HostedDB - Dedicated UNIX Servers

hpntbast101_6 - 6 - SeDebugPrivilege No one SeIncreaseBasePriorityPrivilege Administrators SeIncreaseQuotaPrivilege Administrators SeInteractiveLogonRight Administrators SeLoadDriverPrivilege Administrators SeLockMemoryPrivilege No one SeNetworkLogonRight No one SeProfileSingleProcessPrivilege Administrators SeRemoteShutdownPrivilege No one SeRestorePrivilege Administrators SeSecurityPrivilege Administrators SeShutdownPrivilege Administrators SeSystemEnvironmentPrivilege Administrators SeSystemProfilePrivilege Administrators SeSystemTimePrivilege Administrators SeTakeOwnershipPrivilege Administrators SeTcbPrivilege No one SeMachineAccountPrivilege No one SeChangeNotifyPrivilege Everyone SeBatchLogonRight No one SeServiceLogonRight No one Event log settings The Application, System and Security logs are configured to be up to 100MB each. They will overwrite events as needed, but only entries older than 30 days. Anonymous access to the logs is disabled. Registry Values The policy will also apply the following changes to the registry. KEY Type Value MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\AddPrintDrivers REG_DWORD 1 MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnablePlainTextPassword REG_DWORD 0 MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect REG_DWORD 15 MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoShareWks REG_DWORD 0 MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoShareServer REG_DWORD 0 MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff REG_DWORD 1 MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature REG_DWORD 1 MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature REG_DWORD 1 MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\RequireSecuritySignature REG_DWORD 1 MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnableSecuritySignature REG_DWORD 1 MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal REG_DWORD 1 MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel REG_DWORD 1 MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel REG_DWORD 1 MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous REG_DWORD 1 MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode REG_DWORD 1 MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel REG_DWORD 2 MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText REG_SZ This is a private system. Unauthorized use is prohibited. MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption REG_SZ Hardened by HP Consulting MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\DontDisplayLastUserName REG_SZ 1 MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail REG_DWORD 1 MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown REG_DWORD 1 MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount REG_SZ 0 MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies REG_SZ 1 MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms REG_SZ 1 MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects REG_DWORD 1 MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl REG_DWORD 0 MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing REG_BINARY 1 MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ShutdownWithoutLogon REG_SZ 1