Episode 30 — Windows Services: RDP, SMB, IIS Hardening
Windows services provide the functionality users rely on, but they also represent key points of exposure. This episode examines three common services—Remote Desktop Protocol (RDP), Server Message Block (SMB), and Internet Information Services (IIS)—and the configurations that keep them secure. You’ll learn how each service operates, what roles it plays in daily operations, and why attackers consistently target them for lateral movement or data theft. We outline how network segmentation, encryption, and authentication settings reduce their risk profiles, along with guidance on disabling unnecessary features.
Listeners will explore practical examples such as securing RDP through Network Level Authentication, hardening SMB to prevent relay attacks, and configuring IIS with minimal modules and up-to-date TLS support. The episode also explains how to audit usage, detect brute-force attempts, and align service configurations with corporate baselines. Understanding these services from both a defensive and operational standpoint prepares you for exam scenarios where correct configuration equals resilience. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with.
