API tools faq
paste
Advertisement
TeamBerserk

[03] - #Anonymous [#opNewBlood] Microsoft - Windows 8 - Test

TeamBerserk
Oct 27th, 2013
395
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 12.41 KB | None | 0 0
raw download clone embed print report
  1. /====================================================================================\
  2. |      _____   ___     _     __  __   ___   ___   ___   ___   ___   ___   _  __      |
  3. |     |_   _| | __|   /_\   |  \/  | | _ ) | __| | _ \ / __| | __| | _ \ | |/ /      |
  4. |       | |   | _|   / _ \  | |\/| | | _ \ | _|  |   / \__ \ | _|  |   / | ' <       |
  5. |       |_|   |___| /_/ \_\ |_|  |_| |___/ |___| |_|_\ |___/ |___| |_|_\ |_|\_\     |
  6. \====================================================================================/
  7.     | - T E A M B E R S E R K -
  8.     | Corporations, Governments and PsyOps Regarded as Apostles.
  9.     | Without hatred your life is pointless, but this hellfire, isn’t it what supports your legs ?
  10.     | IRC >> IIP->127.0.0.1 6668 << Channel: #TeamBerserk
  11.     | https://www.Twitter.com/TeamBerserk
  12. --------------------------------------------------------------------------------------
  13.  
  14. /=====================================================================================\
  15. |             __ __              _   __             ____  __                __        |
  16. |          __/ // /_____  ____  / | / /__ _      __/ __ )/ /___  ____  ____/ /        |
  17. |         /_  _  __/ __ \/ __ \/  |/ / _ \ | /| / / __  / / __ \/ __ \/ __  /         |
  18. |        /_  _  __/ /_/ / /_/ / /|  /  __/ |/ |/ / /_/ / / /_/ / /_/ / /_/ /          |
  19. |         /_//_/  \____/ .___/_/ |_/\___/|__/|__/_____/_/\____/\____/\__,_/           |
  20. |                     /_/                                                             |
  21. \=====================================================================================/
  22.     | Anonymous Operation: New Blood
  23.     | Articles and Guides written by Gutts of TeamBerserk
  24.     | IRC.AnonNet.ORG - IRC.AnonOps.COM - IRC.AnonPlus.COM - IRC.AnonPlusRadio.COM
  25.     | IRC.AnonSet.COM - IRC.Cryto.NET - IRC.CyberGuerrilla.ORG - IRC.VoxAnon.SE
  26. ---------------------------------------------------------------------------------------
  27.  
  28. /======================================================================================\
  29. |           _       ___           __                      ____  _____                  |
  30. |          | |     / (_)___  ____/ /___ _      _______   / __ \/ ___/                  |
  31. |          | | /| / / / __ \/ __  / __ \ | /| / / ___/  / / / /\__ \                  |
  32. |          | |/ |/ / / / / / /_/ / /_/ / |/ |/ (__  )  / /_/ /___/ /                   |
  33. |          |__/|__/_/_/ /_/\__,_/\____/|__/|__/____/   \____//____/ 8 Enterprise RTM   |
  34. \======================================================================================/
  35.     | Microsoft Windows Operating System - 8 - Enterprise - RTM
  36.     | Local and Remote Security Hardening and Mitigation Techniques for Workstations
  37.     | Updated: 09-10-2013
  38. ----------------------------------------------------------------------------------------
  39.  
  40. HashTags: #Anonymous, #opNewBlood, #Setup, #Security #Hardening, #Security #Testing
  41.  
  42. [ Computer Security ] -> [ Operating System Setup and Security ] -> [ Microsoft Windows: 8 Enterprise RTM - Testing Your Hardened Security Configurations ]
  43.  
  44. ============================================
  45. + Building a Strong Foundation of Security +
  46. ============================================
  47.  
  48. ** This is the third text/video tutorial of a series of tutorials that we have made for Anonymous Operation: New Blood  **
  49.  
  50. - Testing Your Hardened Security Configurations of Microsoft Windows 8 Enterprise RTM -
  51. --------------------------------------------------------------------------------------
  52.  
  53. Ok, let's recap:
  54.  
  55. In the previous guide you completely secured and hardened the security of your Microsoft Windows 8 Enterprise RTM Operating System Installation
  56. by configuring numerous security options that were built into Microsoft Windows 8 Enterprise RTM and by adding other essential security tools.
  57.  
  58. The Enterprise edition of Microsoft Windows 8 is geared toward corporations and large enterprise, and by default it is also configured for maximum usability
  59. and ease of use, but you were shown how to further configure and harden it and you completed doing that.
  60.  
  61. Your configurations provide you Maximum local and remote security at the base layer. Locally you cannot be fucked with, in other words it is impossible for
  62. anyone to get into your computer locally unless they are hovering over your shoulder and memorize the password(s) you type to boot up your computer.
  63.  
  64. If your computer is stolen, the BIOS is configured to keep them out because you placed a password on this BIOS. If your BIOS is LEGACY and the thief knows a little
  65. bit about computers they can simply remove the CMOS ( Central Metal Oxide Semiconductor ) Battery, this battery looks like a small watch battery and if removed
  66. it clears the CMOS and thus the BIOS settings thereby removing the password on the BIOS, but that's okay! because they will never be able to get into the hard drive
  67. contents because you completed encrypting your hard disk drive and its partitions with BitLocker Drive Encryption, also if you had the option to place a password
  68. on the hard drive from the BIOS layer it will essentially make the entire laptop a paperweight for the thief depending on what kind of hardware you have, placing a
  69. password on the hard drive from the BIOS layer, especially if it's UEFI BIOS with Secure Boot the encrypted string for your hard drive password is kept in a completely
  70. seperate ROM chip on the motherboard and removing the hard drive will prevent any other hard drive from being usable on that system.
  71.  
  72. If you're ever staying in a hotel and someone comes in when you're not there and decides to remove the hard drive from your laptop and copy the entire hard drive
  73. they won't be able to do anything with the data because it is completely encrypted and this type of encryption cannot be broken. The algorithm used by the BitLocker
  74. that is in use by Microsoft Windows 8 Enterprise RTM essentially breaks up strings into several parts with diffusers to prevent any possibility of brute force cracking methods.
  75.  
  76. However, since other methods can be used to get your password for your encrypted hard drive such as extracting the key from the Memory chips while it is booted up
  77. and running you should always turn off the machine completely and remove any power source when it is not in use. The other method would be dusting the keyboard for the
  78. strongest keypresses, when someone locally dusts your keyboard they are looking for the hardest keypresses so they can calculate all possibilities of character combinations
  79. so they can then guess the password that way, so always keep your machine and its keyboard clean and wiped after usage.
  80.  
  81. Your remote security configurations make your Internet/Intranet presence completely invisible, your network ports are stealth and invisible and will not respond to probes.
  82. Your Security Policies prevent anyone from even being able to query anything inbound on you let alone get access or any possibility of enumeration of your system.
  83. Ports are only opened when an allowed application is going outbound as allowed in your outbound rules in your Firewall configuration and then immediately closed when the application is closed.
  84. You're only using windows services that you need and all others are disabled.
  85. You're running Microsoft's Research and Defense Enhanced Mitigation Experience Toolkit EMET and if you happen to get any type of mal-ware or RAT on your system
  86. it will not be able to run, even if it's Crypted with the most expensive or custom written Crypter.
  87. --------------------------------------------------------------------------------------
  88.  
  89. /=====================================================================================\
  90. |             ____      __                 __           __  _                         |
  91. |            /  _/___  / /__________  ____/ /_  _______/ /_(_)___  ____               |
  92. |            / // __ \/ __/ ___/ __ \/ __  / / / / ___/ __/ / __ \/ __ \             |
  93. |          _/ // / / / /_/ /  / /_/ / /_/ / /_/ / /__/ /_/ / /_/ / / / /              |
  94. |         /___/_/ /_/\__/_/   \____/\__,_/\__,_/\___/\__/_/\____/_/ /_/               |
  95. \=====================================================================================/
  96.     | Guide Introduction
  97. ---------------------------------------------------------------------------------------
  98.  
  99. You previously hardened your Microsoft Windows 8 Enterprise Operating System Installation, now you are going to put all of these configurations to the test and you
  100. will then get a System Security rating from a utility provided by the National Security Agency, Department of Defense and the Department of Homeland Security, these utilities are used by
  101. NSA, DoD and DHS employees/agents to test their own Microsoft Windows Systems.
  102.  
  103. So, let's begin!
  104.  
  105. Update: We cannot provide the NSA, DoD and DHS utilities because they were removed from the NSA, DoD and DHS Web Servers. Once they become available again we will provide the links here.
  106. These utilities are Open Source and provided with Checksums, but for the life of me I can't find them or any mirror now.
  107. --------------------------------------------------------------------------------------
  108.  
  109. Browser Fingerprinting:
  110. (01): - You can check for Browser Fingerprinting scores at:
  111.        ( http://browserspy.dk )
  112.        ( https://panopticlick.eff.org )
  113.  
  114.        If you Configured your Web Browser how it should be Configured as explained in the previous Guide it will be impossible to Fingerprint your Web Browser.
  115.     You can also download an add-on for FireFox called: User-Agent Switcher -- This plug-in will let you change your User-Agent Strings and make them blank/null.
  116.     Once you have loaded all of the recommended FireFox add-ons and changed your User-Agent Strings to null it will be impossible for any Web Servers to Fingerprint you.
  117. --------------------------------------------------------------------------------------
  118.  
  119. Testing your Network Settings:
  120. (02): - Download NMap Scanner From:
  121.        ( http://nmap.org/dist/nmap-6.25-setup.exe )
  122.        Install NMap.
  123.        Scan your local IP address with NMap for Open Ports.
  124.     If everything was done correctly there will be no Open Ports.
  125.  
  126. Download Nessus Security Scanner From:
  127.     ( http://www.tenable.com/products/nessus )
  128.     Install Nessus.
  129.  
  130. Configure Nessus
  131.     Open the Windows Firewall with Advanced Configurations and allow all of the executables within the Nessus installation directory OUTBOUND.
  132.  
  133.     Scan your local IP address with Nessus for Open Ports and Vulnerabilities.
  134.     If everything was configured correctly there will be no Vulnerabilities or Open Ports found with Nessus.
  135.  
  136. Web Application Port Scanners:
  137.     Head to these sites to scan your Computer for Open Ports:
  138.     ( http://www.speedguide.net/scan.php )
  139.     ( https://www.grc.com/x/ne.dll?bh0bkyd2 )
  140.  
  141.     Let this Web Application Scan your Ports.
  142.     If any of your ports are open at all, then you must have missed something in the previous tutorials, try and determine what you may have done incorrectly and fix it.
  143.        If everything is configured properly you will receive the True Stealth Analysis proving that all of your Network Ports are undetectable.
  144.     First you should run the GRC Network Test against your Computer ( after you have hardened the OS ) without any hardware Firewall boxes or Routers connected.
  145.     If your RAW connection yields the True Stealth results you're good to go.
  146.     After you have tested your RAW connection connected your Hardware Firewall box and/or Router and rerun the test.
  147. ---------------------------------------------------------------------------------------
  148.  
  149. TCPView, WireShark and NetStat -nab
  150. (03): - Download TCPView From:
  151.         ( http://technet.microsoft.com/en-us/sysinternals/bb897437.aspx )
  152.     Install and Run TCPView
  153.  
  154.     Download WireShark From:
  155.     ( http://www.wireshark.org/download.html )
  156.     Install and Run WireShark
  157.  
  158.         Run these programs to monitor TCP/UDP Inbound/Outbound connections with listed applications. This will tell you if there is any-
  159.         suspicious packet activity happening on your network. TCP stands for Transmission Control Protocol, UDP stands for User Datagram Protocol.
  160.         It would be wise of you to learn each of the several Internet Protocols. IGMP, GRE, ICMP, etcetera.
  161.     Additionally you can open an elevated CMD Prompt Terminal and type "NetStat -nab", this will show all inbound/outbound connections with detailed information-
  162.     being, owned process, local ip:port, foreign ip:port, protocol type and status of the connection.
  163. ---------------------------------------------------------------------------------------
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!