bastion.inf

[System Access]
MinimumPasswordAge = 2
MaximumPasswordAge = 42
MinimumPasswordLength = 10
PasswordComplexity = 1
PasswordHistorySize = 6
LockoutBadCount = 5
ResetLockoutCount = 720
LockoutDuration = -1
RequireLogonToChangePassword = 1
ForceLogoffWhenHourExpire = 1
NewAdministratorName = “root”
[System Log]
MaximumLogSize = 100032
AuditLogRetentionPeriod = 1
RetentionDays = 30
RestrictGuestAccess = 1
[Security Log]
MaximumLogSize = 100032
AuditLogRetentionPeriod = 1
RetentionDays = 30
RestrictGuestAccess = 1
[Application Log]
MaximumLogSize = 100032
AuditLogRetentionPeriod = 1
RetentionDays = 30
RestrictGuestAccess = 1
[Event Audit]
AuditSystemEvents = 3
AuditLogonEvents = 3
AuditObjectAccess = 2
AuditPrivilegeUse = 2
AuditPolicyChange = 3
AuditAccountManage = 3
AuditProcessTracking = 0
CrashOnAuditFull = 1
[Registry Keys]
“USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies”,2,”D:(A;CI;0x10000000;;;CO)(A;CI;0xc0010000;;;PU)”
“USERS\.DEFAULT\SOFTWARE\Microsoft\Protected Storage System Provider”,1,””
“USERS\.DEFAULT\Software\Microsoft\NetDDE”,2,”D:P(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“USERS\.DEFAULT”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current”,1,””
“MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation”,2,”D:(A;CI;0xc0000000;;;PU)”
“MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Executive”,2,”D:(A;CI;0xc0000000;;;PU)”
“MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg”,2,”D:P(A;CI;0x10000000;;;DA)(A;CI;0xc0000000;;;BO)”
“MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions”,1,””
“MACHINE\SYSTEM\CurrentControlSet\Enum”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;SY)”
“MACHINE\SYSTEM\ControlSet001″,1,””
“MACHINE\SYSTEM\ControlSet002″,1,””
“MACHINE\SYSTEM\ControlSet003″,1,””
“MACHINE\SYSTEM\ControlSet004″,1,””
“MACHINE\SYSTEM\ControlSet005″,1,””
“MACHINE\SYSTEM\ControlSet006″,1,””
“MACHINE\SYSTEM\ControlSet007″,1,””
“MACHINE\SYSTEM\ControlSet008″,1,””
“MACHINE\SYSTEM\ControlSet009″,1,””
“MACHINE\SYSTEM\ControlSet010″,1,””
“MACHINE\SYSTEM\Clone”,1,””
“MACHINE\SYSTEM”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WOW”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Type 1 Installer\Type 1 Fonts”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009″,1,””
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib”,2,”D:P(A;CI;0x80000000;;;IU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Midimap”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI Extensions”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Embedding”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32″,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Secure”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Rpc”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;CO)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider”,1,””
“MACHINE\SOFTWARE\Microsoft\Ole”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;CO)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\NetDDE”,2,”D:P(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Classes”,1,””
“MACHINE\Software”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0010000;;;PU)S:P(SA;CIOISAFA;0x000d0006;;;WD)”
“CLASSES_ROOT\.hlp”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“CLASSES_ROOT\helpfile”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“CLASSES_ROOT”,2,”D:(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;CO)(A;CI;0x10000000;;;SY)(A;CI;0xc0010000;;;PU)”
[File Security]
“%SystemDirectory%\midimap.cfg”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\localmon.dll”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\hpmon.hlp”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\hpmon.dll”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\config.nt”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\cmos.ram”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\autoexec.nt”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\spool\printers”,2,”D:P(A;CI;0xa0000000;;;AU)(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;CIOI;0xe0010000;;;PU)”
“%SystemDirectory%\spool”,2,”D:(A;CIOI;0x10000000;;;CO)(A;CIOI;0xe0010000;;;PU)S:P”
“%SystemDirectory%\repl\export”,2,”D:(A;CIOI;0x10000000;;;CO)(A;CIOI;0xe0010000;;;RP)S:P”
“%SystemDirectory%\repl\import”,2,”D:(A;CIOI;0x10000000;;;CO)(A;CIOI;0xe0010000;;;RP)S:P”
“%SystemDirectory%\config”,2,”D:P(A;CI;0xa0000000;;;AU)(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)”
“%SystemRoot%\Web\WallPaper\Wallpapr.htm”,2,”D:P(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xa0000000;;;IU)”
“%SystemRoot%\Web\WallPaper”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\Subscriptions”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\OCCache”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\fpxpress.ini”,2,”D:(A;;0xe0010000;;;IU)”
“%SystemRoot%\Downloaded Program Files”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\Temporary Internet Files”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\History”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\Cookies”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\setup.old”,2,”D:(A;;0xe0010000;;;IU)”
“%SystemRoot%\Win.ini”,2,”D:P(A;;0xa0000000;;;AU)(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xe0010000;;;PU)”
“%SystemRoot%\repair”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)”
“%SystemRoot%\profiles”,1,””
“%SystemRoot%”,2,”D:P(A;CIOI;0xa0000000;;;AU)(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;CI;0xe0010000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“%SystemDrive%\PageFile.Sys”,1,””
“%SystemDrive%\InetPub”,1,””
“%SystemDrive%\Users”,1,””
“%SystemDrive%\Temp”,2,”D:P(A;CIOI;0x10000000;;;CO)(A;CI;0xe0000000;;;AU)(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)”
“%SystemDrive%\~Secure.nt”,1,””
“%SystemDrive%\Recycler”,1,””
“%SystemDrive%\Program Files”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0xa0000000;;;AU)(A;CIOI;0x10000000;;;SY)(A;CIOI;0xe0010000;;;PU)”
“%SystemDrive%”,0,”D:(A;CIOI;0xa0000000;;;AU)(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0x40000000;;;PU)”
“c:\config.sys”,2,”D:P(A;;0xa0000000;;;AU)(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0x10000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“c:\autoexec.bat”,2,”D:P(A;;0xa0000000;;;AU)(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0x10000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“c:\ntbootdd.sys”,2,”D:P(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xa0000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“c:\ntldr”,2,”D:P(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xa0000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“c:\ntdetect.com”,2,”D:P(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xa0000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“c:\boot.ini”,2,”D:P(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xa0000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
[Version]
signature=”$CHICAGO$”
[Privilege Rights]
SeAssignPrimaryTokenPrivilege =
SeAuditPrivilege =
SeBackupPrivilege = Administrators
SeCreatePagefilePrivilege = Administrators
SeCreatePermanentPrivilege =
SeCreateTokenPrivilege =
SeDebugPrivilege =
SeIncreaseBasePriorityPrivilege = Administrators
SeIncreaseQuotaPrivilege = Administrators
SeInteractiveLogonRight = Administrators
SeLoadDriverPrivilege = Administrators
SeLockMemoryPrivilege =
SeNetworkLogonRight =
SeProfileSingleProcessPrivilege = Administrators
SeRemoteShutdownPrivilege =
SeRestorePrivilege = Administrators
SeSecurityPrivilege = Administrators
SeShutdownPrivilege = Administrators
SeSystemEnvironmentPrivilege = Administrators
SeSystemProfilePrivilege = Administrators
SeSystemTimePrivilege = Administrators
SeTakeOwnershipPrivilege = Administrators
SeTcbPrivilege =
SeMachineAccountPrivilege =
SeChangeNotifyPrivilege = Everyone
SeBatchLogonRight =
SeServiceLogonRight =
[Profile Description]
Description=Cisco Bastion Host Script
[Service General Setting]
ClipSrv,4,”D:(A;CIOI;0x0002008d;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x0002008f;;;PU)(A;CIOI;0x0000009d;;;IU)S:(SA;FA;0x000f01ff;;;WD)”
cisvc,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
DHCP,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
LicenseService,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
MSDTC,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
NetDDE,4,”D:(A;CIOI;0x0002008d;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x0002008f;;;PU)(A;CIOI;0x0000009d;;;IU)S:(SA;FA;0x000f01ff;;;WD)”
NetDDEdsdm,4,”D:(A;CIOI;0x0002008d;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x0002008f;;;PU)(A;CIOI;0x0000009d;;;IU)S:(SA;FA;0x000f01ff;;;WD)”
RPCLOCATOR,4,”D:(A;CIOI;0x00020000;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x000f01ff;;;SY)(A;CIOI;0x00020000;;;PU)(A;CIOI;0x0000009d;;;IU)(A;CIOI;0x0000009d;;;S-0x1-0x000000000005-0x20-0x221)S:(SA;FA;0x000f01ff;;;WD)”
Schedule,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
Spooler,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
LmHosts,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
TapiSrv,4,”D:(A;CIOI;0x0002008d;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x0002008f;;;PU)(A;CIOI;0x0000009d;;;IU)(A;CIOI;0x0000009d;;;S-0x1-0x000000000005-0x20-0x221)S:(SA;FA;0x000f01ff;;;WD)”
UPS,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
RpcSs,2,”D:(A;CIOI;0x00020000;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x000f01ff;;;SY)(A;CIOI;0x00020000;;;PU)(A;CIOI;0x0000009d;;;IU)(A;CIOI;0x0000009d;;;S-0x1-0x000000000005-0x20-0x221)S:(SA;FA;0x000f01ff;;;WD)”
[Registry Values]
MACHINE\SOFTWARE\Microsoft\DataFactory\HandlerInfo\HandlerRequired=4,1
MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem\NtfsDisable8dot3NameCreation=4,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ShutdownWithoutLogon=1,0
MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,31
MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl=4,0
MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms=1,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies=1,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount=1,0
MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,1
MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\DontDisplayLastUserName=1,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption=1,Hardened by InfoSec – Cisco Systems
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText=1,This is a private system. Unauthorized use is prohibited.
MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=4,5
MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1
MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,1
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel=4,1
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel=4,1
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal=4,1
MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnableSecuritySignature=4,1
MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\RequireSecuritySignature=4,1
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoShareWks=4,0
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoShareServer=4,0
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,1
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,1
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15
MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnablePlainTextPassword=4,0
MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\AddPrintDrivers=4,1
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRouting=4,1

The skills the IT pros are seeking

You may be working on the entry-level skills to break into IT, or you may already be a working professional. But you should always be looking both ahead, at what the landscape will look like in two to five years, and over your shoulder, at the skills your peers are gaining and polishing. Inevitably you’re going to move in the direction of some specialty, be it programming, networking, security or niches like medicine or law.

Take a look at this NetworkWorld piece, “Security pros seek hacking, forensics skills” at http://tinyurl.com/ylg3n84 . In a word, your peers (and competitors) are pursuing security certifications (37%), learning ethical hacking (20%) and studying forensics (13%).

Start running now, if you want to catch up….

Consulting Services

I provide consulting services in select areas.

Security training (Hacker High School, ISECOM.org, CompTIA)

Site security auditing and policy & procedure development

Web and mobile application development, management and instruction

Privacy, confidentiality and anti-trolling services

Please contact me using the link above for more information.

Courseware

The Courseware area is primarily for my students, though anyone is welcome to use these materials.

Simply scroll down the Categories menu on the right to select a course.

My students can become registered users and add material or comment on individual pages, but otherwise an account is not necessary.