I also like to remove access to the various Windows programs that allow the user to edit the registry. You can also drop registry keys on the machine using SVS layers, RIPs, and using Wise Package Studio. I do that in two ways, the first is here: Windows Registry Editor Version 5.00Īfter this key is set, the user is not allowed to add a registry key. I also like to completely disable the ability to do anything with the registry.
Use this registry key to turn off remote registry editing: Windows Registry Editor Version 5.00
It is great that the system admin can do something like that, but we don't want a hacker doing that, do we. Registryĭid you know that you can remotely edit registries? I found out this a few years back. Between these two, you will be mighty safe. The second key disables the file (Autorun.inf) that Windows reads to autorun something. The first key disables autorun for all devices (with the use of different values in the DWORD you can disable autorun on USB keys only, for example). I really want to make sure that autorun is actually turned off. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows this case I like to have double security.
Here is a different registry key that I like to use as well:. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer] I disabled autorun in two different ways: If you have an infected USB key, CD or DVD disk, ZIP disk (do you remember those?) and you insert it into your device, autorun will infect your machine. I had seen dozens of articles that suggested I turn off autorun, but I never did it. Here are some of the things that I wish I had done months before: Disable Autorun I thought I would share some of our security settings with the Juice Community. We changed some settings on our servers and desktops to prevent the problem in the future and to make them more secure. After lots of hunting and troubleshooting he was able to figure out that it was normal traffic. It looked like a virus, a trojan, and a worm all wrapped into one. We all stopped what we were doing and tried to help him figure out what was going on. A few weeks ago our network guy saw some suspicious traffic on our network. You have to go beyond Symantec Antivirus and actually lock Windows down if you want to make sure your computing environment is actually secure. As you all know, hackers are a tricky bunch. The best kind of desktop is a secure desktop.
0 kommentar(er)
