Workstations are normally operated by end users with limited computer knowledge and hence they require much attention. Workstations communicate with other workstations and servers using services such as file sharing, network services, and other applications programs.
Following tips are helpful for securing workstations and servers.
• Select an operating system which is more secure and has less vulnerability. Download and install hot fixes, Service Packs and updates without delay.
• Install a trusted and good antivirus and update it regularly.
• Install a good anti-spyware and update it regularly.
• Install Host Intrusion Detection System (HIDS) software such as ossec, tripwire or rkhunter.
• Install good firewall and configure it properly for workstations and servers. Close all ports which are not required.
• Enforce strong password policy to users, which may protect against brute force and dictionary attacks.
• Select a web browser which is more stable and secure, because attacks can be launched using browsers. If possible disable scripts execution.
• Download and install software’s from trusted site only. Try to install digitally signed software’s and view the digital certificate to check whether the certificate is OK.
• Close all services and protocols and run only the services and protocols which are necessary. Many services have known vulnerabilities and the attacker may exploit these vulnerabilities to gain access to your workstation or server.
• Remove all shares that are not necessary.
• Attackers can launch attacks targeted at specific Operating System and services once the Operating System and server application is identified. Example: By default, many web server applications show information regarding the web server application name, web server application version, Operating System and Operating System version in error messages. This may help an attacker to exploit vulnerabilities of the web server application and Operating System. Web server application should be configured to hide this information.
• If possible, try to change default administrative account names and passwords for Operating Systems, Databases and other sensitive applications and services.
• Conduct a penetration test to check your workstations and servers.
• Keep all the sensitive data encrypted.
• Physical security is an important factor and if there is no physical security all the above tips are of NO use.