Difference between revisions of "General Checklist"
Jump to navigation
Jump to search
(Created page with "This page is a list of general categories of items we have got points for; similar to the Vulnerability Categories sheets the AFA releases but more detailed. Specific names ar...") |
|||
| Line 1: | Line 1: | ||
| − | This page is a list of general categories of items we have got points for; similar to the Vulnerability Categories sheets the AFA releases but more detailed. Specific names are removed as they are likely to be changed ever round, however some common examples are listed. | + | This page is a list of general categories of items we have got points for; similar to the Vulnerability Categories sheets the AFA releases but more detailed. Specific names are removed as they are likely to be changed ever round, however some common examples are listed. Note: just because something is under "Round 1" does not mean it only applies to Round 1, it is just where we first saw it. |
| + | |||
| + | === Round 1 items: === | ||
| + | |||
| + | * Remove unauthorized users | ||
| + | ** Cross reference the list in the readme to the current users, make sure it matches | ||
| + | * Add authorized users | ||
| + | ** Cross reference the list in the readme to the current users, make sure it matches | ||
| + | * User is not an administrator | ||
| + | ** Cross reference the list in the readme to the current admins, make sure it matches | ||
| + | * Made user an administrator | ||
| + | ** Cross reference the list in the readme to the current admins, make sure it matches | ||
| + | * Changed insecure password for User | ||
| + | ** Change the password for all accounts except the default to something secure | ||
| + | * Enable Firewall | ||
| + | ** UFW on Linux, Windows Defender on Windows | ||
| + | * Services | ||
| + | ** Disable known bad services | ||
| + | *** FTP, Bluetooth, Xbox | ||
| + | *** Anything "Remote" (unless mentioned in the readme) | ||
| + | * Install Updates | ||
| + | * Enable Automatic updates | ||
| + | ** May be disabled in GPO for Windows | ||
| + | * Update "critical services" | ||
| + | ** Listed in the readme | ||
| + | ** Firefox is almost always needs to be updated | ||
| + | * Prohibited "Media Files" | ||
| + | ** Stuff like music or movies; just search *.mp3s, *.mp4s, and *.movs | ||
| + | * Prohibited software | ||
| + | ** Any sort of "hacking tools" (any software not listed in the readme) | ||
| + | * SSH root login has been disabled | ||
| + | * Password Requirements | ||
| + | ** Minimum/maximum age | ||
| + | ** Character requirements | ||
| + | ** Not stored with reversible encryption | ||
| + | * Do not display last signed in user | ||
| + | * Disable file shares | ||
| + | ** (If they are not listed in the readme) | ||
| + | * Require Ctrl+Alt+Del to sign in | ||
| + | * Firefox security and privacy settings | ||
Latest revision as of 02:07, 12 November 2021
This page is a list of general categories of items we have got points for; similar to the Vulnerability Categories sheets the AFA releases but more detailed. Specific names are removed as they are likely to be changed ever round, however some common examples are listed. Note: just because something is under "Round 1" does not mean it only applies to Round 1, it is just where we first saw it.
Round 1 items:[edit | edit source]
- Remove unauthorized users
- Cross reference the list in the readme to the current users, make sure it matches
- Add authorized users
- Cross reference the list in the readme to the current users, make sure it matches
- User is not an administrator
- Cross reference the list in the readme to the current admins, make sure it matches
- Made user an administrator
- Cross reference the list in the readme to the current admins, make sure it matches
- Changed insecure password for User
- Change the password for all accounts except the default to something secure
- Enable Firewall
- UFW on Linux, Windows Defender on Windows
- Services
- Disable known bad services
- FTP, Bluetooth, Xbox
- Anything "Remote" (unless mentioned in the readme)
- Disable known bad services
- Install Updates
- Enable Automatic updates
- May be disabled in GPO for Windows
- Update "critical services"
- Listed in the readme
- Firefox is almost always needs to be updated
- Prohibited "Media Files"
- Stuff like music or movies; just search *.mp3s, *.mp4s, and *.movs
- Prohibited software
- Any sort of "hacking tools" (any software not listed in the readme)
- SSH root login has been disabled
- Password Requirements
- Minimum/maximum age
- Character requirements
- Not stored with reversible encryption
- Do not display last signed in user
- Disable file shares
- (If they are not listed in the readme)
- Require Ctrl+Alt+Del to sign in
- Firefox security and privacy settings