Isn there a way to configure Windows NT 4.0 to prevent remote access to the registry?
Yes. Windows NT 4.0 Service Pack introduced a new registry key, the so-called Winreg key, which regulates who can remotely access the registry. The Security permissions set on this key define what Users or Groups can connect to the system for remote access to the registry. The default permissions only allow administrators full access to the registry, and deny all other users access. More information on the Winreg key is available in Microsoft Knowledge Base article 153183. However, it’s important to understand that the Winreg key would not protect against this vulnerability by default. As long as any key can be interrogated, a malicious user could exploit this vulnerability. As discussed in the Knowledge Base article, the default setting of the Winreg key allows a small number of registry keys to be interrogated by authenticated users. The specific list of such keys is specified via the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\ winreg\AllowedPaths key. Mach
Related Questions
- The file c:clamscan.log will show the results of the virus scan. How do I configure ISMail EP on Windows NT/2000/XP to work with F-Prot Anti-VirusTM software (http://www.f-prot.com/)?
- How do I configure ISMail EP on Windows 98/ME/NT/2000/XP to work with Norton AntiVirusTM software (http://www.symantec.com)?
- How do I configure ISMail EP on Windows 98/ME/NT/2000/XP to work with Eset NOD32 (http://www.nod32.com)?
