7 Minute Security

7 Minute Security

A podcast where I audibly regurgitate what I'm learning about information security - in 7-minute chunks!... Show More

Today's episode is brought to you by NoteCast. Try it free for 60 days (no credit card required) and enter code 7MS when completing your signup. In today's episode, I talk about how the level of Windows server/client logging out of the box is...not really awesome. I then look at how we can create a GPO that turns logging "up to 11" using some free tools and cheat sheets. If you want to simulate this in your own lab by building out an Active Directory environment, check out part 1 of a Webinar series we've been working on called DIY $500 Pentest Lab, which helps you select hardware/software components you need to build a lab. Then coming up soon is part 2 where we'll build out a Windows 2012 server, promote it to a DC, join a couple clients to it, and prepare to start hacking! Once your AD and clients are setup, you can start slurping up their logs for free using a Papertrailapp account (not a sponsor). I went ahead and paid for a $7/mo plan so I could get 1GB of storage and a little longer log retention. Then, I used LOG-MD to audit a Windows workstation and get some great recommendations on what registry settings and security policy tweaks to make. Finally, I started turning this into a GPO so I could begin pushing out these settings en masse. My living/breathing document to capture all this information is in a new gist that I plopped here.

Share
Mark as Played

Chat About 7 Minute Security

Popular Podcasts

The Ron Burgundy Podcast
The Ron Burgundy Podcast
Will Ferrell reprises his role as Ron Burgundy in his brand new Ron Burgundy Podcast! Each episode has a different theme in which Ron engages in conversation with another notable person on the topic at hand.
Atlanta Monster / Monster: The Zodiac Killer
Atlanta Monster / Monster: The Zodiac Killer
Atlanta Monster / Monster: The Zodiac KillerFrom Tenderfoot TV and HowStuffWorks, 'Monster: The Zodiac Killer' dives into one of the most notorious, unsolved serial killing sprees in history.
The Joe Rogan Experience
The Joe Rogan Experience
Joe Rogan's Weekly Podcast