Write security setting tools by yourself

Author: Feng Ze [est]

Creation Time: 2004-9-2

If you are a network administrator who attaches great importance to security and the computer network you manage is installed with Windows 2000, I believe that repeated actions on system security settings will make you feel depressed. Do you want to let the program help you complete these repetitive tasks? In fact, most of the settings for the system are in the Operation registry, so it is easy to use a program to implement it. A simple program can make you much easier. Today, I will simply implement a security setup program.

Operating System: Windows 2000 pro
Objective: To optimize the Operating System
General idea: Use API functions to operate the registry of the system and call the system () function to execute some system commands.

First, we will introduce several functions:

No.1
System (char * command)

Note:
Issue a doscommand

No. 2
Long regopenkeyex (hkey,
Lptstr lpsubkey,
DWORD uloptions,
Regsam samdesired,
Phkey phkresult)

Description
Open an existing item. This function is recommended in Win32.

Hkey: a handle for an opened item, or a standard item name
Lpsubkey: name of the registry key to be opened
Uloptions unused, set to zero
Samdesired has the prefix key _?? Is one or more constants. Their combination describes the operations that can be performed on this item.
Phkresult is a variable used to load the name of an opened item.

No. 3
Long regsetvalueex (heky hkey,
Lpctstr lpvaluename,
DWORD reserved,
DWORD dwtype,
Const byte * lpdata,
DWORD cbdata)
Description
Set the value of a specified item

Hkey: a handle for an opened item, or a standard item name
Name of the value to be set for lpvaluename
Unused reserved, set to zero
Number type to be set for dwtype
Lpdata contains the first byte in the Data Buffer
Length of the cbdata Buffer

No. 4
Regclosekey (hkey)

Description
Disables an entry (or key) in the system registry)

Hkey

Well, I have carefully read the above functions. I believe you have a rough understanding. Let's take a look at how to compile this program. First, we need to disable the default share of the system and use the system function to execute system commands. Of course, this method is stupid, but it is easy to implement. I think it is suitable for programming cainiao.
Void delshare ()
{
System ("@ net share C $/del ");
System ("@ net share d $/del");/* Most computers have four partitions. If the computer you manage has many partitions
System ("@ net share e $/del"); you can add it by yourself. If you want to write a-Z: p */
System ("@ net share F $/del ");
System ("@ net share ADMIN $/del ");
}
If you have any other commands to execute, add them, such as shutting down the service and setting up users.

What is the registry?
In short, the Registry is a huge database used to store various configuration data of computer software and hardware.

Modifying the registry is equivalent to modifying the computer configuration. Therefore, many security settings operate on the registry. Let's take a look at the registry functions.

Bool regset ()
{

Hkey hkresult1;
Hkey hkresult2;
DWORD cbdata = 4;
Char LPDA [4];
Char lpdb [4];

Lpctstr data1 = "system // CurrentControlSet // services // netbt // Parameters"; // you can specify the location to be opened.
Lpctstr data2 = "system // CurrentControlSet // control // LSA ";

Regopenkeyex (HKEY_LOCAL_MACHINE, // open the registry [HKEY_LOCAL_MACHINE/data1, system/CurrentControlSet/services/netbt/parameters]
0,
Key_all_access,
& Hkresult1 );

Regopenkeyex (HKEY_LOCAL_MACHINE, // open the registry [HKEY_LOCAL_MACHINE/
Data2, system/CurrentControlSet/control/LSA]
0,
Key_all_access,
& Hkresult2 );

LPDA [0] = 1; LPDA [1] = 0; LPDA [2] = 0; LPDA [3] = 0; // define the modified value
Lpdb [0] = 0; lpdb [1] = 0; lpdb [2] = 0; lpdb [3] = 0;

Regsetvalueex (hkresult1,
"Smbdeviceenabled", // you can set the Registry to disable port 445.
0,
REG_DWORD,
(Const unsigned char *) lpdb,
Cbdata );

Regsetvalueex (hkresult1,
"Restrictanonymous", // This setting disables the IPC $ null connection
0,
REG_DWORD,
(Const unsigned char *) LPDA,
Cbdata );

Regclosekey (hkresult1); // close the registry
Regclosekey (hkresult2 );

}
This function implements two settings. If you need more settings, you can add them by yourself or call regcreatekeyex to create a new item. Isn't it easy? If you want to set up hundreds or more machines in the future, you will not feel too tired. If the above Code is understood, I think it is easy for you to write a tool to fix malicious webpages and illegally modify the registry.

Background: there are still many functions for registry operations in API functions. If you are interested, you can study and write powerful registry operation software by yourself. Don't forget to give it to me.