Jump to content
NotebookTalk

can this code be reverted back.?

raptorddd

By raptorddd
in General Discussion

 Share

Recommended Posts

raptorddd Proficient

raptorddd

Posted
Posted

if i apply this code how can i revert back the changes.

  

 rem https://docs.microsoft.com/en-us/windows/win32/fwp/auditing-and-logging
      rem https://social.technet.microsoft.com/Forums/en-US/ec2b033f-3e9b-4727-88d2-e6e358393734/how-to-disable-stop-windows-filtering-platform-filtering-platform-packet-drop
      rem  ALL
    Auditpol /set /category:* /Success:disable /failure:disable
      rem FIREWALL
    auditpol /set /subcategory:"Filtering Platform Policy Change" /success:disable /failure:disable
    auditpol /set /subcategory:"Filtering Platform Packet Drop" /success:disable /failure:disable
    auditpol /set /subcategory:"Filtering Platform Connection" /success:disable /failure:disable
    auditpol /set /subcategory:"Other Object Access Events" /success:disable /failure:disable
    auditpol /set /subcategory:"IPsec Main Mode" /success:disable /failure:disable
    auditpol /set /subcategory:"IPsec Quick Mode" /success:disable /failure:disable
    auditpol /set /subcategory:"IPsec Extended Mode" /success:disable /failure:disable
    auditpol /set /subcategory:"IPsec Driver" /success:disable /failure:disable
      rem https://thesystemengineers.wordpress.com/2014/05/08/the-best-advanced-audit-script-and-advanced-audit-policy-i-use/
      rem http://www.ultimatewindowssecurity.com/wiki/WindowsSecuritySettings/Recommended-Baseline-Audit-Policy-for-Windows-Server-2008
    auditpol /set /subcategory:"DPAPI Activity" /success:disable /failure:disable
    auditpol /set /subcategory:"Detailed Directory Service Replication" /success:disable /failure:disable
    auditpol /set /subcategory:"Directory Service Replication" /success:disable /failure:disable
    auditpol /set /subcategory:"Handle Manipulation" /success:disable /failure:disable
    auditpol /set /subcategory:"MPSSVC Rule-Level Policy Change" /success:disable /failure:disable
    auditpol /set /subcategory:"Non Sensitive Privilege Use" /success:disable /failure:disable
    auditpol /set /subcategory:"Other Policy Change Events" /success:disable /failure:enable
    auditpol /set /subcategory:"Other Privilege Use Events" /success:disable /failure:disable
    auditpol /set /subcategory:"SAM" /success:disable /failure:disable
    auditpol /set /subcategory:"Sensitive Privilege Use" /success:disable /failure:disable
      rem may be enabled on failure
    auditpol /set /subcategory:"Other System Events" /success:disable /failure:disable
      rem Usually all enabled
    auditpol /set /subcategory:"Account Lockout" /success:disable /failure:disable
    auditpol /set /subcategory:"Application Generated" /success:disable /failure:disable
    auditpol /set /subcategory:"Application Group Management" /success:disable /failure:disable
    auditpol /set /subcategory:"Audit Policy Change" /success:disable /failure:disable
    auditpol /set /subcategory:"Authentication Policy Change" /success:disable /failure:disable
    auditpol /set /subcategory:"Authorization Policy Change" /success:disable /failure:disable
    auditpol /set /subcategory:"Certification Services" /success:disable /failure:disable
    auditpol /set /subcategory:"Computer Account Management" /success:disable /failure:disable
    auditpol /set /subcategory:"Credential Validation" /success:disable /failure:disable
    auditpol /set /subcategory:"Directory Service Access" /success:disable /failure:disable
    auditpol /set /subcategory:"Directory Service Changes" /success:disable /failure:disable
    auditpol /set /subcategory:"Distribution Group Management" /success:disable /failure:disable
    auditpol /set /subcategory:"File Share" /success:disable /failure:disable
    auditpol /set /subcategory:"File System" /success:disable /failure:disable
    auditpol /set /subcategory:"Kerberos Authentication Service" /success:disable /failure:disable
    auditpol /set /subcategory:"Kerberos Service Ticket Operations" /success:disable /failure:disable
    auditpol /set /subcategory:"Kernel Object" /success:disable /failure:disable
    auditpol /set /subcategory:"Logoff" /success:disable /failure:disable
    auditpol /set /subcategory:"Logon" /success:disable /failure:disable
    auditpol /set /subcategory:"Network Policy Server" /success:disable /failure:disable
    auditpol /set /subcategory:"Other Account Logon Events" /success:disable /failure:disable
    auditpol /set /subcategory:"Other Account Management Events" /success:disable /failure:disable
    auditpol /set /subcategory:"Other Logon/Logoff Events" /success:disable /failure:disable
    auditpol /set /subcategory:"Process Creation" /success:disable /failure:disable
    auditpol /set /subcategory:"Process Termination" /success:disable /failure:disable
    auditpol /set /subcategory:"RPC Events" /success:disable /failure:disable
    auditpol /set /subcategory:"Registry" /success:disable /failure:disable
    auditpol /set /subcategory:"Security Group Management" /success:disable /failure:disable
    auditpol /set /subcategory:"Security State Change" /success:disable /failure:disable
    auditpol /set /subcategory:"Security System Extension" /success:disable /failure:disable
    auditpol /set /subcategory:"Special Logon" /success:disable /failure:disable
    auditpol /set /subcategory:"System Integrity" /success:disable /failure:disable
    auditpol /set /subcategory:"User Account Management" /success:disable /failure:disable
      rem Apply immediatly
    gpupdate /force

 

dell precision m4600

i7 2760QM

8GB ram

MX500 crucial SSD 500GB.

win 10 21H2

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Terms of Use