Answer the question
In order to leave comments, you need to log in
The absence or incorrect setting of which windows server parameters can create vulnerabilities?
There is a task to check which settings are especially important for setting up windows server 2008 and 2012 R2. The most important are the following: settings, without setting which, the user will be able to increase his rights or disrupt the server.
It is a windows user, without using Kali and the like. Can you tell me such settings and how can a user create a problem if the server is not properly configured?
Answer the question
In order to leave comments, you need to log in
1 Blank administrator password
2 Write access to scripts and programs that automatically run as administrator.
3 Physical access to the server
Restrict the number of users with local admin rights on a specific server
Restrict users access to the server
Windows security baselines
https://www.netwrix.com/windows_server_hardening_c...
CIS Microsoft Windows Server 2012 R2 Benchmark
These options are too much. Empty admin password? This is not serious. Another thing is to check the SYSVOL folder, to see if the administrator is rolling local passwords with scripts or perhaps he hasn’t updated the server and rolls using group policies, which also glows in this directory to which each user has access. In general, so far no one, unfortunately, has advised anything sensible ...
Read about CIS Benchmarks for your OS
https://docs.microsoft.com/en-us/compliance/regula...
Update your OS with security patches from vulnerabilities - such as Zerologon, etc.
Do not download programs from third-party resources.
Properly arrange the security rights of files and folders.
Always make brute force passwords
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question