Implementación de hardening en sistemas operativos de servidor : implementación de hardening en un sistema operativo de servidor microsoft.

Abstract

The objective of this degree project is the implementation of hardening in a Microsoft server operating system, in order to analyze, evaluate and solve possible problems found within the system. For this purpose, there are six sections which will be detailed below: In the first section the description of the implemented project is presented, the objectives, both general and specific, the scope and the theoretical framework, where the fundamental bases such as; operating systems, hardening, scanning tools based on the SCAP protocol, reference frameworks (NIST, CIS, ISO) are explained, this with the purpose of understanding and implementing the titilation project. The second section describes the methodology used in the implementation of this project. It details in a general way the process followed for the fulfillment of each one of the proposed objectives. The third section presents the results, which exhaustively details the implementation process, starting with the installation of Windows Server 2019, setting up a mail server, installing the scanning tool and presenting the vulnerability report. With this, a security policy is applied to the server to obtain a second report in order to compare them and manually solve the most critical ones. In addition, a guide with the best practices for the implementation of a server operating system with protected e-mail is presented. The fourth section contains the conclusions obtained from the report, as well as the recommendations that should be taken into account for the implementation of server hardening. Finally, the last sections contain the references on which the research was based and their respective annexes