CCNA 3 v7 Lab 10.8.1 Packet Tracer - Configure CDP, LLDP, and NTP Instructions Answer.pdf.pka file download completed 100% scored 2020 2021.
Windows 8 Networking
- The Link Layer Discovery Protocol (LLDP) is a vendor-neutral link layer protocol used by network devices for advertising their identity, capabilities, and neighbors on a local area network based on IEEE 802 technology, principally wired Ethernet.
- Intel® Network Adapter Driver for Windows 8.1. Installs Intel® Network Adapter drivers release 25.5 for Windows 8.1. Driver: Windows 8.1. Windows 8.1, 32-bit. Windows 8.1, 64-bit. 25.5 Latest:: Intel® Network Adapter Driver for Windows Server 2012 R2. This download installs version 25.5 of the Intel® Network Adapters for Windows.
Sharing
Windows 8.1 Dpi Change
Just a few quick notes here. Please see Windows 7 Home Networking FAQ’s (applies to Windows 8 too).
There are 2 types of sharing options in Windows 8: the Home Group or Advanced sharing. They can both be used at the same time.
My recommendation is that most users that want to share files at home use the Home Group. Advanced sharing requires knowledge of file and share permissions that usually aren’t necessary for home users (if you have to ask then you shouldn’t be using it).
See: HomeGroup from start to finish
See also: Windows 7 & HomeGroup – Sharing with Windows XP, Windows Vista & other operating systems (Windows 7 and HomeGroup Downlevel Sharing )
My best advice to find answers to all your Windows 8 search questions is to use the Search charm and type share:
Disable The Home Group
First leave the Home Group. To do this go to the Settings charm > Change PC Settings > HomeGroup > Leave. Windows 8 enables the HomeGroup Provider service by default. If you are not using the Home Group then disable this: Press the Windows + R keys and type services.msc > double-click and disable the HomeGroup Provider service.
Windows 8 Network Tweaks
There are two ways to adjust network settings in Windows 8. I’ll call them The New Way and The Old Way. The New Way adjust networking services at the OS level. The Old Way adjusts services at the actual adapter. I use both ways.
*These tweaks will not increase performance or increase download speed. So why tweak it? The tweaks here are designed to cut down on network chatter and to secure your box (see here for an example of the chatter I’m talking about). Let me make this clear though. I’ve seen no network performance improvement using these tweaks and I do not believe any home users will. These settings do not cover Services, for those see the Services section of this guide.
The New Way
Open Network and Sharing Center
From the desktop, right-click on the network icon in the taskbar > choose Open Network and Sharing Center. Or
Search charm > type Network and Sharing Center
Next, click on Change advanced sharing settings.
I’m going to make this really easy. If and only if you aren’t networked, select every “Turn off” box and click the Save changes button. If you are networked to any sort of computer, device, etc. then skip to The Old Way.
The Old Way
I do not recommend the average user attempt these tweaks.
Again, a warning. Backup your computer before doing these. The purpose of these tweaks is specifically to remove functionality. Understand before acting!
Possible settings to disable:
Client for Microsoft Networks
This IS the Workstation Service. This service is complex and third party applications may depend on this being there.
Disabling this is often recommended for SERVER hardening.
Essential if networked.
If you are going to disable this I highly recommend:
Doing this tweak completely separate from all other actions, and,
disabling this, File and Printer Sharing for Microsoft Networks, rebooting and checking all your applications and error logs.
Very advanced users may also want to block the associated ports via the firewall.
QOS
Unneeded for the home user, (and in truth is unused in most home environments).
File and Printer Sharing for Microsoft Networks
Needed if you connect to another computer or vice versa. (see Client for Microsoft Networks above)
Microsoft Network Adapter Multiplexor Protocol
Not enabled by default. Unneeded in home environment. Used for network teaming
Internet Protocol Version 6 (TCP/IPv6)
For many users this is an essential component. HomeGroup, VPN, DirectAccess and other parts of the operating system use this.
You should keep ipv6 enabled even if your ISP doesn’t provide ipv6 connectivity yet.
The Argument against Disabling IPv6
It is unfortunate that some organizations disable IPv6 on their computers running Windows Vista or Windows Server 2008, where it is installed and enabled by default. Many disable IPv6-based on the assumption that they are not running any applications or services that use it. Others might disable it because of a misperception that having both IPv4 and IPv6 enabled effectively doubles their DNS and Web traffic. This is not true.
From Microsoft’s perspective, IPv6 is a mandatory part of the Windows operating system and it is enabled and included in standard Windows service and application testing during the operating system development process. Because Windows was designed specifically with IPv6 present, Microsoft does not perform any testing to determine the effects of disabling IPv6. If IPv6 is disabled on Windows Vista, Windows Server 2008, or later versions, some components will not function. Moreover, applications that you might not think are using IPv6 such as Remote Assistance, HomeGroup, DirectAccess, and Windows Mail could be.
Therefore, Microsoft recommends that you leave IPv6 enabled, even if you do not have an IPv6-enabled network, either native or tunneled. By leaving IPv6 enabled, you do not disable IPv6-only applications and services (for example, HomeGroup in Windows 7 and DirectAccess in Windows 7 and Windows Server 2008 R2 are IPv6-only) and your hosts can take advantage of IPv6-enhanced connectivity.” Support for IPv6 in Windows Server 2008 R2 and Windows 7
Internet Protocol Version 4 (TCP/IPv4)
Essential
Essential
Microsoft LLDP Protocol Driver
Microsoft’s version of LLDP. Not the same as LLTD (below). Discovers stuff on your network (advanced users see here). I recommend most users leave this as is. Not needed if you aren’t accessing anything except the internet on your network.
Link-Layer Topology Discovery Mapper I/O Driver & Link-Layer Topology Discovery Responder
Basically this enables the pretty little Network Map in Vista and Windows 7. There is no Network Map in Windows 8 so I can only assume this was left in for legacy reasons.
From what I’ve observed these protocols are basically inactive until you or someone on your network tries to view the network map.
Adjusting Network Settings
Press the Windows + R keys and type ncpa.cpl
Or
Use the Search charm and type ncpa.cpl
Or
Control Panel > Network and Sharing Center > Change adapter settings
Or
Use the Search charm and type ncpa.cpl
Or
Control Panel > Network and Sharing Center > Change adapter settings
Then right-click on the adapter you wish to edit and choose Properties.
*Tip – Yes, you can configure each connection differently!
*Tip – While your here, if you aren’t going to use one of the connections, disable it (right-click > Disable). On my laptop I disable the Wireless connection while at home because I network it via Ethernet. When needed I just come back here and enable it.
*Tip – Yes, you can configure each connection differently!
*Tip – While your here, if you aren’t going to use one of the connections, disable it (right-click > Disable). On my laptop I disable the Wireless connection while at home because I network it via Ethernet. When needed I just come back here and enable it.
In the above example I basically disabled Windows networking on Wi-Fi while maintaining internet access.
NEXT >>>
NEXT >>>
Pages: Page 1Page 2Page 3Page 4Page 5Page 6Page 7Page 8Page 9Page 10Page 11Page 12Page 13Page 14Page 15Page 16Page 17Page 18Page 19Page 20Page 21Page 22
From CVL Wiki
Jump to: navigation, search
This page contains notes on how to harden Windows 8.1. The intent of these changes to the default OS install is to reduce overall exposure to attack, while still remaining usable for the majority of uses.
In particular, these tips apply to ITAR computers and GTA tablets.
|
Networking
Control Panel->Network and Sharing Center->Ethernet->Properties
- Microsoft Network Adapter Multiplexor Protocol: provides the ability to load balance between two or more network cards.
- Disable
- Microsoft LLDP Protocol Driver: Used to create the network map used in the Network browser and Networking and Sharing Centre.
- Disable
- Link Layer Topology Discovery Mapper I/O Driver: Used to discover other computers connected to your local network.
- Disable
- Link Layer Topology Responder: Used to identify your computer to other computers connected to your local network.
- Disable
- Internet Protocol Version 6 (TCP/IPv6): A new version of the IPv4 protocol.
- Do not disable
- Internet Protocol Version 4 (TCP/IPv4): Primary network communication protocol.
- Do not disable.
Services
Disable the following:
- Application Management
- BranchCache
- Certificate Propagation
- Client for NFS
- Distributed Link Tracking Client
- Family Safety (compatability stub for Vista apps)
- Function Discovery Provider Host (HomeGroup)
- Function Discovery Resource Publication (HomeGroup)
- HomeGroup Listener (HomeGroup)
- HomeGroup Provider (HomeGroup)
- Hyper-V Data Exchange Service (Hyper-V VM - Turn on if feature is used)
- Hyper-V Guest Service Interface (Hyper-V VM - Turn on if feature is used)
- Hyper-V Guest Shutdown Service (Hyper-V VM - Turn on if feature is used)
- Hyper-V Heartbeat Service (Hyper-V VM - Turn on if feature is used)
- Hyper-V Remote Desktop Virtualization Service (Hyper-V VM - Turn on if feature is used)
- Hyper-V Time Synchronization Service (Hyper-V VM - Turn on if feature is used)
- Hyper-V Volume Shadow Copy Requestor (Hyper-V VM - Turn on if feature is used)
- Internet Explorer ETW Collector Service
- IP Helper
- KtmRm for Distributed Transaction Coordinator (MS recommends to stop this service if not needed)
- Link-Layer Topology Discovery Mapper (network discovery)
- Microsoft iSCSI Initiator Service (allows LAN or Internet based storage)
- Netlogon (Active Directory Domain Connections)
- Network Access Protection Agent (reports security configuration)
- Offline Files
- Peer Name Resolution Protocol (HomeGroup, remote assistance)
- Peer Networking Grouping (HomeGroup, remote assistance)
- Peer Networking Identity Manager (HomeGroup, remote assistance)
- PNRP Machine Name Publication Service (server that responds with a machine name)
- Remote Procedure Call (RPC) Locator
- Sensor Monitoring Service (Enable if your device has light sensors)
- Smart Card Device Enumeration Service
- Smart Card Removal Policy
- SNMP Trap
- Storage Service
- Windows Biometric Service
- Windows Connect Now - Config Registrar (Wireless Setup - simplified configuration)
- Windows Location Framework Service
Local Security Policy
- Control Panel -> Administrative Tools -> Local Security Policy
User Rights Assigment
Windows 8.1 Dpi
Local Policies -> User Rights Assignment -> Deny access to this computer from the network
- Guests, Anonymous Logon, Administrator, NETWORK SERVICE, SERVICE, SYSTEM, and LOCAL SERVICE.
Password Policy
Windows 8.1 Dpi Scaling
Account Policies -> Password Policy
- Max password age = 365 days
- Min password length = 12 characters
- Password must meed complexity -> enabled
Turn off AutoPlay
Open Charm Menu (swipe from right)Settings -> Change PC Settings -> PC and Devices -> AutoPlay -> Off
Enable DEP
Right Click Computer -> Properties -> Advanced System Settings -> Performance Settings button -> Data Execution Prevention Tab -> Select 'Turn on DEP for all programs ...'
Turn off Remote Assistance
Windows 8.1 Dpc Watchdog Violation
Right Click Computer -> Properties -> Advanced System Settings -> Remote tabUn-checkmark allow remote assistance
Enable Hidden Files
Windows Explorer/ View pull down menu / Options button / Change Folders and Search options / View tabCHECKMARK items below・ Always show menus・ Display the full path in the title bar・ Show hidden files, folders and drivesUNCHECK items below・ hide empty drives in computer folder・ hide folder merge conflicts・ hide extensions for known file typesWindows Explorer/ View pull down menu /· checkmark File Name Extensions· checkmark Hidden Files
Enable Screen Saver
Right click on desktop and choose Personalize / Screensaver. Configure it to wait 10 minutes, and check mark 'On resume, display Logon screen'
Resources Used
Retrieved from 'https://computing.ece.vt.edu/mediawiki/index.php?title=Hardening_Windows_8.1&oldid=1981'