IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [windows-server]

123 questions
134
votes
19 answers

Is it common to allow local desktop and/or active directory admin access and rights for developers in organizations?

I work at a company with a staff of about 1000+. We currently have programming development staff that work on web based projects (approx 50 people). Recently due to security concerns our IT and Security department implemented a restriction no…
TroySteven
  • 1,329
  • 2
  • 7
  • 11
88
votes
10 answers

How secure is RDP?

I have a sort of a conflict with my company's Security Lead Engineer. He says that Remote Desktop Protocol (RDP) is not secure enough and we should be using TeamViewer instead. We use RDP not only to access local resources inside our corporate…
prot
  • 991
  • 1
  • 6
  • 7
64
votes
2 answers

Does removing a GUI from a server make it less vulnerable?

Lately, I was watching an online video about Microsoft Certified Solutions Associate (MCSA) and in one of the videos it says "removing GUI from Windows server makes it less vulnerable." Is that true? If so, how does removing the GUI have that…
R1W
  • 1,617
  • 3
  • 15
  • 30
22
votes
8 answers

Is local admin access a danger to a properly set-up network?

I read this question: Is it common to allow local admin access for developers in organizations? This question makes me wonder. I can see how local admin access is a danger to the machine. But can a computer with a user account with local admin…
Belle
  • 325
  • 2
  • 7
7
votes
2 answers

Don’t use a web browser on a server?

After pulling up a Windows Server 2012 instance, I learned that google.com is riskier than I thought: It does the same for microsoft.com. There are instructions to disable "Enhanced Security Configuration," but this article by Michael Pietroforte…
jtpereyda
  • 1,430
  • 2
  • 16
  • 26
6
votes
1 answer

How can Nmap bypass Windows Server firewall rules?

I need to block all communication (inbound/outbound) from server A to server B (all ports/all protocols). Server A should communicate with every machine except server B. I can't place firewall rules on server B, so I have placed all rules on server…
Salman Raza
  • 61
  • 1
6
votes
3 answers

How to specifiy -CAPath using OpenSSL in windows to perform TLS handshake

I'm new to using OpenSSL and currently using it in Windows trying to troubleshoot for the party connecting to our server. openssl s_client -connect servername:443 CONNECTED(00000134) depth=0 CN = servername verify error:num=20:unable to get local…
MichaelChan
  • 225
  • 1
  • 3
  • 8
6
votes
1 answer

Should the "Users" group be removed from Windows Servers "Allow log on locally" Security GPO setting?

I know by default RDP does not allow any non-admin user to RDP into a machine unless we specify it. But a non-admin user can logon to the machine at the console. I was looking at the "Allow log on locally" GPO security setting under the User Rights…
cflyer
  • 503
  • 5
  • 8
5
votes
1 answer

DSquery leaking personal information

Today I found DSquery on one of my smb shares at work. I ran it to query users and since my company uses IC numbers as the unique CN, I got to see all my colleagues' ICs. Firstly, is this considered a vulnerability? and secondly how can this be…
jia chen
  • 149
  • 4
5
votes
2 answers

How to protect from WPAD attacks?

If you are in a Windows network, and you basically connect to a website ; And there is an attacker on Linux who changes the hostname to WPAD and configures WPAD.dat in his system, all your PC's traffic can be captured (or) spoofed. WPAD.dat -…
Tilak Madichetti
  • 252
  • 1
  • 6
  • 16
5
votes
3 answers

How to determine if there is any SSL v2, SSL v3, TLS 1.0 or TLS 1.2 connections to the server?

Environment: Windows 2008 R2, IIS, ASP.Net Website I'm preparing to disable SSL v2,SSL v3 in my server. How can I check whether my server receiving any connections via SSL v2 or SSL v3 ? (inorder to ensure no one is affected) Is there any logs in…
Manivannan
  • 51
  • 1
  • 2
5
votes
1 answer

userWorkstations attribute in AD preventing users from logging into WebApp

For some of our users in AD, we have set userWorkstations attribute to restrict access to other machines. But this is preventing those users from logging into WebApplications (around 50+) protected by Access Manager(in our case OpenAM). One way to…
Karthik
  • 153
  • 6
4
votes
1 answer

Is it possible to take over a Windows server through Oracle?

I have a Windows Server 2008 R2 with an Oracle database running on it. Someone who knows my Oracle username and password claims that he can create a Windows system account somehow. And then he can control the whole server and do whatever he…
user216358
  • 41
  • 1
4
votes
2 answers

What is the main risk of allowing services to logon as NT AUTHORITY\SYSTEM?

Many enterprises run service on production servers as SYSTEM without considering the risk that might arise from this configuration, what is the biggest risk associated with it? and how would attackers exploit this kind of configuration?
Limpid.Security
  • 119
  • 1
  • 1
  • 8
4
votes
1 answer

One computer on our network was hacked and stole hundreds of accounts on different websites - what are correct steps to take?

Someone in our company long time ago downloaded infected Windows Server copy from torrent site and kept it as test server in our network till now. Recently, our administrator noticed huge outgoing traffic from that computer, started digging and…
TheDeveloper
  • 41
  • 1
1
2 3
8 9