Choosing a Bastion Host
Chapter 8
Learning Objectives
Understand the general requirements for
installing a bastion host
Select the attributes—memory, processor
speed, and operating system—of the bastion
host
Evaluate different options for positioning
the bastion host, both physically and within
the network
continued
Learning Objectives
Configure the bastion host
Provide for backups of the bastion host
operating system and data
Establish a baseline performance level and
audit procedures
Connect the bastion host to the network
Bastion Host
An application server that has been
specially hardened and configured to
function on a network perimeter with an
interface on the Internet
A particularly secure point in the network
Typically provides only one service
Installing a Bastion Host: General
Requirements
Your own level of comfort with the system
Its security
Its reliability
Steps for Securing a Bastion
Host
1. Obtain a machine with sufficient memory
and processor speed
2. Choose and install the operating system
3. Determine where the host will fit in the
network configuration; put it in a safe and
controlled physical environment
4. Enable the host to defend itself
continued
Steps for Securing a Bastion
Host
5. Install the services you want to provide, or
modify existing services
6. Remove services and accounts that aren’t
needed
7. Back up the system and all data on it,
including log files
8. Run a security audit
9. Connect the machine to the network
Selecting the Host Machine
Number of machines
Memory considerations
Processor speed
Choosing the operating system
How Many Machines?
Ideal to have only one service on each
bastion host
Conduct a threat assessment that identifies
your most valuable information
Get as many bastion hosts as you can afford
to maximize security; combine services on
one host if you need to save money
Memory Considerations
Should have multi-gigabytes of hard disk
storage space


Vast quantities of log files
Create a page file
Not likely to need multi-gigabytes worth of
RAM
Processor Speed
Get the fastest processor you can afford
Choosing the Operating System
Most important consideration is your
familiarity with the system:


UNIX and Linux hosts
Windows 2000/XP hosts
Keep the operating system updated
Positioning the Bastion Host
Sits on the perimeter of the network;
provides a buffer between the Internet and
the internal network
Physical options
Logical options
Physical Location
Separate room (or locked server cabinet)
with proper ventilation, adequate cooling,
and a backup power system
Co-locate Web servers and other bastion
hosts off-site
Use a hosting service
Co-Locating a Server
Network Location
Securing the Machine Itself
Aspects of a disaster recovery plan






Availability of spare equipment
Frequency of backup
Secure off-site data storage
Temporary office space
Hardware/software insurance
Frequency of testing the disaster program
Securing the Machine Itself
Select a secure location
Install the operating system securely
Document your work
Select a Secure Location
Limited access
Protection with an alarm system with
battery backup
Physical computer lock and cable
Password-protected screen saver and short
time delay
Install the Operating System
Securely
Reinstall OS with minimum configuration
Create two partitions on Windows 2000/XP
bastion host


One for the OS (C: drive)
One for other software that will run on the host (eg,
Web server or DNS server)
Use only NTFS file system for file storage
Include virus protection software
Configure DNS server located on a bastion host in
DMZ to prohibit unauthorized zone transfers
Document Your Work
Name and location of bastion host
Bastion host’s IP address and domain name
Bastion host’s operating system
Location of backup files
What to do in case the system crashes
Levels of patches that have been made to bastion
host’s operating system
Customized scripts that have been developed to
support the host
Configuring Your Bastion Host
Make the host defend itself
Select services to be provided
Disable accounts
Disable unnecessary services
Limit ports
Making the Host Defend Itself
Set up a honey pot server
Set up an Intrusion Detection System (IDS)
on the bastion host


Place a host-based IDS system directly on the
host itself, or
Place a network-based IDS on the firewall or
router that protects bastion hosts in the DMZ
Selecting Services to Be
Provided
Use latest version of server software
Install available security patches or updates
Install a system patch to guard against an
application that can be subject to buffer
overflow
URLs for Latest Versions
Special Considerations for UNIX
Systems
Security_patch_check utility

Automates process of analyzing security
patches already on the system and reporting on
patches that should be added
Trusted Computing Base (TCB) Check

Makes sure that software you run is trusted
System logging
Special Considerations for
Windows Systems
Run Microsoft Baseline Security Analyzer
Use IIS Lockdown Tool
Delete unneeded files in
%SystemRoot%\system32 folder
Special Considerations for
Windows Systems
Disabling Accounts
Delete all user accounts from the bastion host
Rename Administrator account to deter hackers
Keep a “dummy” account called Administrator to
serve as a honey pot account
Use passwords that are 6-8 alphanumeric
characters
Disabling Unnecessary Services
Disable services that enable the host to do
routing or IP forwarding
Take out hardware features you won’t use
Do not disable any dependency services
Each time a service is stopped, test the
system
Document every single change you make
Limiting Ports
Stop traffic on all but the ports you actually
need to provide services on the network
Scan the system for active ports and close
any that are being used by “unknown” or
unneeded services
Limiting Ports
Handling Backups
Binary drive image backup


Best kind of backup
Includes all information, including OS,
applications, and individual files
Copy all relevant files to disk
Use system’s built-in back-up utility
Auditing the Bastion Host
Test for vulnerabilities and evaluate
performance


How well does bastion host protect itself from
attack?
How well does it protect internal LAN behind it
from attack?
Establish a baseline for system performance
(benchmarking)
Connecting the Bastion Host
Test system and check it against baseline
level of performance to make sure it still
functions correctly
IPSentry can be used to monitor network
performance and send alerts in case of
trouble
Audit the host periodically
Monitoring the System with
IPSentry
Chapter Summary
Proper configuration of a bastion host
General requirements that apply to most
bastion hosts
Factors to consider when selecting a host
machine
Possible locations for a bastion host
Deciding what functions the host should
perform