Device Hardening

Question 1

Changing default credentials

Answer 1

• Most devices have default usernames
and passwords
• Change yours!

• The right credentials provide full control
  
  • Administrator access

• Very easy to find the defaults for
your WAP or router
• http://www.routerpasswords.com

Question 2

Avoid common passwords

Answer 2

• People use common words as passwords
  
  • You can find them in the dictionary
• Brute force attackers start with the easy ones
  
  • password, ninja, football

• Many common wordlists are available
• Some are customized by language
or line of work

Question 3

Upgrading firmware

Answer 3

• Many network devices do not use
a traditional operating system
• All updates are made to firmware

• The potential exists for security vulnerabilities
• Upgrade the firmware to
a non-vulnerable version

• Plan for the unexpected
  
  • Always have a rollback plan
  • Save those firmware binaries

Question 4

File hashing

Answer 4

• Hashing represents data as a short string of text
  
  • A message digest
• Unique value
  
  • A hash is unique to a particular data structure
  • The hash will be different if the data changes
• Verify a downloaded file (integrity)
  
  • Hashes may be provided on the download site
  • Compare the downloaded file hash with the posted hash value

Question 5

Disabling unnecessary services

Answer 5

• Every service has the potential for trouble
  
  • The worst vulnerabilities are 0-day
• “Unnecessary” isn’t always obvious
  
  • Windows 7 includes over 130 services by default
  • Windows 10 has over 240
• This may require a lot of research
  
  • Many different sources
  • Don’t rely on the manufacturer
• Trial and error may be necessary
  
  • Testing and monitoring

Question 6

Watching the network

Answer 6

• There’s a wealth of information in the packets
  
  • Some of it is very sensitive information
• It’s exceptionally easy to pull this out of the air
  
  • Your coffee break could cost you
• Use encrypted protocols and technologies
  
  • Browser, email, terminal, file transfer, encrypted tunnels

Question 7

Secure protocols

Answer 7

• SSH - Secure Shell
  
  • Terminal sessions; use instead of Telnet
• SFTP - Secure (SSH) File Transfer Protocol
  
  • File transfer using SSH instead of FTP

• SNMPv3 - Simple Network Management Protocol
• Version 3 added encrypted communication
instead of SNMPv1 and v2

• TLS/SSL - Transport Layer Security / Secure Sockets Layer
  
  • HTTP inside of TLS is HTTPS
• IPsec - Internet Protocol Security
  
  • Encrypt at the IP packet level

Question 8

Generating new keys

Answer 8

• We communicate to network devices
over encrypted channels
• HTTPS, SSH

• Encryption keys are usually managed on the device
  
  • SSL/TLS keys for HTTPS, SSH keys

• Anyone with the key can potentially decrypt
administrative sessions
• Or gain access to the device

• Update or change the keys during the installation
  
  • Have a formal policy to outline processes and procedures

Question 9

Disabling unused TCP and UDP ports

Answer 9

• Control traffic based on data within the content
  
  • Data in the packets
• Use a firewall to allow or restrict port numbers
  
  • TCP and UDP filtering
• Firewall location
  
  • Personal/Software firewall
  • Network-based firewall

Question 10

Disabling unused interfaces

Answer 10

• Enabled physical ports
  
  • Conference rooms
  • Break rooms
• Administratively disable unused ports
  
  • More to maintain, but more secure

• Network Access Control (NAC)
• 802.1X controls
• You can’t communicate unless
you are authenticated