Posted in News Security

Windows 10 1803 Group Policy and Security Baseline Template

The latest version of the Windows 10 1803 security templates have been released to the public. These are the new Microsoft recommend guidance for securing Windows in an organisation. These settings are normally tighter than the Out of the Box settings, but are normally acceptable in a workplace environment. Historically these used to be available via the Microsoft Security Management…

Continue Reading...
Posted in Security Tutorials

How to implement the ASD Essential 8 via Group Policy

The Australian Government Department called the Australian Signals Directorate has a list of mitigation strategies that is used to help protect IT system against security risks. This list is called the “ASD Essential 8“. While this its generated by the Australian Government department it is an excellent starting point for securing any organisation or government IT Assets. The really great…

Continue Reading...
Posted in News Security

Security Baseline Teamplate for Windows 10 v1803 Redstone 4 “Draft”

Microsoft has just release a draft version of the WIndows 10 1803 Security Baseline Template

Continue Reading...
Posted in Security

Why you should never use a Preshared Key with IPSEC

How secure the way a preshared key saved in Active Directory for authetnication with IPSEC secure?

Continue Reading...
Posted in News Security Tutorials

How to disable SMB 1 on Windows 7 via Group Policy to Prevent WannaCry

Update 1: These instructions will mitigate WannaCry / Wcry / WannaCrypt virus propagation on Windows 7 and later (Windows 10 is not affected). For more technical details about the virus see Troy Hunts blog at https://www.troyhunt.com/everything-you-need-to-know-about-the-wannacrypt-ransomware/ In case you have not got the message yet SMB 1 protocol Bad and that according to Microsoft you should “Stop using SMB1”. Not…

Continue Reading...
Posted in Security Tutorials

How to disable SSL v2 and SSL v3 on Windows Server via Group Policy

In this article I will show you how to disable the SSL v2 and SSL v3 protocols on the Windows Server so that it no longer offers the depreciated (a.k.a. Broken) SSL v2 and v3 security protocols. It also does not hurt if you apply this policy settings to your Windows client computers in case any of them have IIS with digital certificate enabled….

Continue Reading...
Posted in Best Practice Security Tip

How to stop local administrators from bypassing Group Policy

Before I begin this article might be, for some of you, this will be well know information and it might all seem rather logical. But I continue to see questions being asked on forums as how as a Group Policy administrator can I prevent my users with local admin making a specific change or installing software/drivers on their own computer. The short answer is you…

Continue Reading...
Posted in hotfix News Security

Vulnerability in Group Policy Fixed with MS15-011 & MS15-014

Today Microsoft published hotfix MS15-011 and MS15-014 that addressed a potential issues that could allow an man in the middle attack on computer. This vulnerability affected system that could be compromised by a man in the middle or what I like to call a “Coffee Shop Attack”. The summary is that by interfering with the traffic that is being sent…

Continue Reading...