You are here: Docs>Sheriff Web>DeploySheriffHIDSAgentsToWindowsHosts>WindowsServerHIDSDeploymentSettings (14 May 2021, SheriffCyberSecurity)Edit Attach
Up
Previous Next

To change the settings on Windows Server 2003, 2008 R2, and 2012 R2

  1. Go to Control Panel > Windows Firewall > Advanced Settings > Inbound Rules.

  2. Enable File and Printer Sharing (SMB-In).

  3. To allow NTLMv2 security, run gpedit.msc.

  4. Go to Local Security > Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options and change these settings.

    1. Network Security: Minimum session security for NTLMSPP based (including secure RPC) clients,select

      • Require NTLMv2 session security

      • Require 128-bit encryption

    2. Network Security: Minimum session security for NTLMSPP based (including secure RPC) servers, select

      • Require NTLMv2 session security

      • Require 128-bit encryption

    3. Network Security: LAN Manager Authentication level, select

      • Send NTLMv2 response only\refuse LM & NTLM<

Edit  | Attach | Print version | History: r4 < r3 < r2 < r1 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r4 - 14 May 2021, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.