Tuesday, March 17, 2009

Windows Secret - Securing NT

Securing NT

By default, NT 4.0 displays the last person who logged onto the system. This canbe considered to be a security threat, especially in the case of those who choose their password to be same as their Username. To disable this bug which actually is a feature, go to the following key in the registry editor:

HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon

Click and select the ReportBookOK item and create a new string value called DontDisplayLastUserName. Modify it and set it's value to 1.

As a system administrator, you can ensure that the passwords chosen by the usersare not too lame or too easy to guess. NT has this lovely utility called the UserManager which allows the administrator to set the age limit of the password whichforces the users to change the password after a certain number of days. You canalso set the minimum length of passwords and prevent users to use passwords whichalready have been used earlier and also enable account lockouts which willdeactivate an account after a specified number of failed login attempts.

When you log on to Win NT, you should disable Password Caching, this ensures Single NT Domain login and also prevents secondary Windows Logon screen.

Simply copy the following lines to a plain text ASCII editor like: Notepad and save it with an extension, .reg

----------------DISABLE.reg-----------------
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]

"DisablePwdCaching"=dword:00000001

----------------DISABLE.reg-----------------

To Enable Password Caching use the following .reg file:

--------------Enable.reg-----------------

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]

"DisablePwdCaching"=dword:00000000

--------------Enable.reg-----------------

Cleaning Recent Docs Menu and the RUN MRU

The Recent Docs menu can be easily disabled by editing the Registry. To do this goto the following Key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Now in the right pane, create a new DWORD value by the name: NoRecentDocsMenu and set it's value to 1. Restart Explorer to save the changes.

You can also clear the RUN MRU history. All the listings are stored in the key:

HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

You can delete individual listings or the entire listing. To delete History ofFind listings go to:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Doc Find SpecMRU

and delete.

Customizing the Right Click Context Menu of the Start Menu

When you right click on the start menu, only 3 options pop up: Open, Explore, and Find. You can add your own programs to this pop up menu( which comes up when weright click on it.) Open Regedit and go to the following registry key:

HKEY_CLASSES_ROOT\Directory\Shell

Right click on the shell and create a new Sub Key (You can create a new SubKey byright clicking on the Shell Key and selecting New > Key.). Type in the name of the application you want to add to the start menu. I want to add Notepad to the StartMenu and hence I name this new sub key, Notepad. Now right click on the newregistry key that you just created and create yet another new key named Command.Enter the full path of the application, in this case Notepad in the default value of Command in the rightpane.

So I Modify the value of the default string value and enter the full path name of Notepad:

c:\wndows\notepad.exe.

Now press F5 to refresh. Now if you right click on the Start Button you will find a new addition to the Pop Up Menu called Notepad.

Clicking on it will launchNotepad.We can not only add but also remove the existing options in this pop up box.

No comments:

Post a Comment