🛡️ Application & Uncategorized OS Settings Playbook
Note: These two categories often overlap and cover specific service/OS configurations.
1. Windows (Desktop & Server)
Section titled “1. Windows (Desktop & Server)”- Objective: Secure critical application settings, remote access, file sharing, and other OS permissions.
- Tools:
System Properties->RemoteWindows Firewall(wf.msc)
- Common Actions:
- Secure Remote Desktop (RDP):
- Open System Properties (
sysdm.cpl) and go to the “Remote” tab. - Disable Remote Assistance.
- Ensure RDP is only enabled if required.
- Ensure “Allow connections only from computers running Remote Desktop with Network Level Authentication (NLA)” is checked.
- Open System Properties (
- Secure File Sharing: Review shared folders. In “Advanced Sharing,” check permissions to ensure “Everyone” does not have “Full Control” or “Write” access.
- Review Firewall Rules: Open
wf.msc. Look for unusual “Allow” rules in “Inbound Rules” that may have been created by malware.
- Secure Remote Desktop (RDP):
2. Linux (Mint 21 & Ubuntu 22)
Section titled “2. Linux (Mint 21 & Ubuntu 22)”- Objective: Secure critical application settings (like SSH), remote access, file sharing, and other OS permissions.
- Tools:
Terminal
- Common Actions:
- Secure SSH: This is the most common application to secure.
- Edit the configuration file:
sudo nano /etc/ssh/sshd_config. - Disable Root Login: Set
PermitRootLogin no. - (Optional but recommended)
PasswordAuthentication no(if using SSH keys). - Restart the service:
sudo systemctl restart ssh. - Check File Permissions: Look for incorrect, “world-writable” files:
find / -type f -perm -0002.