Security Baseline template for Windows 1903
Microsoft has released the latest security template for Windows version (Windows 10 and Windows Server) 1903. These templates contain updated guidance and recommendations as to what setting should or should not be configured to your domain joined PC. The security template is actually just a bunch of reports, documents, GPO backups and tools that are consolidated in a s single…
Security Baseline Recommendation for Windows 10 1809
After its initial release and then withdrawal of Windows 10 1809 update due to a number of potential data loss issues, Microsoft has now again released the OS to wide scale deployment. As a such a number of other release have now come from Microsoft, namely the Security Baseline templates GPO’s, documentation with recommended guidance and scripts to help secure…
Windows 10 1803 Group Policy and Security Baseline Template
The latest version of the Windows 10 1803 security templates have been released to the public. These are the new Microsoft recommend guidance for securing Windows in an organisation. These settings are normally tighter than the Out of the Box settings, but are normally acceptable in a workplace environment. Historically these used to be available via the Microsoft Security Management…
How to implement the ASD Essential 8 via Group Policy
The Australian Government Department called the Australian Signals Directorate has a list of mitigation strategies that is used to help protect IT system against security risks. This list is called the “ASD Essential 8“. While this its generated by the Australian Government department it is an excellent starting point for securing any organisation or government IT Assets. The really great…
Security Baseline Teamplate for Windows 10 v1803 Redstone 4 “Draft”
Microsoft has just release a draft version of the WIndows 10 1803 Security Baseline Template
Why you should never use a Preshared Key with IPSEC
How secure the way a preshared key saved in Active Directory for authetnication with IPSEC secure?
How to disable SMB 1 on Windows 7 via Group Policy to Prevent WannaCry
Update 1: These instructions will mitigate WannaCry / Wcry / WannaCrypt virus propagation on Windows 7 and later (Windows 10 is not affected). For more technical details about the virus see Troy Hunts blog at https://www.troyhunt.com/everything-you-need-to-know-about-the-wannacrypt-ransomware/ In case you have not got the message yet SMB 1 protocol Bad and that according to Microsoft you should “Stop using SMB1”. Not…
How to disable SSL v2 and SSL v3 on Windows Server via Group Policy
In this article I will show you how to disable the SSL v2 and SSL v3 protocols on the Windows Server so that it no longer offers the depreciated (a.k.a. Broken) SSL v2 and v3 security protocols. It also does not hurt if you apply this policy settings to your Windows client computers in case any of them have IIS with digital certificate enabled….