SoFunction
Updated on 2025-04-14

Modify the registry to improve system security—All strategies for using the registry


Modify the registry to improve system security—All strategies for using the registry


1. Hide a server
In order to ensure that the resources on the server in the LAN are not illegally accessed and attacked by others, it is sometimes necessary to hide the name of the server computer specified in the LAN, so that other LAN users cannot access it.
1. Open the Registry Editor, HKEY_LOCAL_ MACHINE \ SYSTEM \ CurrentControlSet \ Services \ LanmanServer \ Parameters key value.
2. Click the Hidden numerical name below the key value with the mouse. If this name is not found, add one, and its data type is REG_DWORD.
3. Then double-click this item with the mouse and enter 1 in the pop-up "DWORD Editor" dialog box.
4. Exit registry editing, restart the computer and hide a server in the LAN.
2. Prevent other people from illegally editing the registration form
1. First edit HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\key value in the registry;
2. Then create a new System primary key below the Policies key value. If the primary key already exists, you can proceed directly to the next step;
3. Then create a new DWORD string value in the blank space in the window on the right side of the corresponding System primary key and name it DisableRegistryTools;
4. Set the value of DisableRegistryTools to 1. After setting it, restarting the computer can achieve the purpose of preventing others from illegally editing the registry.
3. Block access from the "control panel"
1. First enter the regedit command in the run bar in the start menu to open the registry editor;
2. Then in this interface, use the mouse to access the \\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System key value;
3. Then, in the right window of the corresponding System key value, right-click the blank space of the window with the mouse, and select the "New"/"DWORD" command from the pop-up shortcut menu to create a new DWORD value;
4. Name the name of the DWORD value NoDispCPL, and set the value of NoDispCPL to 1.
4. Others are not allowed to set the desktop arbitrarily
1. In the edit window, Hkey-Users\Software\Microsoft\Windows\CurentVersion\Polioies\Explores key value;
2. In the window to the right of the corresponding Explores key value, double-click the "No Save Setting" subkey with the mouse and change its key value from 0 to 1! Restart the computer.
5. Resist the destruction of BackDoor
There is a backdoor program called BackDoor, which specifically selects system vulnerabilities that cause damage to the system. It is necessary to prevent BackDoor from destroying the system through corresponding settings.
1. First, in the registry editor operation window, HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run;
2. In the right window of the corresponding Run key value, if you find the "Notepad" key value, you can just delete it to achieve the purpose of preventing BackDoor.
6. Hide user login name
Operating systems above Win9x can have memory functions for the information logged in by previous users. Next time you restart the computer, the last user's login name will be found in the user name column. This information may be used by illegal elements and pose a threat to the user.
1. When setting, please use the mouse to access the key value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Winlogon;
2. In the window to the right of the corresponding Winlogon key value, right-click the blank space in the window, select "New"/"String" from the pop-up shortcut menu, name the new string "DontDisplayLastUserName", and set the string value to "1";
3. After setting up, restart the computer and you can hide the login name of the user on the computer.
7. User dial-up access is not allowed
1. Open the Registry Editor and expand the following key values ​​in the editor in sequence: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Network];
2. Use the mouse to select the "NoDialIn" key value in the list on the right side of the editor. If there is no such key value, a new DWORD value must be created and the name is set to "NoDialIn";
3. Then double-click the "NoDialIn" key value with the mouse, and a dialog box called "String Editor" will pop up by the editor. Enter the value "1" in the text column of the dialog box, where 0 means prohibiting dial-in access function and 1 means allowing dial-in access function;
4. Log in to the network again after logging out, and the above settings will work.
8. Block network access to floppy disks
Disable access to floppy disk settings via the network
1. In the registry editor operation window, open the key value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon in turn;
2. In the window on the right of Winlogon, check whether there are any key values ​​AllocateFloppies. If not, right-click the blank space of the window and select "New"/"DWORD Value" from the pop-up shortcut menu;
3. Name the newly created DWORD value AllocateFloppies, and change its value to 0 or 1, where 0 means it can be accessed by all administrators in the domain, and 1 means it can only be accessed by local loggers.
9. Access to the "File System" button is prohibited
In the System Properties dialog box, there is a function button called File System, which allows you to set up your computer's hard disk, floppy disk, and other mobile devices. However, in order to prevent illegal users from tampering with the settings of these devices at will, you sometimes need to hide the buttons of the "File System" in "System Properties". The following are the specific settings steps:
1. Open the Registry Editor window and access the following key branches in the window in turn: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System;
2. In the right window of the corresponding System key value, click the blank space of the window with the mouse, and select "New"/"DWORD string value" from the pop-up shortcut menu; name it "NoFileSysPage" and set its value to "1";
3. After setting up, restart the computer.
10. Let the "Online Neighbor" icon hide
1. First, in the open registry editor operation window HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer;
2. In the operation window to the right of the Explorer key value, click the blank space of the window with the mouse, and use the mouse to access "New"/"DWORD string value" in turn from the pop-up shortcut menu; name the newly created DWORD string value NoNetHood, and set the value to 1 (hexadecimal);
4. After setting up, restart the computer.
11. Limit certain features of the system
In Internet cafes or public places, sometimes in order to ensure that the properties of the system are not changed by other ordinary users at will, we must restrict the use of certain characteristics of the system. To achieve this, we can use the method of modifying the registry editor to achieve this.
1. Run the registry editor and enter the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System key value;
2. If the key value does not exist, create a new one;
3. Then set the value of DisableTaskManager below the key value to 1, which means that the user will be prevented from running the task manager.
4. Then set NoDispAppearancePage to 1, indicating that the user will not be allowed to change the display mode in the control panel;
5. Set NoDispBackgroundPage to 1 below, which means that the user will not be allowed to change the desktop background and wallpaper.
12. Restrict users from using specified programs
In order to prevent users from illegally running or modifying programs, resulting in the entire computer system being in a chaotic state, we can modify the registry to achieve the purpose of allowing users to only use the specified programs, thereby ensuring the security of the system.
1. Open the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer key value in the registry editor window;
2. In the window to the right of the Explorer key value, create a new DWORD string value, name as "RestrictRun", and set its value to "1";
3. Add string values ​​such as "1", "2", "3" under the primary key of RestrictRun, and then set the values ​​of strings such as "1", "2", "3" to the program name we allow users to use. For example, if "1", "2", and "3" are set to, respectively, users can only use word, notepad, and wordpad. In this way, our system will provide the greatest guarantee and can also restrict users from running unnecessary software.
13. Users are not allowed to set screen protection passwords
1. Open the registry editor window, and the CURRENT_USER\ControlPanel\desktop\ScreenSaveUsePassword key branch;
2. In the right window corresponding to ScreenSaveUsePassword key value, just set the value of ScreenSaveUsePassword to 0.
14. Set the file system to NTFS format
In Windows 2000 and NT systems, users can set partitions to NTFS format to ensure the security of the file system. Of course, we can also set the file system to NTFS format by modifying the registry. The specific implementation steps are as follows:
1. Open the Registry Editor and expand the following key values ​​in the editor:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem;
2. Click the "Edit" menu with the mouse in the registry editor, and select the "New" menu item in the drop-down menu, and click "DWORD Value" in the submenu that pops up;
3. Enter the name of the DWORD value as "tfsDisableLastAccessUpdate"
4. Then double-click the NtfsDisableLastAccessUpdate key value with the mouse, and the editor will pop up a dialog box called "String Editor". Enter the value "1" in the text column of the dialog box, where 0 represents "Cancel" the function and 1 represents "Enable" the function.
15. Fight against the attacks on computers by WinNuke hacker programs
WinNuke is a highly destructive program. This program can destroy the Windows system in the computer, which will cause the entire computer system to be paralyzed.
1. In the registry editor operation window, click the key value HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP with the mouse;
2. In the right window corresponding to the MSTCP key value, click the blank space of the window with the mouse, select "New"/"DWORD Value" from the pop-up shortcut menu, and name the DWORD value "BSDUrgent". If the key value already exists, you can proceed directly to the next step;
3. Then set the BSDUrgent value to 0, and you can achieve the purpose after restarting the computer.
16. Recover error modification to the registry
1. Enter the regedit command in the run dialog box to pop up the registry editor window;
2. Click "Import Registration File" under the "Registration" menu with the mouse in this window, find the backed up .reg file from the pop-up file dialog box, and finally click the "OK" button in the dialog box with the mouse to write the correct information to the registry again;
3. When the registry is damaged or the software and hardware settings are changed incorrectly, causing the system to fail to start, and the automatic repair is invalid, and it cannot be restored with "/Fix", you can run "/restory" in pure DOS to restore. There are five data to choose from. First select the most recent recovery date. If it still doesn't work, select it in turn until the system is running normally.

(Source: Hot Network)