Skip to content

Hardening

Eternal Blue

Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol

ARP Posoining

arp -a
- Check ARP status
arp -d
- Clear ARP cache

Check for DNS spoofing

C:\Windows\System32\Drivers\etc\hosts

AppLocker

Local Computer Policy

Antivirus

Virus & Threat Protection > Exclusions

Purpose

what does the vm do?
network shares
running processes

Keep in mind

FILES IN /TEMP IS BAD