Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Local W2K Workstation Registry Changes

Posted on 2003-11-10
3
Medium Priority
?
361 Views
Last Modified: 2013-12-04
Off the top of anyones head, is there any blatant registry changes that need to be made at the local workstation in the registry.  I have already changed the Hash value for Local login to only keep up with 1 instead of 10.  I am really looking for the biggies here.  

There is probably going to be numerous suggestions, so points will be split according to severity.

Thanks
0
Comment
Question by:neowolf219
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 5

Accepted Solution

by:
juliancrawford earned 2000 total points
ID: 9720995
Most of them are intended to defend against Denial of Service attacks, while the others help prevent such things as the enumeration of accounts by unauthenticated users.
Under HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services add or modify the following values:
Key: Tcpip\Parameters
Value: SynAttackProtect
Value Type: REG_DWORD
Parameter: 2
Key: Tcpip\Parameters
Value: TcpMaxHalfOpen
Value Type: REG_DWORD
Parameter: 100
Key: Tcpip\Parameters
Value: TcpMaxHalfOpenRetried
Value Type: REG_DWORD
Parameter: 80
Key: Tcpip\Parameters
Value: EnablePMTUDiscovery
Value Type: REG_DWORD
Parameter: 0
Key: Tcpip\Parameters
Value: EnableDeadGWDetect
Value Type: REG_DWORD
Parameter: 0
Key: Tcpip\Parameters
Value: KeepAliveTime
Value Type: REG_DWORD
Parameter: 300000
Key: Tcpip\Parameters
Value: EnableICMPRedirect
Value Type: REG_DWORD
Parameter: 0
Key: Tcpip\Parameters\Interfaces\
Value: PerformRouterDiscovery
Value Type: REG_DWORD
Parameter: 0
Key: Netbt\Parameters
Value: NoNameReleaseOnDemand
Value Type: REG_DWORD
Parameter: 1
Under HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Control add or modify the following value:
Key: Lsa
Value: RestrictAnonymous
Value Type: REG_DWORD
Parameter: 1
another neat trick is changing the file association for the .REG extension to something like NOTEPAD.EXE. This will prevent malicious web sites from adding registry keys without your knowledge.
0
 
LVL 3

Author Comment

by:neowolf219
ID: 9722234
juliancrawford,

Thank, that's what I need.  Do you have any links that could maybe tell me a bit more about what each one of the Value Type and Parameters are and how they effect the workstation.  I'll wait for your reply, and if it is sufficient I'll reward you all the points (barring no one else chimes in)
0
 
LVL 5

Expert Comment

by:juliancrawford
ID: 9725458
Here are a few links I use that covers some registry settings - but I think your after more detail - I would do a google search on individual keys and you should get more detailed info.

http://www.windowsecurity.com/articles/Securing_the_Windows_2000_Registry.html
http://www.astalavista.com/library/hardening/windows2000/hardenwin2kinstall.shtml
http://www.sans.org/rr/papers/66/180.pdf
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question