Crowdsec: protecting Windows servers

In a previous tutorial, I explained how to protect your Linux servers with Crowdsec in order to block “malicious” traffic. For almost 2 months now, the Crowdsec version has been available for Windows. If you are not yet familiar with Crowdsec, here is a brief presentation: Crowdsec will analyze different log files (Web, firewall, SSH, …

Read more

GPO: block programs and prevent software installation – software restriction

In this tutorial, I will explain how by Group Policy (GPO) in an Active Directory environment, block the launch of programs and prevent the installation of certain software with the software restriction policy. By default, if the users are not administrator (local) of the computer, it is not normally possible to install programs, on the …

Read more

GPO: disabled SMBv1

In this tutorial, I will walk you through how to disable SMBv1 support add-on using Group Policy. To disable full SMBv1 support, you must act on the two SMB components which are: The server who is the one who shares The client that allows the use of shared resources. Disabling by group policy is done …

Read more

Active Directory: secure passwords with Lithnet Password Protection for Active Directory

In this tutorial, I will tell you how to harden password security with Lithnet Password Protection for Active Directory. Lithnet Password Protection for Active Directory is a free utility that installs on domain controllers, which will allow us to increase password security with: Create a forbidden password dictionary, also taking into account the replacement of …

Read more

PrintNightmare: secure print configuration

In this “little” tutorial, I will show you how to set up a “secure” configuration. Since the publication of the PrintNightmare flaw, Microsoft has deployed several updates to correct this problem and took the opportunity to modify the behavior of Windows to harden the configuration. In this tutorial, we will see the parameters to use …

Read more