GreySec Forums
how to harden windows 2019 server? - Printable Version

+- GreySec Forums (https://greysec.net)
+-- Forum: Technology and Miscellaneous IT-Discussion (https://greysec.net/forumdisplay.php?fid=29)
+--- Forum: Operating Systems (https://greysec.net/forumdisplay.php?fid=14)
+--- Thread: how to harden windows 2019 server? (/showthread.php?tid=6604)



how to harden windows 2019 server? - QMark - 05-02-2019

So when I look on Google I get crappy tutorials and I'm looking for something more high quality.

Could someone give me preferably a YouTube video or something with pictures that shows how to secure Windows server?

Thanks.


RE: how to harden windows 2019 server? - Insider - 05-20-2019

Guess it depends on what services you're going to host. Say you making a domain server, with active directly. Use separate domain controllers to connect to it. Don't keep it open to the internet, use private vlan.

Follow the principle of least authority. Maybe you have a global admin account, but only connect with less privileged accounts. As an example on my home computer, I use a non-privileged account for my daily browsing, because I don't need an administrator account to browse greysec.

Use applocker or software center to securely distribute software.

Also interesting to check out NSA windows security guidelines: https://github.com/nsacyber/Windows-Secure-Host-Baseline