious tracking down of ions, electrons and molecules, an unshakable determination to tell it all. One is amazed by the mole-like diligence of the man, and no less by his exasperating disregard for the ease of his readers.”
—H.L. (Henry Lewis)