Buen día, estimados
Comparto un PDF acerca de hardening para windows 7 SP1 cuya ultima actualización fue julio de 2015 (de todas formas sirve) , Linuxeros no me destruyan con sus comentarios jaja
http://www.asd.gov.au/publications/protect/Hardening_Win7_SP1.pdf
Dejo abajo listado el contenido. Y proximamente ire traduciendo el pdf para compartirlo.
Tabla de contenidos.
High severity issues
Stanadrd operating environment
Application whitelisting
Application versions and security patching
Operating system patching
Privileged accounts
Application hardening
Operating system architecture
Enhanced Mitigation Experience Toolkit (EMET)
Data Exceution Prevention (DEP)
Address Space Layout Randomisation (ASLR)
Structured Exception Handling Overwrite Protection (SEHOP)
Host-based intrusion prevention
Built-in administrator accounts
Multi-factor authentication
Software-based firewalls
Virtualised web and email access
Audit event management
Centralised audit event logging
Medium severity issues
Operating system
Operating system functionality
Group policy processing
Built-in guest accounts
Password policy
Account lockout policy
NoLMHash policy
Credential entry
Credential caching
Elevating privileges
Autoplay and autorun
Endpoint device control
Administrative shares
File and print sharing
Remote desktop services
Concurrent sessions
Remote assistance
Installing applications
Legacy and run-once lists
Server message block sessions
NetBIOS over TCP/IP
Internet Protocol version 6 (IPv6)
Signature-based antivirus
Hard drive encryption
Direct memory access
Power management
System cryptography
Registry editing tools
Windows remote shell access
Boot devices
BIOS and UEFI passwords
Case locks
Recovery console
Safe mode
Session locking
CD burner access
Sound recorder
Legacy applications
Windows sidebar and gadgets
Anonymous connections
Network authentication
Secure channel communications
Windows Connect Now
Setting network location
Bridging networks
Network mapping
Remote Procedure Call (RPC)
Attachment Manager
Command prompt access
PowerShell scripts
System backup and restore
Security configuration editor settings
User rights policies
Security policies
Low severity issues
Resultant Set of Policy (RSOP) reporting
Displaying file extensions
Location awareness
Reporting system information
Windows Marketplace
File and folder security properties
Internet printing
Publishing information to the web
Saludos.-
Fuente: http://www.asd.gov.au
PD: Soy nuevo así que si hay algo que modificar o reemplazar me avisan Gracias.
Por el listado que nos dejas (se agradece, porque ilustra y permite decidir para bajarlo) se ve muy interesante el contenido.
Cierto es que algunos usuarios tienen dificultad con el idioma, así que sería un estupendo aporte la traducción que puedes ir dejando en este mismo post.
Saludos
Gabriela
Gracias @fbogarin (https://underc0de.org/foro/index.php?action=profile;u=62714),
En el mismo sitio del "Australian Signals Directorate" se pueden encontrar más publicaciones muy interesantes con sus respectivos PDF's.
http://www.asd.gov.au/publications/
Dejo el enlace a otras publicaciones similares:
HARDENING MICROSOFT WINDOWS 8 STANDARD OPERATING ENVIRONMENTS
http://www.asd.gov.au/publications/protect/hardening-win8.htm
HARDENING MICROSOFT OFFICE 2013
http://www.asd.gov.au/publications/protect/hardening-ms-office-2013.htm
MICROSOFT OFFICE MACRO SECURITY
http://www.asd.gov.au/publications/protect/Microsoft_Office_Macro_Security.pdf
SECURING POWERSHELL IN THE ENTERPRISE
http://www.asd.gov.au/publications/protect/Securing_PowerShell.pdf
USING REMOTE DESKTOP CLIENTS
http://www.asd.gov.au/publications/protect/using-remote-desktop-clients.htm
Saludos