May 17, 2021

Windows Domain – Low hanging fruit

Hi,

I am securing down several Active Directory Domains. I’ve done this in the past but because I am managing acquired domains too, I’m trying to be efficient and want to hit the lowest hanging fruit first.

My list at the moment stands at:

* Disable DC Printer Spoolers – GPO it
* NETBIOS LLMNR disablement
* SMBv1 disable
* NTLMv1 disable

Anything else you guys can think of?

Thanks,

BH

Comments

8bitz

Grab the windows server CIS benchmarks for Domain Controllers

https://www.cisecurity.org/resources/

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.