During the first two phases of the five step process of a cyber-attack a hacker conducts reconnaissance of the target network and scans for any vulnerabilities that could be exploited. (SEC-Council, 2009) These vulnerabilities are known as a system’s attack surface. One of the core job functions of Network administrators is reducing this attack surface through a process called system hardening. There a number of techniques that can be used to harden Microsoft clients and servers such as scanning the system with map to find any vulnerabilities that comes room having open ports.
After the initial scan the administrator should close open ports and install unnecessary services. (Solomon, 2014) Administrators should also run follow up scans with map to make sure that there are no ports or services that they may have missed during their first run. Map is not the only program that can identify vulnerabilities within a server, the CSCW utility should also be used when you are installing new server hardware to check for any unwanted services that may be set to run on the server as a default setting. (Solomon, 2014)
In addition to removing programs and services network administrators should also restrict the accesses the users have on client systems limit what they can do to effect the security of the network. If users could change the security settings or download third party software from potentially unsafe websites they could very easily compromise the security of the network. By limiting user access and defining user roles network administrators can potentially prevent future system vulnerabilities that a user may introduce to the system either unwittingly or lusciously.
Another system hardening measure that should be taken to help secure the client side of the network is disabling the default administrator account after you create additional administrator accounts assigned to different roles. (Solomon, 2014) Works Cited SEC-Council. (2009).
