Update comment

Signed-off-by: Tommy <contact@tommytran.io>
Update Network Protection
2024-11-21 23:51:44 -05:00 · 2023-11-21 02:54:59 -07:00 · 2023-11-21 02:27:21 -07:00 · 2023-11-21 02:18:53 -07:00 · 2023-11-21 02:11:20 -07:00 · 2023-11-21 02:03:13 -07:00
5 changed files with 15 additions and 1 deletions
--- a/Configuration/System/Windows
+++ b/Configuration/System/Windows
@ -0,0 +1,5 @@
+# Windows Time Service
+
+`Computer Configuration\Administrative Templates\System\Windows Time Service`
+
+Enable Windows NTP Client -> Disabled (**Read my notes on Date & Time. I am disabling time sync here because it is already handled by my guest agent**.)
--- a/Configuration/Windows
+++ b/Configuration/Windows
@ -0,0 +1,5 @@
+# Microsoft account
+
+`Computer Configuration\Administrative Templates\Windows Components\Microsoft account`
+
+- Block all consumer Microsoft account user authentication -> Enabled
--- a/Configuration/Windows
+++ b/Configuration/Windows
@ -8,4 +8,5 @@ Documentation:

 `Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network Protection`

+This settings controls whether Network protection is allowed to be configured into block or audit mode on Windows -> Enabled (Only relevant if running Windows Server)
 Prevent users and apps from accessing dangerous websites -> Enabled -> Block
--- a/Configuration/Windows
+++ b/Configuration/Windows
@ -2,6 +2,6 @@

 `Computer Configuration\Administrative Templates\Windows Components\Windows Messenger`

-**This looks quite old so I am not sure if they apply to modern Windows versions or not. It doesn't hurt to set them either ways.**
+**Old and very likely to be obsolete.**

 - Do not allow Windows Messenger to be run -> Enabled
--- a/Settings/Date
+++ b/Settings/Date
@ -0,0 +1,3 @@
+# Date & Time
+
+Windows uses NTP for time synchronization, which is not secure due to the lack of encryption and authentication. If you are running bare metal, I recommend that you setup a VM to sync time using NTS, then use it as the NTP server for Windows. If you are running a VM (Parallels in my case), just disable network time synchronization and let the guest agent sync time from the host.
Author	SHA1	Message	Date
Tommy	336f58338c	Update comment Signed-off-by: Tommy <contact@tommytran.io>	2023-11-21 02:54:59 -07:00
Tommy	f461f975af	Update Network Protection Signed-off-by: Tommy <contact@tommytran.io>	2023-11-21 02:27:21 -07:00
Tommy	68f7883941	Microsoft account Signed-off-by: Tommy <contact@tommytran.io>	2023-11-21 02:18:53 -07:00
Tommy	53781ed0de	Windows Time Service Signed-off-by: Tommy <contact@tommytran.io>	2023-11-21 02:11:20 -07:00
Tommy	59b1dc755a	Date & Time Signed-off-by: Tommy <contact@tommytran.io>	2023-11-21 02:03:13 -07:00