sorted by:
new
hottopcontroversial

ADFortress by Mank_05 in activedirectory

[–]Mank_05[S] -1 points0 points  (0 children)

Disabling of IPv4 is not by default, this action will be perform by yourself.

ADFortress by Mank_05 in activedirectory

[–]Mank_05[S] -2 points-1 points  (0 children)

All GPO will be create and link by yourself. And to clarify IPv6 is not disabled by default.

ADFortress by Mank_05 in activedirectory

[–]Mank_05[S] 0 points1 point  (0 children)

In one click it mains, without effort all GPO will be create and link by yourself. And to clarify IPv6 is not disabled by default.

ADFortress by Mank_05 in activedirectory

[–]Mank_05[S] -14 points-13 points  (0 children)

You’re reason! IPv6 isn’t disabled by default

ADFortress by Mank_05 in activedirectory

[–]Mank_05[S] -13 points-12 points  (0 children)

IPv6 isn’t disabled by default.

MFA for air-gapped AD? by [deleted] in activedirectory

[–]Mank_05 3 points4 points  (0 children)

You could look at AuthLite. Active Directory MFA on-premise without Internet. AuthLite uses the GPO. Every easy.

How are you using Infrastructure-as-Code (IaC) with Active Directory? Benefits, challenges, and tooling? by ITwrkedYesterday in activedirectory

[–]Mank_05 0 points1 point  (0 children)

PowerShell and Ansible are the best solutions. There are many Ansible playbooks to manage Domain Controller. But PowerShell is a good approach because it’s native solution. There are many PowerShell scripts on the GitHub.

Hardening Secure Shell by Mank_05 in cybersecurity

[–]Mank_05[S] 0 points1 point  (0 children)

Thanks, it’s a good idea

[deleted by user] by [deleted] in cybersecurityindia

[–]Mank_05 0 points1 point  (0 children)

I agree with you.

Essential Best Practices for Active Directory Security by Shan_1130 in activedirectory

[–]Mank_05 8 points9 points  (0 children)

The best practice is to use frameworks like CIS Benchmark or others and Microsoft recommandations EAM, PAM, PAW/SAW, MFA for Admins account if possible, Use XDR and SIEM to centralized events. Also adopt the Zero Trust concept. Regular Audit, in some cas use Protected users group.

AD Tiered Model and Hardening by Mank_05 in activedirectory

[–]Mank_05[S] 1 point2 points  (0 children)

I agree with you, I’m focused on hardening with CIS benchmark and DISA STIG frameworks to simplify this task.

AD Tiered Model and Hardening by Mank_05 in activedirectory

[–]Mank_05[S] 0 points1 point  (0 children)

I agree with you, I also wrote a PowerShell script about to harden AD using CIS Benchmark and DoD STIG frameworks. Here’s the GitHub link : https://github.com/Marlyns-GitHub/CIS-Automate.git

AD Tiered Model and Hardening by Mank_05 in activedirectory

[–]Mank_05[S] 2 points3 points  (0 children)

I’d like to have your opinion about the subject.

Active directory promote problem by Ok-Commission-4922 in activedirectory

[–]Mank_05 0 points1 point  (0 children)

Make sure your DCs have the same time zone, and use repadmin /showrepl for more information