Jump to content

Entry Level Windows 11 Hardening, Rookie Stuff.


Ste

Recommended Posts

Posted (edited)

Acting like it's your first day of windows Cyber security I thought it would be fun for me to post just the first 1-2 hours of what I do on a Fresh install!.

 

None of this is NEW or news but you generally have to do a lot of Microsoft forum reading or googling to find all the information and it isn't all in one spot.

 

Bypass internet setup on install screens in 11/10:  Once in the install process it asks you to connect to a network or connect to wifi you then do SHIFT + F10

and type:  oobe /byppassnro  ( forget exact spacing sorry, play with it)

Then you can connect to a network later or plug in Ethernet after doing security setup and basic hardening. 

 

First remove a lot of unused or unnecessary windows services/programs VIA Powershell.

 

Get-AppxPackage *WebExperience* | Remove-AppxPackage

winget uninstall –id 9MSSGKG348SP

get-appxpackage -allusers *xboxapp* | Remove-AppxPackage

Get-AppxPackage -AllUsers -PackageTypeFilter Bundle -Name "*Windows.DevHome*" | Remove-AppxPackage -AllUsers

Get-AppxPackage *Microsoft.People* | Remove-AppxPackage

Get-AppxPackage *Windows.DevHome* | Remove-AppxPackage

Get-AppxPackage Microsoft.Getstarted | Remove-AppxPackage

Get-AppxPackage *WindowsSoundRecorder* | Remove-AppxPackage

Get-AppxPackage *Xbox* | Remove-AppxPackage 

Get-AppxPackage *YourPhone* | Remove-AppxPackage

Get-AppxPackage *Windows.Photos* | Remove-AppxPackage

Get-AppxPackage *OneDriveSync* | Remove-AppxPackage

Get-AppxPackage *Microsoft.549981C3F5F10* | Remove-AppxPackage

Get-AppxPackage *Microsoft.GetHelp* -AllUsers | Remove-AppxPackage

Get-AppxPackage *windowsstore*|Remove-AppxPackage

Get-AppxPackage *CrossDevice* | Remove-AppxPackage

obviously IF your sure that you use them, then don't remove that package/service.

Then restart and see if you broke anything.

 

 

Step 2:  Go through all windows Services in Services and disable anything your sure you don't use.  Since this is specific to the user I will not put a full list but you can Private message me for my known ones.

restart and see if you broke anything.

 

 

Step 3: go into the registry:  windows menu > run > regedit > and then

in both HKEY_Local_Machine>System>Controlset001>Services

and

HKEY_Local_Machine>System>CurrentControlSet>Services

You go through each service and for each one within Services GUI that would not allow you to disable and your sure you do not use, you go into each one and under the label "start" type Reg_Dword change the value to 4.

Restart and see if you broke anything.

 

 

Step 4: start menu > search >security > click Local Security policy > Local Policies > Go through each side folder GUI Audit Policy, User rights Assignment and Security Options and remove/decline as many options for remote access as possible or if you know what your doing make custom entries for your specific need.

Restart and see if you broke anything

Step 5: In Control Panel for Permissions and Privacy disable as much automatic access to camera and microphone as possible and customize each entry to your need.

Restart and see if you broke anything.

Automatically delete PageFile on restart/shutdown:

Open Local Security Policy (secpol.msc).

2 Click/tap to open Local Policies and Security Options in the left pane of Local Security Policy. (see screenshot below step 3)

3 In the right pane of Security Options, double click/tap on the Shutdown: Clear virtual memory pagefile policy to open its properties. (see screenshot below).

Also Turn off auto updates: Just so you can do them at a optimum time of when your not needing to do anything and can closely monitor what's going on.  I have also turned off " Get the latest updates as soon as they're available"

I have noticed that this helps keep Microsoft away from just installing things that are mostly unused or unnecessary things  in addition to more forcing them to have their testers and paid people to figure bugs out and not the general user.

 

Edited by Ste

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...