The framework defines the notion of security plugins, reusable components which execute specific system hardening measures, using features provided by the framework, such as user interface, undoable actions, configuration scheme and logging.ġ INTRODUCTION The concern for security in computer systems grows continuously, with the rise of Internet usage and the spread of computers in corporate and institutional scenarios. This paper describes the design and structure of a security software which defines a framework for automating the task of system hardening in a portable and extensible manner.
System security hardening can be used to counter this, but unfortunately most system hardening practiced today is entirely manual, with not many automated security hardening software available.
In many cases, the attacks use services unnecessarily activated, or can be avoided with proper system configuration. Marco Antonio Carnut ( ) Centro de Estudos e Sistemas Avançados do Recife - CESAR Universidade Federal de Pernambuco – CIn/UFPE Tempest Security TechnologiesĪBSTRACT Statistics show that most successful attacks perpetrated in computer systems exploit vulnerabilities for which there is already a correction, sometimes months or years old. A SOFTWARE FRAMEWORK FOR PORTABLE AND AUTOMATED SYSTEM SECURITY HARDENING Cristiano Lincoln Mattos ( ) Centro de Estudos e Sistemas Avançados do Recife - CESAR Universidade Federal de Pernambuco – CIn/UFPE Tempest Security Technologiesįabio Silva ( ) Centro de Estudos e Sistemas Avançados do Recife - CESAR Universidade Federal de Pernambuco – CIn/UFPEĮvandro Curvelo Hora ( ) Centro de Estudos e Sistemas Avançados do Recife - CESAR Universidade Federal de Pernambuco – CIn/UFPE Universidade Federal de Sergipe – DCCE/UFS Tempest Security Technologies