Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Access this computer from the network - best practices for DC and Member Server

This policy setting determines whether the LDAP server requires LDAP clients to negotiate data signing. Using the default configuration of this value allows LDAP clients to communicate with Active Directory in an insecure fashion.

Server hardening is a bigger challenge today than ever before. When infrastructure becomes more and more complex, it is impossible to achieve compliance using manual tools to harden servers. CalCom offers an automated solution for server hardening for easy policy enforcement and maximum compliance.

Auditing Kerberos service ticket operations is important for detecting hackers trying to use Kerberos as an attack vector. The default value of this configuration is to audit only successful events. This may eventually result in missing an attack or not having enough information to investigate it.

This video will discuss the recommended setting for Symbolic Links in your servers, since as much as they are useful, Symbolic Links can also be used maliciously to gain access and control in your network.

This policy specifies whether to prevent the redirection of data to client LPT ports during a Remote Desktop Services session. You can use this setting to prevent users from mapping local LPT ports and redirecting data from the remote computer to local LPT port peripherals. If a value is configured to Disabled or Not Configured, the attacker can leverage it to map the client’s LPT ports. In addition, he can use the port to redirect data from the Terminal Server to the local LTP ports.

Do Not Allow COM Port Redirection will determine whether the redirection of data to client COM ports from the remote computer will be allowed in the RDS session. By default, RDS allows COM port redirection. It can be used, for example, to use a USB dongle in an RDS session.

IP source routing is a mechanism that allows the sender to determine the IP route that a datagram should take through the network. An attacker could use source routed packets to obscure their identity and location. Source routing allows a computer that sends a packet to specify the route that the packet takes.