As we’ve explained, a good way to begin securing a network is to make sure every system in the network is up-to-date and to verify that only the protocols you need are enabled. Unfortunately, these steps aren’t enough. Your servers and workstations also run applications and services. Server services (especially web, email, and media servers) are particularly vulnerable to exploitation and attack. These applications must also be hardened to make them as difficult as possible to exploit.
The following sections deal with hardening your applications, both on the desktop and at the server, to provide maximum security.
Most applications that are written to accept input expect a particular type of data to be given—string ...