Operating System Hardening 101

TLDR: Too Long Didn’t Read

User Accounts

Disable and rename the built-in Administrator account.
Create a new basic and administrator user account.
Only use the administrator account when necessary.

Strong Passwords

When you have to use a password you will need to remember, use a pass-phrase at least 24 characters in length.
Adding complexity to the beginning or middle of a password makes it stronger.
Misspelling words in a pass-phrase will make it stronger.
Use a Password Manager and/or Two-factor Authentication!.

Firewall Rules

Don’t skip locking down the server’s firewall even when behind a WAN perimeter firewall.
Only system management access(RDP/SSH) should be allowed from a preset management IP range.
Outbound firewall rules are just as important as inbound rules, so spend the time to set them up!

Bret

I'm an IT Professional with more than a decade in the IT industry. My security skills were built on years of strong systems administration work, and practice.
My motto is, "If you're not pushing forward, your falling behind!"
-----
Certs: EC-Council Certified Ethical Hacker, MS MCSA: Windows Server 2016, CompTIA Net+

Follow me on Mastodon

Author archive Author website

January 11, 2021

Blue Team, OS Hardening, Systems Admin

Leave a Reply Cancel reply

© 2024 Cyber Gladius

Follow Me on my Mastodon - Infosec.Exchange Mastodon IOC.Exchange Mastodon