Operating System Hardening 101
January 11, 2021
Blue Team
TLDR: Too Long Didn’t Read
User Accounts
- Disable and rename the built-in Administrator account.
- Create a new basic and administrator user account.
- Only use the administrator account when necessary.
Strong Passwords
- When you have to use a password you will need to remember, use a pass-phrase at least 24 characters in length.
- Adding complexity to the beginning or middle of a password makes it stronger.
- Misspelling words in a pass-phrase will make it stronger.
- Use a Password Manager and/or Two-factor Authentication!.
Firewall Rules
- Don’t skip locking down the server’s firewall even when behind a WAN perimeter firewall.
- Only system management access(RDP/SSH) should be allowed from a preset management IP range.
- Outbound firewall rules are just as important as inbound rules, so spend the time to set them up!