Authors: Tanya Singh, Vivek Joshi, Nazneen Ahmed, Kunal Purohit
Abstract: Kernel hardening is a critical practice aimed at strengthening the security of an operating system's kernel by mitigating vulnerabilities, securing the execution environment, and minimizing potential threats. In dual-stack environments, where both IPv4 and IPv6 protocols are enabled, kernel hardening becomes even more crucial due to the complexity introduced by managing both protocol stacks. This review examines the kernel hardening strategies in two widely adopted enterprise systems: Red Hat and Solaris, with a specific focus on their dual-stack configurations. Red Hat, being a Linux-based distribution, integrates several security features such as SELinux, AppArmor, and sysctl configurations to bolster kernel protection. In contrast, Solaris, with its unique architecture, leverages features like ZFS (Zettabyte File System), Solaris Zones, and RBAC (Role-Based Access Control) to enhance system security. The review identifies and analyzes the specific security challenges faced in dual-stack environments, such as IPv6 vulnerabilities and tunneling risks, and highlights the need for hardened security measures that address both IPv4 and IPv6 protocols. It further compares the security frameworks of Red Hat and Solaris, focusing on their tools and strategies for securing the kernel against cyber threats. The review also discusses best practices for hardening dual-stack systems, emphasizing the importance of securing both network stacks independently while maintaining overall system performance. Lastly, it explores the future directions in kernel hardening for dual-stack systems, suggesting areas for research and development to address emerging security concerns.
DOI: https://doi.org/10.5281/zenodo.16260772
