Group policy hardening question

Discussion in 'other security issues & news' started by exus69, Sep 2, 2014.

  1. exus69

    exus69 Registered Member

    Joined:
    Mar 15, 2009
    Posts:
    160
    Hello,

    What kind of attacks does the following group policy hardening steps thwart in a workgroup environment:


    - Network Security: LAN Manager authentication level
    Send NTLMv2 response only. Refuse LM & NTLM


    - Network Security: Minimum session security for NTLM SSP based (including secure RPC) servers
    RequireNTLMv2sessionsecurity, Require128-bitencryption, Require message integrity, Require message confidentiality


    - Network Security: Minimum session security for NTLM SSP based (including secure RPC) clients
    RequireNTLMv2sessionsecurity, Require128-bitencryption, Require message integrity, Require message confidentiality


    - Network Security: Do not store LAN Manager hash value on next password change: Enabled


    - Microsoft network server: Digitally sign communications (always): Enabled


    - Microsoft network server: Digitally sign communications (if client agrees): Enabled


    - Microsoft network client: Digitally sign communications (always): Enabled

    - Network access: Do not allow anonymous enumeration of SAM accounts and shares: Enabled

    - Administrative Templates>System>Remote Procedure Call>Restrictions for Unauthenticated RPC clients: Enabled (Authenticated)

    - Network Access: Shares that can be Accessed Anonymously
    Remove all shares

    Also are there any other/better hardening group policy settings that you are aware of? Kindly share the same over here.

    What other network security steps can be taken in a workgroup environment??

    Thanks :)
     
Loading...