Description: TWITTER: @SLYDGOTCHA
BLOG: REDPATHINTEL.BLOGSPOT.COM
I've been putting together a video on the fundamentals of windows system security. This is mainly handled from the command line because I believe its very important for newcomers to the field get used to not having a GUI, and become more familiar with commands and switches. For those of you already familiar with security, you may already know quite a few of these commands. I've included an outline for everyone just so they know what they're getting into.
Here's the outline of the first video:
Account Management: NET USER / NET SESSION / GPEDIT.MSC
Adding Accounts
Deleting Accounts
Modifying Accounts
Viewing Account Settings
Enforcing Account Settings through Group Policy
Service Management: SERVICES.MSC / SC QUERY
Starting Services
Stopping Services
Configuring Services
Identifying Insecure Services (Telnet/FTP)
Secure Alternatives
Process Management: TASKMGR / TASKLIST / TASKKILL / WMIC PROCESS LIST FULL
Viewing Processes
Forcing Processes to Stop
Killing Specific Processes (Malware)
Starting Processes
Group Policy Security: GPEDIT.MSC / GPUPDATE
Audit Policy
User Rights Assignment
Security Options
Account Policies (Covered in Account Management)
Inspecting Your System:MSCONFIG / NETSTAT / NET VIEW / NET SHARE
Tips and Tricks for looking for Malware
Identifying Compromise
Viewing open shares/connections
Creating and Destroying shares
Next Video Information: NETSH ROUTING IP / CACLS / EventVwr.msc / 3rd Party Tools
Applying Packet Filters through NetSH
File Permissions with CACLS
Configuring Client Side Browsers
Sysinternals and other 3rd party tools
Logs and EventViewer
Tags: computer security , system security , windows security , computer , system , windows , microsoft , microsoft security , account management , system management , baseline , group policy , process management , service management ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Excellent, will check it out.
Thanks a lot.
Yeah no problem.
I meant to clarify this in the video but I didn't do such a great job.
In policy, the enforcing password complexity rules means that you need to have at least 3 of the following 5 categories:
- A uppercase character
- A lowercase character
- A digit
- A symbol
Source: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/504.mspx?mfr=true
Thanks for the excellent video. I am trying the commands on Windows 7 Home premium .
After I type gpedit on cmd , I get the following error
"'gpedit' is not recognized as an internal or external command,operable program or batch file."
DO you know how to get gpedit for Windows 7 home premium. If not is there any alternative?
@ageek:
Use gpedit.msc
Great stuff... first time i hear about a command like "net session" :)
keep up the good work.
gpedit.msc is not available on win 7 home premium. Any alternatives?
Thanks a bunch! Please keep the videos coming. Very useful.
@ageek:
That command is not supported in Windows 7 home premium. Unfortunately your policy editing skills are limited there, I did dig up this excel sheet from Microsoft that allows you to edit certain registry values that would affect group policy.
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=25250
@pitsputs @SecurityStudent: Thank you both. :)
@ageek: http://thecustomizewindows.com/2011/07/group-policy-editor-gpedit-msc-in-windows-7-home-premium-enable/
May be this link will help you, i havent used it on my pc, m using windows xp...
thank you, nice infos, please continue
Thank you, waiting for part 2. It reminds me the old times. Everyone was happy when GUI first comes, now everyone is REALY happy when he can use cli again.
awesome bro nice video tut on windows system security.
we are looking forward for next video.