Class log: Getting Started in Security with BHIS and MITRE ATT&CK, Day 4
Day 4 of the Antisyphon "Getting Started in Security" class had a LOT of material for a shorter session. Things are getting spicy. Subject: Host-Based Firewalls Host-based firewalls can be very effective for shutting down lateral movement attacks. Something important to remember is to treat your internal network like it's hostile, because it is. It really is. Windows Firewall isn't great, but it's better than nothing and can be centrally-managed which is a plus. Also, a lot of antivirus software has built-in firewalls you can use so be sure to do so. Lab: Using Nmap. Scanned a Windows system with firewall on and then off to see the results. A stand-out quote from the class: "The Active Directory environment is a super highway for hackers." Internet Allow Listing Doesn't have to be hard Denylists fail because the internet is too vast, users will not stop until they've clicked everything Uncategorized category filter: needs to be blocked as well...
