GreySec Forums

Full Version: how to harden windows 2019 server?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
So when I look on Google I get crappy tutorials and I'm looking for something more high quality.

Could someone give me preferably a YouTube video or something with pictures that shows how to secure Windows server?

Thanks.
Guess it depends on what services you're going to host. Say you making a domain server, with active directly. Use separate domain controllers to connect to it. Don't keep it open to the internet, use private vlan.

Follow the principle of least authority. Maybe you have a global admin account, but only connect with less privileged accounts. As an example on my home computer, I use a non-privileged account for my daily browsing, because I don't need an administrator account to browse greysec.

Use applocker or software center to securely distribute software.

Also interesting to check out NSA windows security guidelines: https://github.com/nsacyber/Windows-Secu...t-Baseline