|
 | 作者: balsai [balsai]
 论坛用户 |
登录 |
| Start Registry Editor (Regedt32.exe) and go to the following subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control On the Edit menu, click Add Key. Enter the following values: Key Name: SecurePipeServers Class: REG_SZ Go to the following subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers On the Edit menu, click Add Key. Enter the following values: Key Name: winreg Class: REG_SZ Go to the following subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg On the Edit menu, click Add Value. Enter the following values: Value Name: Description Data Type: REG_SZ String: Registry Server Go to the following subkey. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg Select "winreg". Click Security and then click Permissions. Add users or groups to which you want to grant access. Exit Registry Editor and restart Windows. If you at a later stage want to change the list of users that can access the registry, repeat steps 10-12. Bypassing the Access Restriction Some services need remote access to the registry to function correctly. For example, the Directory Replicator service and the Spooler service when connecting to a printer over the network require access to the remote registry. You can either add the account name that the service is running under to the access list of the "winreg" key, or you can configure Windows to bypass the access restriction to certain keys by listing them in the Machine or Users value under the AllowedPaths key. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths Value: Machine Value Type: REG_MULTI_SZ - Multi string Default Data: System\CurrentControlSet\Control\ProductOptions System\CurrentControlSet\Control\Print\Printers System\CurrentControlSet\Services\Eventlog Software\Microsoft\Windows NT\CurrentVersion System\CurrentControlSet\Services\Replicator Valid Range: A valid path to a location in the registry. Description: Allow machines access to listed locations in the registry provided that no explicit access restrictions exists for that location. Value: Users Value Type: REG_MULTI_SZ - Multi string Default Data: (None) Valid Range: A valid path to a location in the registry. Description: Allow Users access to listed locations in the registry provided that no explicit access restrictions exists for that location. Changed slightly in Windows 2000 and later: Value: Machine Value Type: REG_MULTI_SZ - Multi string Default Data: System\CurrentControlSet\Control\ProductOptions System\CurrentControlSet\Control\Print\Printers system\CurrentControlSet\control\Server Applications System\CurrentControlSet\Services\Eventlog Software\Microsoft\Windows NT\CurrentVersion Value: Users - Does not exist by default. For additional information about how to programmatically access the Windows registry and apply security to a registry key, click the following article number to view the article in the Microsoft Knowledge Base: 146906 HOWTO: Secure Performance Data in Windows 2000, Windows NT, Windows XP Note It is possible to have remote access to the registry after you follow the steps in this article if the RestrictNullSessAccess registry value has been created and is set to 0. This value allows remote access to the registry by using a null session. The value overrides other explicit restrictive settings. For additional information about this issue, click the following article number to view the article in the Microsoft Knowledge Base: 830070 Anonymous access by using a null session is possible after you configure the registry to restrict remote access |
| 地主 发表时间: 04-10-01 15:13 |
|
20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon
粤ICP备05087286号
论坛: 编程破解
标题: 怎么认