?
Solved

How to lock-down the registry...

Posted on 2004-04-07
9
Medium Priority
?
6,025 Views
Last Modified: 2008-01-16
Mainly so webpages can't hijack your homepage, disable you from changing your homepage, or disable you from accessing your registry. Would prefer a .vbs solution.
0
Comment
Question by:TheKenman
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
9 Comments
 
LVL 7

Author Comment

by:TheKenman
ID: 10774130
P.S. Registry must still be accessible by adminstrator.
0
 
LVL 21

Expert Comment

by:gemarti
ID: 10774406
Use a policy:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/gp/205.asp

...and write a script that will enable/disable the policy.
0
 
LVL 21

Assisted Solution

by:gemarti
gemarti earned 600 total points
ID: 10774483
Okay...the first time I read this I really just looked at the title.

I would suggest that instead of writing a script I would purchase a piece of software that does this for you instead of trying to reinvent the wheel.

BlackICE is a very good application that will monitor your system for any attempted registry changes. You will be notified by a pop-up window when a change to the registry is attempted or if an unknow application trys to start up.
http://blackice.iss.net/
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 21

Expert Comment

by:gemarti
ID: 10774512
Also, the professional version of AD-AWARE has a program called AD-WATCH. It doesn't stop a change to the registry, but it does tell you exactly where the change occurred.

Ad-aware : http://www.webattack.com/download/dladaware.shtml 
0
 
LVL 7

Author Comment

by:TheKenman
ID: 10774624
Those are decent suggestions for a home user, but in a corporate setting they are not feasible. Also the reason I would prefer a .vbs- so I can easily mass-deploy the solution.

Thanks though!
0
 
LVL 21

Expert Comment

by:gemarti
ID: 10774836
Well BlackICE comes in a Corporate level configuration.

The other option is the Policy that I suggested above.
0
 
LVL 4

Accepted Solution

by:
Veegertx earned 1400 total points
ID: 10775677
Save all below to Enable Disable Homepage Change.vbs

'Enable Disable Homepage Change.vbs
'© Veegertx - 4/7/2004
'This code may be freely distributed/modified
Option Explicit
Dim WSHShell, RegKey, ValueA, Result
On Error Resume Next
Set WSHShell = CreateObject("WScript.Shell")
RegKey = "HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\"
ValueA = WSHShell.RegRead (regkey & "HomePage")

If ValueA = 0 Then 'Change Homepage is Enabled.
   Result = MsgBox("Ability to Change Homepage is currently [Enabled]." & _
        vbNewLine & "Would you like to Disable?" & _
        vbNewLine & "Will lock and Gray it out." & _
        vbNewLine & "May need to Log-off for effect.", 36)
   If Result = 6 Then 'clicked yes
      WSHShell.RegWrite regkey & "HomePage", 1
   End If
Else 'Change Homepage is Disabled
   Result = MsgBox("Ability to Change Homepage is currently [Disabled]." & _
        vbNewLine & "Would you like to Enable?", 36)
   If Result = 6 Then 'clicked yes
      WshShell.RegDelete "HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel\HomePage"
      'Delete Key cause it don't exist normally
   End If
End If
0
 
LVL 4

Expert Comment

by:Veegertx
ID: 10795523
Locking down the registry completely can be a daunting task
http://www.uksecurityonline.com/husdg/windowsxp/registry.htm
or MS XP version http://support.microsoft.com/default.aspx?kbid=314837
Requires setting permissions on the registry key's themselves and can even lock user's out from installing software, depends on how many User's you have on your PC. I studied the above pages some time back and decided against it myself. I just keep mjy virus and firewall updated and have had no problem. I also use the above reg edit to prevent homepage changing. I keep that key in my fav's list in my JUmp2Reg program though just in case.

Bottom of the 1st page is this though;
Also if you have the Windows 2000/XP Resource Kit then you can consider using the SUBINACL command to just replace the EVERYONE group wherever it is found with Authenticated Users.
0
 
LVL 7

Author Comment

by:TheKenman
ID: 10877163
Thanks guys, sorry it took so long to get back to this.
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ok I have been working on this for some time having learned and gained certification in XenDesktop 4 along came version 5 which was released last month. Since then I have been working to deploy XenDesktop 5 in a small environment with only 2 virt…
It is only natural that we all want our PCs to be in good working order, improved system performance, so that is exactly how programs are advertised to entice. They say things like:            •      PC crashes? Get registry cleaner to repair it!    …
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question