Use the Registry to enhance system security

Source: Internet
Author: User

The popularity of the Internet has brought a lot of convenience to our lives. However, how to prevent malicious attacks or damages and ensure system security is even more important. I have accumulated a lot of security experience in the process of using the computer. Now I want to sort out some of the operation skills on how to use the registry to enhance system security as follows for your reference only.

1. Leave the user name in the logon box

The operating system above Win9x can have a memory function for previous user login information. The next time you restart the computer, we will find the login name of the previous user in the username column, this information may be exploited by some illegal elements and pose a threat to users. Therefore, it is necessary to hide the user login name on the computer. When setting, use the mouse to access the key value HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Winlogon, and create a new string "DontDisplayLastUserName" in the window on the right ", and set this value to "1". After the setting, restart the computer to hide the login name of the user on the computer.
2. Resist the destruction of BackDoor

At present, there are many popular hacker programs on the Internet, which can pose a great security threat to the entire computer system. One of them is a BackDoor program called BackDoor, which specifically chooses system vulnerabilities for attacks. To prevent the system from being damaged by such programs, it is necessary to use corresponding settings to prevent the system from being damaged by BackDoor. In the editor operation window, click HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run, if the "Notepad" key value is found in the right window, delete it to prevent it.
3. "Control Panel" is not allowed"

The control panel is the control center of the Windows system. It can be used to modify device attributes, file systems, security passwords, and many other critical things in the system. Of course, we need to prevent these things.

When hiding and disabling the "control panel", you can enter the regedit command in the run bar of the Start menu to open the Registry Editor operation interface, and then in this interface, click \ HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System \ key value, and create the DWORD Value NoDispCPL, change the value to hexadecimal.
4. denied access to the floppy disk through the network

To prevent viruses from intruding into the entire network and paralyze the entire network, we must strictly manage computer input devices to cut off the source of the virus. Therefore, we must disable access to the floppy disk through the network. When setting, click Start and select Run Command from the pop-up menu. Then, the program will pop up a run dialog box, in which the regedit command is entered, then, in the open registry editor, open the key value [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon]. in the window on the right, check whether the key value AllocateFloppies exists. If no, create a DWORD Value, set the name to AllocateFloppies, and change the value to 0 or 1, 0 indicates that the domain can be accessed by all administrators, and 1 indicates that the domain can only be accessed by local administrators.
5. Make the "File System" menu disappear from the system attributes.

To prevent unauthorized users from tampering with files in the system at will, it is necessary to hide the menu of "File System" in "system attributes. To hide the HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System key values, create a New DWORD string value "NoFileSysPage" in the window on the right, and change its value to "1.
6. Lock the Desktop

Desktop settings include wallpapers, icons, and shortcuts. They are generally set after careful selection. In most cases, we do not want others to modify desktop settings or delete shortcuts at will. What should I do? In fact, modifying the Registry can help us lock the desktop. Here, "locking" means that modification to others is not stored. No matter how it is modified, you only need to restart the computer, our settings will remain intact. When setting, Run regedit to go to the Registry Editor and find the following branch: Hkey-Users \ Software \ Microsoft \ Windows \ CurentVersion \ Polioies \ eles, double-click "No Save Setting" and change its key value from 0 to 1!
7. Disable the Regedit command

The registration table is dangerous for many users. Especially for beginners, it is better to disable the Registration Table editor regedit.exe for security purposes. It is more important in the public data center, otherwise your machine will be changed to a mess accidentally.

When modifying the registry, Run regedit to go to the Registry Editor operation interface, click HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ secret to modify the registry.
8. Fixed registry errors.

We found that the registry needs to be modified to implement the above functions. However, in actual operations, a small error occurs when the registry is modified for some reasons, then, when you restart the computer, some software and hardware will not work normally or the computer will not work normally. In this case, we can import the previously backed up registry file into the registry to restore the previous content of the Registry. When setting restoration, enter the regedit command in the run dialog box. The Registry Editor window is displayed, in this window, click "Import Registry File" under the "Registry" menu, and find the backup file in the pop-up file dialog box. reg file, and then click the "OK" button in the dialog box to re-write the correct information to the Registry. You can run “scanreg.exe/restory under pure dosto recover the fault. Five data items are available: select the latest date for restoration. If the fault persists, select one until the system runs normally.
9. Do not modify the "Start" menu

Generally, when a user starts a program, the user will often find the desired program in the program group under the Start Menu. If we modify the content in the Start menu at will, it may affect other users to open the program, therefore, we often need to disable the modification of the content in the "Start" menu. When setting this content, you can click the following key values in the Registry Editor window: HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ release E, and then create a DWORD string value in the window on the right: "NoChangeStartMenu ", and set its value to "1 ".
10. allow users to only use the specified program

To prevent the entire computer system from being in disorder due to illegal operation or modification of programs, we can modify the registry so that users can only use the specified programs, thus ensuring system security. When setting, you can open the HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer key values in the Registry Editor window, then, create a New DWORD string value in the window on the right, and set its name to "RestrictRun" and set its value to "1 ". Then, add string values such as "1", "2", and "3" under the primary key of RestrictRun, and then set "1 ", the values of strings such as "2" and "3" are set to the program names that we allow users to use. For example, set "1", "2", and "3" to word respectively. EXE, notepad. EXE, write. EXE, then the user can only use word, notepad, tablet, so that our system will achieve the maximum protection, but also can limit the user to run unnecessary software.
11. prevent damage to WinNuke

Now there is a program named WinNuke that can damage the Windows System in the computer. To prevent the program from damaging the Windows operating system, the whole computer system is paralyzed, therefore, it is necessary to prevent the damage of WinNuke. We can set it in the Registry to ensure system security. In the editor operation window, click HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Services \ VxD \ MSTCP with the mouse, then, create or modify the string "BSDUrgent" in the window on the right, and set the value to 0. This will prevent WinNuke from damaging the system.
12. Disable the "Taskbar attributes" Function

The taskbar attribute function allows you to easily modify the Start menu and modify many properties and running programs in Windows, which seems dangerous to us, therefore, it is necessary to disable modification to it.

When modifying the settings, Run regedit to go to the Registry Editor and find the following branch: HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, create a DWORD string value "NoSetTaskBar" in the right pane, double-click "NoSetTaskBar", and enter 1 in the "key value" box in the pop-up dialog box, you can disable "Taskbar attributes.
13. Do not modify display attributes

Many users often modify the display attributes to make the appearance settings of their computers more beautiful, so as to reflect personalized styles. However, in practice, we sometimes need to ensure that the settings of all computers must be the same to facilitate Synchronous Teaching. In this case, we need to disable the modification of the display attribute. During modification, you can open the following branch with the mouse: HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, create a new DOWRD string value in the window on the right: Rename "new value #1" to "NoDispCPL" and set the value to "1.
14. Hide "Network neighbors"

In the LAN, we can often access the content on other computers through the network neighbors, so as to achieve the purpose of resource sharing. However, sometimes online neighbors pose security risks to us. For example, malicious users can use their online neighbors to illegally delete important data from other computers, causing losses to other computers. To avoid such losses, we can use the registry to hide "Network neighbors ". When setting, use the mouse to access the key value HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, create a DWORD Value NoNetHood in the window on the right, and set the value to 1 hexadecimal ).
15. Disable password for Screen Saver

When using a computer in the public, the most taboo is that users can set the system password at will, because once a user sets the password, other users cannot use it normally, which seriously makes the computer unable to start. To avoid these problems, we need to restrict the use of screen protection with a password. When setting, run the regedit command to open the registry editor window, and then click the following key values in the window: CURRENT_USER \ ControlPanel \ desktop \ ScreenSaveUsePassword, and then modify the value of ScreenSaveUsePassword, if you set this value to 0, it indicates that screen saver does not have a password. If you set this value to 1, you can use the default password. You can set it as needed.
This security control is sometimes unnecessary for individual users to use computers at home. However, it is useful for managers and users of Internet cafes and public data centers to understand the security control, this allows you to easily and easily control your computer and greatly reduce your maintenance work.
16. Disable the use of Registry Editor Regedit

The registration table is dangerous for many users, especially for beginners. For security reasons, it is best to disable the Registration Table editor regedit.exe to run. It is more important in the public data center. Otherwise, your machine will be changed to a mess accidentally.

Open the Registry to HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ drivers to modify the Registry, including yourself. If you want to recover the registry, save the following code as a REG. REG file, and then restart:
REGEDIT4
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System]
"DisableRegistryTools" = dword: 00000000
17. prohibit the use of any program

Open HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, and create a DWORD string value in the window on the right: "RestrictRun ", set its value to "1 ". In this way, we can disable running any program in Windows 98.
18. Modify the Registry to only allow users to use programs specified by you

Open HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, and create a DWORD string value in the window on the right: "RestrictRun ", set its value to "1 ". Then, add string values such as "1", "2", and "3" under the primary key of RestrictRun, and then set "1 ", the values of strings such as "2" and "3" are set to the program names that you are allowed to use. For example, set "1", "2", and "3" to word respectively. EXE, notepa XE, empires. EXE, then the user can only use word, tablet, the times of the empire, so that your system will achieve the maximum protection, but also can limit the user to run unnecessary software.
19. Do not modify display attributes.

Open HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System and create a new DOWRD string value in the window on the right: then, rename "new value #1" to "NoDispCPL" and set its value to "1.
20. Do not use the "password" icon setting function in "Control Panel"

Open HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, and create a Dword string value in the window on the right, then, rename "new value #1" to "NoSecCPL", and set its value to 1.
21. Do not use the "Change Password" label under "password"

Open HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, and create a Dword string value in the window on the right, rename "new value #1" to "NoPwdPage", and set its value to 1.
22. Do not use the "Remote Management" label under "password"

Open HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, and create a Dword string value in the window on the right, rename "new value #1" to "NoAdminPage", and set its value to 1.
23. Prohibit the use of system management programs in the control panel

Open HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Currentversion \ Policies \ system \\, in the right window, create a DWORD string value "NoDevMgrPage" and change its value to "1.
24. Disable password for Screen Saver

Open HKEY_CURRENT_USER \ ControlPanel \ desktop \ ScreenSaveUsePassword to change its value. If the value is 0 or 1, 0 indicates no password, and 1 indicates no password, use the default password, you can set it as needed.
25. The menu cannot be changed.

Open HKEY_USERS \\. DEFAULT \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer, create a New DWORD string value "NoChangeStartMenu" in the window on the right ", set the value to "1.
26. Disable the "Device Manager" menu in "System Properties ".

Open HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, and create a DWORD string value "NoDevMgrPage" in the window on the right ", then change its value to "1 ".
27. Do not display the "hardware configuration file" menu in "System Properties ".

Open HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ System, and create a DWORD string value "NoConfigPage" in the window on the right ", then, set the value to "1 ".
28. Change the security password of IE

You can set a password in the "graded Review" box on the "content" option page of the "Internet Options" dialog box of IE, so that when the relevant page is displayed, there will always be a prompt "classification review not allowed to view", and a Password dialog box will pop up asking you to enter the guardian password. If the password is incorrect, browsing stops. However, if you forget this password, you will not be able to browse these pages. After the password is forgotten, you cannot remove the security password even if you reinstall IE4.0. In this case, you have to turn to the registry:

Open HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies, select the "Ratings" sub-key under the sort ies sub-key, and press the Del key to delete it, since the Key-value data under the Ratings subkey is the encrypted password, the password in IE is removed after this item is deleted.
29. Clear various historical records

In Windows 98, all user history records are kept, including recently opened documents, programs, searched files, and network usage. We need to delete these historical records for personal security purposes when we host a public data center, but the general deletion method is not clean, so we have to turn to the Registry.

Open HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer, delete the keys shown in the table, clear the content in Windows \ Recent, and refresh the Document menu, in this way, your records will be removed. The following table items under this directory:

Location in Registry
Documents menu RecentDocs
Run dialog RunMRU
Find Files dialog Doc Find Spec MRU
Find Computer dialog FindComputerMRU


Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.