| About Blog Cheatsheets Defense Links Offense |
| Defense |
| Architecture Authorities Concept Forensic Introduction ITlawCH Malware Management Measures Methods Network Policy Risks Rules Threats Unix Linux Windows |
Windows
|
Patchlevel / Servicepack patchlevel and servicepacks installed |
|
User Access to critical accounts (guest, administrator), password policy (requests for lenght and quality), administration of accounts, administration of profiles and login-scripts, password cracking, group-analysis |
|
Domainconcept / Active Directory installation and maintenance of the domain, installation and maintenance of the active directory, global catalog, permissions in the domain and trust relationships, use of workgroups and group policy |
|
Logfiles analyzing of system-logfiles, use of third-party system-monitoring-tools, protection of logfiles |
|
File- and Directory-Permissions inspection of used filesystem (NTFS, FAT, DFS, EFS), file- and directory-permissions of user- and group-directories |
|
Registry tuning, hardening, permissions |
|
Services minimal needed services, enumeration, information disclosure, service permissions |
|
Firewall filter of protocols and services, exceptions |
|
Encryption Mechanism use of encryption software for data and mails, use of encryption software for user-authentication, Single-Sign-On (SSO), EFS, Truecrypt, Bitlocker |
|
Remote Control use of remote-control-tools (PCAnywhere, NetOP, Timbuktu, Radmin, Netviever, Teamviewer, Carbon Copy, VNC, SMS, RDP, TerminalServices), administration of remote-control-permissions |
|
Backup backup strategies and storage |
|
Malware Protection usage and updating of anti-virus, anti-spyware, anti-phishing, anti-trojan, anti-rootkit |
|
Hardening memory protection like DEP (Data Execution Prevention) and SEH (Security Exception Handling), hardened apps (PHP, Python, Java, C, ...) |
|
More databases, terminal services, web (IIS), FTP, DNS, file and print |