|
By Keren Pollack
NTLM has three versions - NTLMv1, NTLMv2 and NTLMv2 Session Security. NTLMv2 is supposed to offer better security than its previous version, and to some extent it does provides better defense against relay and brute force attacks, but does not completely block them. NTLMv2 Session Security is a session security protocol that can be used in conjunction with NTLMv1 or NTLMv2 to provide additional security.
|
By Ben Balkin
Data Execution Prevention (DEP) is a Windows security feature that protects systems by preventing code from executing in memory areas designated for data storage. By ensuring only authorized programs can run in specific memory regions, DEP helps block malicious software, such as viruses, from executing harmful code. It operates at both hardware and software levels, monitoring memory usage to prevent exploits like buffer overflow attacks.
|
By Ben Balkin
When a computer is connected to a network (domain), it is given a machine account that represents that computer on the network. This account is used to authenticate the computer allowing it to access network resources and do tasks. Each machine account, also known as a domain member. has its own unique password for each network. Disable machine account password changes controls whether domain-joined machines automatically change their machine account passwords with the domain controller (DC).
|
By Ben Balkin
The primary function of the HTTP trace method (aka trace or track verbs) is as a diagnostic tool used in web servers. It works by echoing back the received request so that the client can see what changes or additions have been made by intermediate servers. Essentially, when a client sends a TRACE request to a server, the server responds by sending back the exact request it received, including all the headers.
|
By Ben Balkin
Secure Sockets Layer (SSL) is a technology that encrypts data sent between a user's browser and a website or application on a server. The purpose of SSL is to secure the information preventing eavesdropping and tampering. Originally released in 1995, SSLv2 is a protocol used to encrypt data sent over the internet, ensuring that the information remains private and secure.
|
By Keren Pollack
Transport Layer Security (TLS) is a cryptographic protocol designed to provide secure communication between web browsers and servers. It is used in almost every app nowadays. Many IP-based protocols such as HTTPS, SMTP, POP3, and FTP support TLS. Disable TLS 1.0 is a critical task for security and compliance.
|
By John Gates
The National Institute of Standards and Technology (NIST) is a US government agency that develops standards and guidelines for cybersecurity and technology. The purpose of these guidelines is to protect sensitive information, especially for those companies working with the government.
|
By Ben Balkin
An X-Powered-By header is a type of HTTP response in the header field (most headers prefixed with an ‘X-‘ are non-standard) that informs the user which technology stack or framework is running on the web server. For example, if a web server is running Node.js, the header would be “X-Powered-By:Express”, which indicates an Express framework is being used.
|
By Ben Balkin
The windows security setting adjust memory quotas for a process, specifies who has the permission to change the maximum amount of random access memory (RAM) that a program or application can access at any specific time. Doing so controls and manages system resources, ensuring the system runs smoothly. The adjust memory quotas for a process setting decides who can change a program or process' memory quota.
|
By Ben Balkin
TrustedInstaller is a Windows system account with special high-level permissions allowing it to modify certain system files, folders, and registry settings. It also prevents any account including administrator accounts from modifying these files and folders. Trustedinstaller.exe is a Windows Module Installer service, a part of Windows Resource Protection (WRP), which restricts access to core system files and folders preventing them from being modified or replaced.
|
By CalCom
In this video discussing server hardening, you’ll learn why server hardening is so important to your IT Enterprise. Whether you’re a seasoned CISO or IT professional, this video is a must-watch for anyone who wants to keep their servers secure.
|
By CalCom
Explore the core principles behind these baselines, including risk management, threat identification, and control selection. Gain insights into the latest updates and revisions, ensuring you stay up-to-date with the best practices and industry standards.
|
By CalCom
To safeguard the SQL layer against common SQL-based attacks, including Denial of Service, Brute Force, and SQL injections, and to prevent privilege escalations, hardening the SQL server is of utmost importance. Achieving compliance and satisfying auditors also necessitates SQL hardening. By implementing SQL hardening measures at both the application and operating system levels, the organization can significantly reduce its attack surface and eliminate critical vulnerabilities.
|
By CalCom
When installing a new Linux server, you should be aware that its level of security is very low by default, to allow as much functionality as possible. Therefore, performing basic hardening actions before the server is installed in production is crucial. CalCom Software is hardening RedHat / Linux.
|
By CalCom
The LAN Manager (LM) is a group of early Microsoft client/server software products that enable users to connect personal computers on a single network. Its features include transparent file and printer sharing, user security features, and network administration tools. In Active Directory domains, the default authentication protocol is the Kerberos protocol. However, if Kerberos is not available for any reason, LM, NTLM, or NTLMv2 can be used as an alternative.
|
By CalCom
Access this computer from the network - best practices for DC and Member Server
|
By CalCom
This policy setting determines whether the LDAP server requires LDAP clients to negotiate data signing. Using the default configuration of this value allows LDAP clients to communicate with Active Directory in an insecure fashion.
|
By CalCom
Server hardening is a bigger challenge today than ever before. When infrastructure becomes more and more complex, it is impossible to achieve compliance using manual tools to harden servers. CalCom offers an automated solution for server hardening for easy policy enforcement and maximum compliance.
|
By CalCom
Auditing Kerberos service ticket operations is important for detecting hackers trying to use Kerberos as an attack vector. The default value of this configuration is to audit only successful events. This may eventually result in missing an attack or not having enough information to investigate it.
- October 2024 (3)
- September 2024 (8)
- August 2024 (10)
- July 2024 (12)
- June 2024 (14)
- May 2024 (17)
- April 2024 (12)
- March 2024 (14)
- February 2024 (6)
- January 2024 (17)
- December 2023 (2)
- November 2023 (4)
- October 2023 (5)
- September 2023 (1)
- August 2023 (1)
- July 2023 (5)
- June 2023 (6)
- May 2023 (4)
- April 2023 (2)
- March 2023 (5)
- January 2023 (12)
- December 2022 (2)
- November 2022 (4)
- September 2022 (2)
- August 2022 (1)
- July 2022 (2)
- June 2022 (2)
- May 2022 (7)
- April 2022 (5)
- March 2022 (6)
- January 2022 (1)
- December 2021 (3)
- November 2021 (3)
- October 2021 (1)
- May 2021 (2)
- April 2021 (3)
- March 2021 (1)
- January 2021 (1)
- February 2020 (1)
- January 2020 (1)
- December 2019 (7)
- April 2019 (1)
- March 2019 (2)
- February 2019 (1)
CalCom Hardening Solution (CHS) is the ideal choice for IT Ops & CISOs looking to create a secured configured infrastructure.
CHS is a flexible hardening tool, with the unique ability to ‘learn’ where desired hardening changes will adversely impact production activity. CHS determines the impact of baseline changes before they implemented, producing visible conclusions for decision-makers. CHS eliminates time-consuming lab testing, reduces the cost and impact of hardening, and centering infrastructure control, thereby stopping security breaches and operational mistakes.
How Can CalCom Hardening Suite Make a Huge Difference In Server Hardening:
- Cost effective server hardening process: Save time and resources required for testing security policies in lab environments.
- Zero server outages: Ensure that production services are not harmed during server hardening.
- Prevent & monitor unauthorized policy changes: Stop security breaches and operational mistakes before they happen.
Make Your Hardening Project Effortless.