Advanced Windows Security
Advanced Windows Security
http://www.windows-commandline.com/add-user-from-command-line/
http://www.thewindowsclub.com/customizing-the-password-policy-in-windows-7
net user [username] [password] /ADD
net user {username] [password] /DELETE
net user username password /ADD /FULLNAME:"User_Fullname"
net user username password /ADD /PASSWORDCHG:Yes
net user username userpasswd /ADD /PASSWORDCHG:NO
LISTENING PORTS AND PIDS: netstat -ano
LISTENING PORTS OF PID 1234 - CAN GET FROM TASK MANAGER: netstat -ano | findstr 1234
MAKE NETWORK CARDS COME UP: ncpa.cpl
ADD ROUTE: route ADD 10.1.1.0 MASK 255.255.255.0 192.168.1.8
ADD ROUTE PERSISTENT SO LASTS TILL NEXT REBOOT: route -p ADD 10.1.1.0 MASK
255.255.255.0 192.168.1.8
DELETE ROUTE - IP OF DESTINATION: route delete 10.0.0.0
VIEW USER ACCOUNT PASSWORD AND LOGON REQUIREMENTS (ALSO DISPLAYS THE
MACHINE TYPE - NT SERVER OR NT WORKSTATION)
net accounts
VIEW PASSWORD AND LOGON REQUIREMENTS FOR THE NETWORK DOMAIN.
net accounts /domain
SET THE NUMBER OF MINUTES A USER HAS BEFORE BEING FORCED TO LOG OFF WHEN THE
ACCOUNT EXPIRES OR VALID LOGON HOURS EXPIRE
net accounts /forcelogoff:minutes /domain
PREVENT FORCED LOGOFF WHEN USER ACCOUNTS EXPIRE
net accounts /forcelogoff:no /domain
SET THE MINIMUM NUMBER OF CHARACTERS FOR A PASSWORD.
net accounts /minpwlen:c /domain
THE RANGE IS 0-14 CHARACTERS; THE DEFAULT IS 6 CHARACTERS.
SET THE MAXIMUM NUMBER OF DAYS THAT A PASSWORD IS VALID.
net accounts /maxpwage:dd /domain
THE RANGE IS 1-49710; THE DEFAULT IS 90 DAYS.
DELETE A GROUP
net group groupname /delete [/domain]
ADD A USER TO A GROUP
net group groupname username [...] /add [/domain]
DELETE A USER FROM A GROUP
net group groupname username [...] /delete [/domain]
TO VIEW, ADD OR MODIFY A LOCAL WORKGROUP REPLACE GROUP IN THE COMMANDS ABOVE
WITH LOCALGROUP.
EXAMPLES
CREATE A GROUP
c:\>net localgroup spud /add
ADD TO GUESTS
c:\>net localgroup guests spud /add
THEN REMOVE
c:\>net localgroup guests spud /delete
c:\>net localgroup spud /delete
InmmcorTEMPLATES:
AddSnapins:WindowsFirewall,LocalUsersandGroups,Security
Templates,SecurityConfigurationandAnalysis,GroupPolicy(orLocal
ComputerPolicy)
Makenewtemplatepath;makenewtemplatebaseline;Goto
SecurityConfigurationandAnalysisandopendatabasebaseline;then
makesuretemplateissavedaftermakingchanges;thenimport
template;thenanalyzecomputernoworconfigurecomputernow;go
backanchecktomakesureeverythingisgood
LocalSecurityPolicy>ComputerConfiguration>WindowsSettings>
SecuritySettings>AccountPolicies
SCATComplianceChecker
gpedit.msc
https://docs.google.com/document/d/1U3IqJp0THfv2Iyu49tBwySoPwKiJO8W0UMY6LB
c2nKY/edit