Key: System\CurrentControlSet\Control\Lsa

Name: RestrictAnonymous Type: REG_DWORD Value: 1 . Remove the Everyone group from the “Access this Computer from the Network” user right. Replace it with the Authenticated Users group. In Windows NT 4.0, this can be

accomplished under User Manager -> Policies -> User Rights. In Windows 2000, this can be done via the Security Configuration Toolset and Group Policy. . Do not allow remote registry access. There are many registry keys that allow the Everyone group, and therefore anonymous users, read and/or set value permissions. If an unauthorized user was able to remotely edit the registry, he could modify registry keys in an attempt to gain elevated privileges. Restricting remote registry access is accomplished by setting security permissions on the HKLM\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg key. It is highly recommended that only Administrators and System have remote access to the registry. . Ensure that the Guest Account is disabled. Ensure that all accounts (service and
Next topic
Previous topic