Modify registry to improve system security-Guide to registry use
1. Hide a server
To prevent unauthorized access and attacks to the server resources on the LAN, you may need to hide the name of the server computer specified in the LAN so that other LAN users cannot access the server.
1. Open the Registry Editor and set the hkey_local _ machine \ System \ CurrentControlSet \ Services \ LanmanServer \ Parameters key value.
2. Click the hidden value name under the key value. If this name is not found, add a value whose data type is REG_DWORD.
3. Double-click this item and enter 1 in the pop-up "DWORD Editor" dialog box.
4. Exit registry editing and restart the computer to hide a server in the LAN.
2. prevent others from illegally editing the Registry
1. Edit the HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ key value in the registry;
2. Create a system primary key under the Policies key value. If the primary key already exists, proceed to the next step;
3. Create a New DWORD string value in the blank window on the right of the corresponding system primary key and name it disableregistrytools;
4. Set the value of disableregistrytools to 1. After the setting, restart the computer to prevent others from illegally editing the registry.
3. Shield access to the control panel
1. Enter the Regedit command in the run bar of the Start menu to open the Registry Editor;
2. Then, access the \ HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System key values with the mouse in this interface;
3. In the right window corresponding to the system key value, right-click the blank area of the window and select "new"/"DWORD" from the shortcut menu, to create a New DWORD Value;
4. Name the DWORD Value nodispcpl and set the value of nodispcpl to 1.
4. Do not allow others to set the desktop as needed
1. In the editing window, the hkey-Users \ Software \ Microsoft \ Windows \ curentversion \ polioies \ es key value;
2. In the window on the right of the corresponding elasticsearch key value, double-click the "no save setting" subkey and change its key value from 0 to 1! Restart the computer.
5. Resist the destruction of Backdoor
There is a backdoor. Program The system vulnerabilities are specially selected to cause damage to the system. It is necessary for us to prevent backdoor damage to the system through corresponding settings.
1. First, in the Registry Editor operation window, HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run;
2. In the right window corresponding to the run key value, if the "Notepad" key value is found, you only need to delete it to prevent backdoor.
6. Hide user login names
Windows and later operating systems can have a memory function for previous user login information, the next time you restart the computer, find the last user's login name in the user name column, this information may be exploited by illegal elements to pose a threat to users.
1. When setting, Please access the key value HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Winlogon with the mouse;
2. In the window on the right of the corresponding Winlogon key value, right-click the blank area of the window and select "new"/"string" from the shortcut menu ", name the new string "DontDisplayLastUsername" and set this string value to "1 ";
3. After the settings are complete, restart the computer to hide the login name of the user on the computer.
7. Do not allow dial-up access
1. Open the Registry Editor and expand the following key values in the editor: [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ Network];
2. In the list on the right of the editor, select "nodialin" with the mouse. If this key value does not exist, you must create a New DWORD value with the name set to "nodialin ";
3. Double-click the "nodialin" key value, and the editor will pop up a dialog box named "string Editor". In the text bar of this dialog box, enter the value "1 ", 0 indicates that the dial-in access is prohibited, and 1 indicates that the dial-in access is allowed;
4. log out and log on to the network again. The above settings will take effect.
8. Shielding network access to a floppy disk
Prohibit Network Access to floppy disk settings
1. Open the key value HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon in the Registry Editor operation window;
2. In the window on the right of the corresponding Winlogon, check whether the key value AllocateFloppies exists. If not, right-click the blank area of the window, select "new"/"DWORD Value" from the shortcut menu ";
3. Name the newly created DWORD value AllocateFloppies and change it to 0 or 1. 0 indicates that it can be accessed by all administrators in the domain, and 1 indicates that it can only be accessed by local login.
9. prohibit access to the "File System" button
In the "System Properties" dialog box, a function button named "File System" allows you to set hard disks, floppy disks, and other mobile devices of your computer. However, to prevent unauthorized users from arbitrarily tampering with the settings of these devices, you sometimes need to hide the "File System" button in "System Properties". The following are the specific steps:
1. Open the registry editor window and access the following keys in the window: HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System;
2. In the right window corresponding to the system key value, click the blank area of the window and select "new"/"DWORD string value" from the shortcut menu "; name "nofilesyspage" and set its value to "1 ";
3. After the settings are complete, restart the computer.
10. Hide the "Network Neighbor" icon
1. First, in the open registry editor operation window HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer;
2. In the operation window on the right of the corresponding Explorer key value, click the blank area of the window with the mouse, from the shortcut menu that appears, access "new"/"DWORD string value" with the mouse in sequence, name the New DWORD string value nonethood, and set this value to 1 (hexadecimal );
4. After the settings are completed, restart the computer.
11. restrict the use of certain system features
In Internet cafes or public places, we sometimes have to restrict the use of certain features of the system to ensure that the system attributes are not changed by other common users at will. To achieve this goal, we can use the method of modifying the Registry Editor.
1. Run the Registry Editor and enter the HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System key value;
2. If this key value does not exist, create a new one;
3. Set the value of disabletaskmanager below the key value to 1, which will prevent the user from running the task manager.
4. Set nodispappearancepage to 1, which means that the display mode cannot be changed in the control panel;
5. Set nodispbackgroundpage to 1, which means that you are not allowed to change the desktop background and wallpaper.
12. restrict users from using specified programs
To prevent the entire computer system from being in disorder due to illegal operation or modification of programs, we can modify the registry so that users can only use the specified programs, thus ensuring system security.
1. Open the HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer key values in the Registry Editor window;
2. In the window on the right of the corresponding Explorer key value, create a DWORD string value named "restrictrun" and set its value to "1 ";
3. Add string values such as "1", "2", and "3" under the primary key of restrictrun, and then set "1 ", the values of strings such as "2" and "3" are set to the program names that we allow users to use. For example, set "1", "2", and "3" to word respectively. EXE, notepad. EXE, write. EXE, then the user can only use Word, notepad, tablet, so that our system will achieve the maximum protection, but also can limit the user to run unnecessary software.
13. Do not allow users to set Screen Protection passwords
1. Open the registry editor window and use the CURRENT_USER \ controlpanel \ Desktop \ screensaveusepassword key;
2. In the right window corresponding to the screensaveusepassword key value, set the screensaveusepassword value to 0.
14. Set the file system to NTFS format
In Windows2000 and NT systems, you can set partitions to NTFS to ensure the security of the file system, of course, we can also set the file system to NTFS format by modifying the registry. The specific implementation steps are as follows:
1. Open the Registry Editor and expand the following key values in the Editor:
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ FileSystem;
2. In the Registry Editor, click the "edit" menu, select the "new" menu item from the drop-down menu, and click "DWORD Value" in the pop-up menu ";
3. Enter the DWORD Value named "tfsdisablelastaccessupdate"
4. Double-click the ntfsdisablelastaccessupdate key and the editor will pop up a dialog box named "string Editor". In the text bar of the dialog box, enter the value "1 ", 0 indicates "cancel", and 1 indicates "enable.
15. Defend against computer attacks by winnuke hackers
Winnuke is a highly destructive program that can damage the Windows System in the computer and thus paralyze the entire computer system,
1. In the Registry Editor operation window, click HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ VxD \ mstcp with the mouse;
2. In the right window corresponding to the mstcp key value, click the blank area of the window and select "new"/"DWORD Value" from the shortcut menu ", name the DWORD Value "bsdurgent". If the key value already exists, proceed to the next step;
3. Set the bsdurgent value to 0 and restart the computer.
16. Restore the incorrect modification to the Registry
1. Enter the Regedit command in the run dialog box to bring up the registry editor window;
2. In this window, click "Import Registry File" under the "Registry" menu and find the backup file in the pop-up file dialog box. reg file, and then click the "OK" button in the dialog box to re-write the correct information to the registry;
You can run “scanreg.exe/restory under pure dosto recover the fault. Five data items are available: select the latest date for restoration. If the fault persists, select one until the system runs normally.
(Source: Hotspot Network)