Bastion Hosts & Air-Gaps
Overview
Bastions and airgaps are strategies for controlling how systems connect—or don't connect—to the outside world. They focus on limiting exposure, creating strong boundaries that support a broader security design. In this unit, we look at how we can seperate systems and create safe disconnects should a problem arise.
Learning Objectives
- Understand the role and importance of air-gapped systems.
- Recognize how to balance strong security with operational efficiency.
- Learn how bastion hosts can help control and limit system access.
- Understand methods for automating the jailing and restriction of users.
- Gain a foundational understanding of
chrootenvironments and diversion techniques.
Key Terms and Definitions
| Air-gapped | Bastion |
|---|---|
| Jailed process | Isolation |
| Ingress | Egress |
| Exfiltration | Cgroups |
| Namespaces - Mount, PID, IPC, UTS |