I know that running NetCease tool on a host could disable other hosts from enumerating session on it.
I wonder if there is a way to disable other PowerView functions such as “Get-netlocalgroup” (namely, disable the "NetLocalGroupEnum" WIN32 API call).
Any ideas?
A possible solution is to edit the registry key "AllowRemoteRPC" (found on Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server).
See reference.