Back to course

Hardening Operating Systems (Principle of Least Privilege)

Cyber Security Mastery: From Zero to Hero

Reducing the Attack Surface

System hardening involves configuring an operating system or application securely, reducing potential vulnerabilities, and shrinking the attack surface.

The Principle of Least Privilege (PoLP)

This principle dictates that a user, process, or system component should only have the minimum permissions necessary to perform its job and nothing more.

  • Example 1 (Users): A standard user account should not have administrative rights unless performing an administrative task.
  • Example 2 (Services): A web server process (like Apache) should not run as the root user. If compromised, the attacker only gains the web server's limited permissions, not full system control.

Hardening Checklist

  1. Disable all unnecessary services (e.g., FTP, Telnet).
  2. Remove or disable default user accounts and guest accounts.
  3. Enforce strong password policies.
  4. Restrict physical access to servers.
  5. Apply security configuration baselines (e.g., CIS Benchmarks).