{"id":2475,"date":"2023-04-01T09:42:25","date_gmt":"2023-04-01T13:42:25","guid":{"rendered":"https:\/\/increasec.com\/?p=2475"},"modified":"2026-03-06T13:59:55","modified_gmt":"2026-03-06T18:59:55","slug":"domain-security-recommendations","status":"publish","type":"post","link":"https:\/\/increasec.com\/?p=2475","title":{"rendered":"Domain Security Recommendations"},"content":{"rendered":"\n

These come from 7minsec<\/a>, Brian Johnson makes an entertaining podcast which is unusual in the normally dry security space. Highly recommend. I love podcasts as i can listen while I do other less productive things like drive or try to get to sleep…. or watch CSI for the 4th time because it’s my wife’s turn to choose…. not that I’m bitter…<\/p>\n\n\n\n

<\/p>\n\n\n\n

disable users adding pcs to the domain; Default DOMAIN Controllers policy, replace Authenticated Users with a stricter group(s)<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n


smb signing
strong unique passwords + LAPS
run ping castle
disable insecure protocols; netbios, llmnr, mdns, smbv1
power up sql, find sql servers, stored procedures,
turn off print sharing, esp on DCs, ping castle scanners print spool<\/p>\n\n\n\n

take local admin away from everyone
Pre-filter email (yes they are all a pain)
Use GPO to auto-install the chrome extension Ublock Origin see here<\/a><\/p>\n\n\n\n

<\/p>\n\n\n\n

Change the KrbTgt password. I have done this a dozen times and never had a problem. Don’t change it 2x in rapid succession, leave 3 days before changing again.<\/p>\n\n\n\n

Starting Audit Policy. These settings will not generate excessive logs. There are other settings, i don’t recommend enabling them until you have a reason.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

<\/p>\n\n\n\n

<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n","protected":false},"excerpt":{"rendered":"

These come from 7minsec, Brian Johnson makes an entertaining podcast which is unusual in the normally dry security space. Highly recommend. I love podcasts as i can listen while I…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2475","post","type-post","status-publish","format-standard","hentry","category-uncategorised"],"_links":{"self":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/2475","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2475"}],"version-history":[{"count":10,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/2475\/revisions"}],"predecessor-version":[{"id":4120,"href":"https:\/\/increasec.com\/index.php?rest_route=\/wp\/v2\/posts\/2475\/revisions\/4120"}],"wp:attachment":[{"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2475"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2475"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/increasec.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2475"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}