Hardening Archives - Original-Network.com

Dec 26

Kerberos Authentication with Veeam v12

By Christopher GLEMOT in Active Directory, Backup, Hardening, Microsoft, Security, Veeam B&R 12

Kerberos Authentication with Veeam v12. NTLM authentication is still mandatory for communication between all Veeam infrastructure servers in v11. However, NTLM authentication is still required for communication between Veeam backup infrastructure servers (backup server, backup proxies, backup repositories, guest interaction proxies, log shipping servers, and mount servers). NTLM was subject to several known security vulnerabilities …

gMSA, Hardening, Kerberos Authentication, Protected Users, Security, Veeam v12

Oct 19

Conti initiates their attacks on Backup

By Christopher GLEMOT in Backup, Cryptolocker, Data Protection, Hardening, Ransomware, Security, Veeam

Cyber groups (cartels) specifically target backup solutions in order to ensure that the victim has no other option except for paying the ransom. Conti group is particularly methodical in developing and implementing backup removal techniques (on-premise and cloud). The full analysis is available here (thanks to ADV INTEL) and is based on their actual proactive …

Backup, Conti, Data, Hardening, Offline Backup, Protection, Ransomware, Veeam
6 comments

Feb 29

Hardening settings for Domain Controllers

By Christopher GLEMOT in Hardening, Microsoft, Security

Hi! Basically, default settings of Domain Controllers are not hardened. Every DC has by default the “Default Domain Controllers Policy” in place, but this GPO creates different escalation paths to Domain Admin if you have any members in Backup Operators or Server Operators for example. They can become Domain Admin. Start with replacing the “Default …