📑 Table of Contents

In computer security, hardening or system hardening is usually the process of securing a system by making it a 'hard target' by reducing its attack surface vulnerabilities.[1][2] The attack surface is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one. Hardening is considered an important component of cybersecurity.[3]

Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services. It may also involve patching vulnerabilities and switching off ancillary services that are not essential.[4] Hardening measures can also include setting up intrusion prevention systems, disabling or restricting accounts, reducing file system permissions, using encrypted network connections and enabling host-based network security.[5]

Binary hardening

edit

Binary hardening is a security technique in which binary executables are analyzed and modified to protect against common exploits. Binary hardening is independent of compilers and involves the entire toolchain. For example, one binary hardening technique is to detect potential buffer overflows and to substitute the existing code with safer code. The advantage of manipulating binaries is that vulnerabilities in legacy code can be fixed automatically without the need for source code, which may be unavailable or obfuscated. Secondly, the same techniques can be applied to binaries from multiple compilers, some of which may be less secure than others.

Binary hardening often involves the non-deterministic modification of control flow and instruction addresses so as to prevent attackers from successfully reusing program code to perform exploits. Common hardening techniques are:

See also

edit

References

edit
  1. ^ Workman, Michael (2021-10-29). Information Security Management. Jones & Bartlett Learning. p. 240. ISBN 978-1-284-21165-8. Retrieved 2025-09-04.
  2. ^ "What Is System Hardening? – Intel". Intel. 2025-07-09. Retrieved 2025-09-04.
  3. ^ CISM, John Rittinghouse PhD; CISM, William M. Hancock PhD CISSP (2003-10-02). Cybersecurity Operations Handbook. Digital Press. pp. 436–437. ISBN 978-0-08-053018-5. Retrieved 2025-09-04.
  4. ^ "Hardening". CSRC. Retrieved 2025-09-04.
  5. ^ O'Hanley, Richard; Tiller, James S. (2013-08-29). Information Security Management Handbook, Volume 7. CRC Press. ISBN 978-1-04-006148-0. Retrieved 2025-09-04.
edit

📚 Artikel Terkait di Wikipedia

Hardening

up hardening or harden in Wiktionary, the free dictionary. Hardening is the process by which something becomes harder or is made harder. Hardening may

CT scan

contribute to these streaks: under sampling, photon starvation, motion, beam hardening, and Compton scatter. This type of artifact commonly occurs in the posterior

Secure by design

components may undermine SbD practices. Cyber security standards Hardening (computing) Multiple Independent Levels of Security Security engineering Security

Chkrootkit

detection by them. Host-based intrusion detection system comparison Hardening (computing) Linux malware MalwareMustDie rkhunter Lynis OSSEC Samhain (software)

Rkhunter

Samhain (software) Host-based intrusion detection system comparison Hardening (computing) Linux malware MalwareMustDie Rootkit "A way to detect the rootkits

Radiation hardening

Radiation hardening is the process of making electronic components and circuits resistant to damage or malfunction caused by high levels of ionizing radiation

Quantinuum

Cambridge Quantum Computing (CQC). HQS was founded in 2014. The company used a trapped-ion architecture for its quantum computing hardware, which Honeywell

Anti-tamper software

techniques, for example the Mariposa botnet. Denuvo Fault tolerance Hardening (computing) Security through obscurity Arnold, Michael; Schmucker, Martin; Wolthusen