Registry modification method to improve Windows security

Now the computer gives people a sense of the weak, not today by the virus raid, is tomorrow by the hacker attack, error, the crash became like a routine. In order to make the computer "strong" up, many people find anti-virus software, firewalls, hope that through these software to enhance the immune power of the computer. Indeed, these software, to some extent, enhance the ability of the computer to resist foreign attacks, but there is nothing to do with the loopholes in the computer's internal systems. The purpose of this paper is to introduce to you a

To improve the security of the system by modifying the registry method.

One, hide a server

In order to ensure that the resources on the server in the LAN are not illegally accessed and attacked by others, we think from a security point of view, sometimes we need to hide the name of the server computer specified in the LAN, so that other local area network users can not access, then how can we implement it? Here's a look at the specific steps for this setting:

1. Open Registry Editor and click the following branch in the Editor dialog box: Hkey_local_ machine SYSTEM currentcontrolset serviceslanmanserver Parameters key value.

2. Click the hidden numeric name below the key value with your mouse, and if you do not see the name, add one with a data type of REG_DWORD.

3. Then double-click the item with the mouse and enter 1 in the DWORD Editor dialog box that pops up.

4, finally click the "OK" button, and exit the Registry editing window, restart the computer can hide a server in the LAN.

Ii. preventing other persons from illegally editing the registration form

The registry is the soul of the entire system, and any erroneous modifications to the registry could cripple the system. Therefore, if you are not a system expert, it is best not to easily modify the registry. Of course in public places, in order to prevent those computer "rookie", arbitrarily change the registry settings, we would better cancel other users to modify the registry rights. We can follow the following steps to achieve this goal:

1, first in the registry editing interface, find the Hkey_current_usersoftwaremicrosoftwindowscurrentversionpolicies key value;

2, then create a new system primary key under the policies key value, if the primary key already exists, you can go directly to the next step;

3, then in the corresponding system key to the right window of the blank space and create a new DWORD string value, and named DisableRegistryTools;

4, set the value of the DisableRegistryTools to 1, set up, restart the computer can be done to prevent other people to illegally edit the registry.

Iii. shielding access to the "Control Panel"

Because of the control Panel, we can set up and control the vast majority of hardware and software in the computer system, so in order to prevent other people from arbitrarily through the Control Panel on the Windows system illegal modification, we need to block other users access to the "Control Panel", to achieve this function, We can make the following changes to the registry:

1. First, enter the regedit command in the Start menu, and open the Registry Editor operator interface.

2, then in the interface, in turn, using the mouse to access the \hkey_current_usersoftwaremicrosoftwindowscurrentversionpoliciessystem key value;

3. Then in the right window corresponding to the System key value, right-click in the blank space of the window and select "New"/"DWORD" command from the popup shortcut menu to create a new DWORD value;

4. Name the DWORD value Nodispcpl, and set the value of Nodispcpl to 1.

Iv. do not allow anyone else to set the desktop

If the Shenbo desktop settings are the same for each computer at the time of training, each student will be able to quickly find the target when the teacher is talking about the icon or what to do, whereas, once the settings in the desktop are modified arbitrarily, the settings on each computer will be different, so in teaching, It is difficult to guarantee the synchronization of teaching operation. To this end, many school room or training room, the lock desktop has been set, the following is the specific setup steps:

1. In the Windows Run dialog box, enter the regedit command to open the Registry Editor window;

2, in the editing window, with the mouse to access the Hkey-userssoftwaremicrosoftwindowscurentversionpolioiesexplores key value;

3. In the window to the right of the corresponding explores key, double-click the "No Save Setting" sub-key with the mouse and change its key value from 0 to 1!

4, restart the computer, the above settings can be effective.

V. To resist the destruction of backdoor

If your computer is on the Internet, your computer will be at risk of being hacked, and once attacked, your computer will face a security threat of paralysis or surveillance, including a backdoor program called Backdoor, which specializes in the exploitation of system vulnerabilities. In order to prevent this kind of procedure from damaging the system, it is necessary to prevent backdoor damage to the system through the corresponding setting. When set:

1, first in the Registry Editor Operation window, with the mouse click the key value Hkey_local_machinesoftwaremicrosoftwindowscurrentversionrun;

2, in the corresponding run key value of the right window, if you find the "Notepad" key value, you just delete it will be able to achieve the purpose of preventing backdoor.

VI. Hide User Login Name

Win9x more than the operating system can be the previous user login information has memory function, the next time we restart the computer, we will find the last user's login in the user name bar, this information may be exploited by some illegal molecules, and to the user pose a threat, we need to hide the name of the computer user login.

1, when set, please use the mouse to access the key value Hkey_local_machinesoftwaremicrosoftwindowscurrentversionwinlogon;

2. In the window to the right of the corresponding Winlogon key value, right-click in the blank space of the window and select "New"/"string" command from the popup shortcut menu;

3. Name the new string "DontDisplayLastUserName" and set the string value to "1";

4, after setting up, restart the computer can hide the user login name.

Seven, do not allow users dial-up access

If the user's computer has important information on it, it may not allow other people to access it casually. So how do you stop other people from dialing in to your computer, reducing security risks, as follows:

1. Open the Registry Editor and expand the following key values in the editor: [Hkey_local_machinesoftwaremicrosoftwindowscurrentversionpoliciesnetwork];

2, in the list on the right side of the editor, select the "Nodialin" key value with the mouse, if there is no such key value, you must create a new DWORD value, the name is set to "Nodialin";

3, then with the mouse double-click "Nodialin" key value, the editor will pop up a dialog named "String Editor", in the Text field of the dialog box, enter the value "1", where 0 means the dial-in Access function is disabled, 1 means that the dial-in Access function is allowed;

4. Log back on the network after exiting, the above settings will work.

Eight, shielding the network access to the floppy disk

As the saying goes, "mouth", many of the virus in the computer are infected by accessing an unclean floppy disk, if we allow users to access the floppy disk through the network, then the entire network may be infected with the virus, the end result will be the network of all the computer poisoning paralysis. In order to prevent viruses from invading the entire network, we must strictly manage the computer's input devices to sever the source of the virus, and prohibit access to the floppy disk through the network. When setting up, you can do this by following these steps:

1. Enter the regedit command in the system's Run dialog box to open the Registry Editor;

2, in the Registry Editor Operation window, turn on the key value Hkey_local_machinesoftwaremicrosoftwindowsntcurrentversionwinlogon;

3, in the corresponding Winlogon to the right of the window, check if there is no key value allocatefloppies, if not, right-click the window in the space, choose "New"/"DWORD value" from the popup shortcut menu;

4, the new DWORD value is named Allocatefloppies, and its value is modified to 0 or 1, where 0 represents can be accessed by all administrators in the domain, 1 representatives can only be accessed by local lander.

Registry modification method to improve Windows security