The absence or incorrect setting of which windows server parameters can create vulnerabilities?

S

Sergey Volkov2022-01-19 10:17:58

System administration

Sergey Volkov, 2022-01-19 10:17:58

There is a task to check which settings are especially important for setting up windows server 2008 and 2012 R2. The most important are the following: settings, without setting which, the user will be able to increase his rights or disrupt the server.
It is a windows user, without using Kali and the like. Can you tell me such settings and how can a user create a problem if the server is not properly configured?

Reply

Answer the question

In order to leave comments, you need to log in

5 answer(s)

S

Saboteur, 2022-01-19
@saboteur_kiev

1 Blank administrator password
2 Write access to scripts and programs that automatically run as administrator.
3 Physical access to the server

R

Roman Bezrukov, 2022-01-19
@NortheR73

Restrict the number of users with local admin rights on a specific server
Restrict users access to the server
Windows security baselines
https://www.netwrix.com/windows_server_hardening_c...
CIS Microsoft Windows Server 2012 R2 Benchmark

S

Sergey Volkov, 2022-01-19
@Rejden2000

These options are too much. Empty admin password? This is not serious. Another thing is to check the SYSVOL folder, to see if the administrator is rolling local passwords with scripts or perhaps he hasn’t updated the server and rolls using group policies, which also glows in this directory to which each user has access. In general, so far no one, unfortunately, has advised anything sensible ...

S

Sasha Odarchuk, 2022-01-20
@Fanta

Read about CIS Benchmarks for your OS
https://docs.microsoft.com/en-us/compliance/regula...

A

Alexander Dasler, 2022-01-22
@PKZV

Update your OS with security patches from vulnerabilities - such as Zerologon, etc.
Do not download programs from third-party resources.
Properly arrange the security rights of files and folders.
Always make brute force passwords