What is the host Bastion?
Bastion host is a public face of an internal computer system or internet network and is used to protect sensitive or private data and internal networks. It is one computer or more, depending on the size of the system and the complexity of the security protocol, which is marked as the only host computer that can be solved directly from the public network. Bastion hosts are designed specifically for screening the rest of the computer network to expose an attack or other outside security violations. The Bastion host is not a computer with a general purpose, but instead it is a special computer that must be specially configured to endure the external attack.
Usually the network manager will configure the host of bastions to have only one application, such as the proxy server, in the machine, because it is completely exposed to a larger instructed network, such as the Internet. All other applications, unnecessary services, programs, protocolya network ports are removed or deactivated to reduce HBastion host. Even with trusted hosts in the computer network, Bastion hosts will not share authentication services. This is done so that even though the bastion is threatened, the intruder does not receive further access to the system that was designed for protection.
In order to be useful, the host of the Bastion must have a certain level of access according to external networks, but at the same time it makes this approach particularly vulnerable to the attack. For minimizing vulnerability, hardening is made so that the ways of attack are limited. The network administrator, as part of the hardening process, will do such things that remove or deactivate unnecessary user accounts, lock root or administrator accounts, close ports that are not used, and configure logging to include encryption on the server. The Ing OperaSystem will be updated with the latest security updates and can also be launched with the Bastice hostystém detection of disruption.
Bastion hosts are used for services such as postal hubs, website host servers, FTP protocol servers) and firewall gates. The network administrator can also use this host type as a server server, virtual private network (VPN) or SSYSTEM (DNS) server. The name "Bastion" is taken from medieval history. For increased protection, forts were built from projections called bastions that allowed men to accumulate behind them and shoot arrows on attackers from the position of greater safety.