Skip to content

Hardening script update v2023.7.25
Compare
Choose a tag to compare
@HotCakeX HotCakeX released this 25 Jul 15:35
· 2848 commits to main since this release
v2023.07.25
ecb9388
This commit was signed with the committer’s verified signature.
HotCakeX Violet Hansen
SSH Key Fingerprint: zxnp9qw1pTV1xJFvxpyjSoQZLDR9ZdnqiaixWPYirNg
Verified
Learn about vigilant mode.

Change log

Removed built-in admin account activation option from the script - e7d5e8e

Due to security reasons. removed the ability to set a password and activate built-in administrator account.
https://support.microsoft.com/en-us/topic/kb5020282-account-lockout-available-for-built-in-local-administrators-bce45c4d-f28d-43ad-b6fe-70156cb2dc00

The lockout policy for the built-in administrator account which is disabled by default:
The new lockout behavior only affects network logons, such as RDP attempts. Console logons will still be allowed during the lockout period.

You should sign into Windows using a password-less Microsoft account and use Windows Hello for authentication.

Added Custom event log view for restarts - aa4381a

A new custom view for Event viewer logs was added to track system restarts that were either initiated by user or by apps/system.

Made the Event viewer custom view names more user friendly - aa4381a

Changed the name of the custom view xml files from vague View_1.xml, View_2.xml etc. to proper names that clearly describe what they are for.

Added custom event views for 2 new events - 1bf0411

  • One of them to track wrong entered PINS at lock screen
  • The other for tracking workstation locks and unlocks
Assets 2
Loading