Hardening Windows Servers

Some quick tips on securing Windows Servers, especially on the latest version which is Windows Server 2019.

  1. Of course, the most important is to keep the operating system updated with the latest patches.
  2. Install only the essential components through the Windows Server Core.
  3. Secure the administrator account. Rename it to something else, and of course use a complex password.
  4. Make sure server sync time with NTP all the time.
  5. Use a good firewall and antivirus.
  6. Secure RDP. Make sure it is not open to the internet. To prevent unauthorized access, change the default port, and restrict the RDP access to a specific IP address, if any.
  7. Enable BitLocker.
  8. Use Microsoft Baseline Security Analyzer.
  9. Configure Log Monitoring and Disable Unnecessary Network Ports.

That is all for now. Good luck.

Outlook disconnected, prompt Need Password

I had a very weird problem connecting to my email this morning. It was my first time, and could not connect it for more than half an hour. I can connect to it on my home PC though.

Dig a quick Google and found these solution. Hope this helps you guys too :

Disable Modern Authentication by regedit to HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity, create a DWORD item named EnableADAL and set it to zero.

Under the same registry key, create a DWORD item named DisableADALatopWAMOverride and set it to 1.

Beware – that email from HR might be a cyber scam

Remote workers are being targeted by a wide-ranging new online scam looking to steal business logins.

Researchers at security firm Cofense have uncovered a phishing campaign masquerading as emails from HR departments.

The scam targets employees who are still getting used to working from home, tricking them into giving away credentials such as login details through fake remote working enrollment forms.

Continue reading “Beware – that email from HR might be a cyber scam”

File in Use – {filename] is locked for editing by {username}.

File in Use – {filename] is locked for editing by {username}. Open ‘Read-Only” or click “Notify to receive notification when the document is no longer in use.”

Received a complaint on this error yesterday. Managed to solved it after a quick google. Apparently someone forgot to close the file and did not even noticed it. So how you going to trace it between almost 50 users?

Here is one of the solution.

Continue reading “File in Use – {filename] is locked for editing by {username}.”