Week 1 - Linux User Accounts

Commands:

useradd -m -d /home/barry - Creates home directory for user
useradd -m -d /home/barry -k /etc/skel/ Creates a folder that contains any files or folder that you want set up default for the user.
ls -ld /home/barry - looks at permissions for that directory
chmod 700 /home/lbarry/ - Revokes permissions so others can't see directory
change -l lbarry - Gives password permissions

Password Settings:

vi /etc/login.defs - Password settings
PASSM_MAX_DAYS 90 - Max number of days a password may be used
PASS_MIN_DAYS 14 - Amount of days that need to pass until password can be changed again
PASS_WARN_AGE 7 - Amount of days before a password expires to give a warning
Reboot for changes to take effect

SSH Warning Message

Edit file in directory /etc/ssh/sshd_config

issue.net file stored in /etc contains the warning message

Password Policy

Edit file in directory: /etc/pam.d/common-password

Account Lockout Setting

Edit file in directory: /etc/pam.d/common-auth

SSH Settings:

Edit file in directory: /etc/hosts.allow
Add the following after the comments: (Example) sshd: 192.168.1.2 192.168.100. 10.237.237.0/24 - Edit hosts.allow file first the the hosts.deny

Add in the file hosts.deny in the same directory ALL : ALL below the comments

Week 2 - Linux Hardening

Sudo Hardening

Fail2ban

Use systemctl reload fail2ban after editing config file

Security Check Bash Script

Windows Hardening

Password Policy

Account Lockout Policy

Audit Policy

Security Options

Banner: Found under Interactive logon message text for users attempting to logon and Interactive logon message title for users attempting to logon

Ransomware Protection

Founder under Windows Security --> Virus & Threat Protection --> Ransomware Protection

App Locker

sc config appidsvc start= auto - Allows the Local Security Policy to automatically start after a reboot
To enforce rules set all rules in the config for AppLocker in Local Security Policy to Enforce.

Rules

Make sure to add the default rules for Package app Rules otherwise no applications will be able to run and the search and start bar are unusable.
Below is a picture of adding the default rules.

To allow applications be run in a certain folder add a rule to the Executable Rules with the Action of Allow and the group of Everyone and then set the path to C:\Users\*\Downloads\Apps\* which is the directory applications are allowed to run in.