Browse Source

EMET removal, turning on security auditing

EMET is not supported anymore.
master
six 2 years ago
parent
commit
31de901706
  1. 12
      windows_hardening.txt

12
windows_hardening.txt

@ -12,12 +12,11 @@ Windows 8 and Windows 10 hardening @@ -12,12 +12,11 @@ Windows 8 and Windows 10 hardening
3. AppLocker configuration, preferably with cert based limits - dll based makes the system too slow.
4. Disable the automatic leaking of NetNTLM hashes of any user by lnk/url files (see "References" for the fix and note that, if the link is opened it may still leak).
5. Disable powershell for standard users with applocker. You can also try the powershell restrictions, but these are easy to bypass.
6. EMET for antiexploitation (take time to configure the applications, don't just use the default ones).
7. Install applications with different users for application separation.
8. Do not install applications with elevated privileges.
9. No antivirus or similar "security product" for experienced users - these often pose higher risks, list below. For standard users, it may worth thinking about it.
10. If you use the computer for browsing, make sure the browser is hardened (eg. NoScript, Request Policy..etc)
6. Install applications with different users for application separation.
7. Do not install applications with elevated privileges.
8. No antivirus or similar "security product" for experienced users - these often pose higher risks, list below. For standard users, it may worth thinking about it.
9. If you use the computer for browsing, make sure the browser is hardened (eg. NoScript, Request Policy..etc)
10. Turn on security auditing (process tracking, logon events, etc)
=====
Important practices in order to stay secure
@ -32,7 +31,6 @@ Note for privacy: enterprise version of Windows is preferred. The "home" edition @@ -32,7 +31,6 @@ Note for privacy: enterprise version of Windows is preferred. The "home" edition
=====
References
AppLocker https://technet.microsoft.com/en-us/library/dd759117.aspx
EMET https://microsoft.com/emet/
Obscure fix for NetNTML leaking by lnk/url: https://support.microsoft.com/en-us/kb/968389
Browser "security" https://securityinabox.org/en/guide/firefox/windows

Loading…
Cancel
Save