Local W2K Workstation Registry Changes

Off the top of anyones head, is there any blatant registry changes that need to be made at the local workstation in the registry.  I have already changed the Hash value for Local login to only keep up with 1 instead of 10.  I am really looking for the biggies here.  

There is probably going to be numerous suggestions, so points will be split according to severity.

Thanks
LVL 3
neowolf219Asked:
Who is Participating?
 
juliancrawfordCommented:
Most of them are intended to defend against Denial of Service attacks, while the others help prevent such things as the enumeration of accounts by unauthenticated users.
Under HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services add or modify the following values:
Key: Tcpip\Parameters
Value: SynAttackProtect
Value Type: REG_DWORD
Parameter: 2
Key: Tcpip\Parameters
Value: TcpMaxHalfOpen
Value Type: REG_DWORD
Parameter: 100
Key: Tcpip\Parameters
Value: TcpMaxHalfOpenRetried
Value Type: REG_DWORD
Parameter: 80
Key: Tcpip\Parameters
Value: EnablePMTUDiscovery
Value Type: REG_DWORD
Parameter: 0
Key: Tcpip\Parameters
Value: EnableDeadGWDetect
Value Type: REG_DWORD
Parameter: 0
Key: Tcpip\Parameters
Value: KeepAliveTime
Value Type: REG_DWORD
Parameter: 300000
Key: Tcpip\Parameters
Value: EnableICMPRedirect
Value Type: REG_DWORD
Parameter: 0
Key: Tcpip\Parameters\Interfaces\
Value: PerformRouterDiscovery
Value Type: REG_DWORD
Parameter: 0
Key: Netbt\Parameters
Value: NoNameReleaseOnDemand
Value Type: REG_DWORD
Parameter: 1
Under HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Control add or modify the following value:
Key: Lsa
Value: RestrictAnonymous
Value Type: REG_DWORD
Parameter: 1
another neat trick is changing the file association for the .REG extension to something like NOTEPAD.EXE. This will prevent malicious web sites from adding registry keys without your knowledge.
0
 
neowolf219Author Commented:
juliancrawford,

Thank, that's what I need.  Do you have any links that could maybe tell me a bit more about what each one of the Value Type and Parameters are and how they effect the workstation.  I'll wait for your reply, and if it is sufficient I'll reward you all the points (barring no one else chimes in)
0
 
juliancrawfordCommented:
Here are a few links I use that covers some registry settings - but I think your after more detail - I would do a google search on individual keys and you should get more detailed info.

http://www.windowsecurity.com/articles/Securing_the_Windows_2000_Registry.html
http://www.astalavista.com/library/hardening/windows2000/hardenwin2kinstall.shtml
http://www.sans.org/rr/papers/66/180.pdf
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.