Top 5 registry keys for Windows XP

With that, I present my favorite five registry keys, which can help secure your systems.

1. My favorite registry key is "Hidden." Adding this registry value will remove an XP computer from the network browse list. This can help prevent casual users on the network from discovering selected machines in the Network Neighborhood view. I like to use this on my own computer as well as other critical laptops and desktops that I don't want other people to poke and prod.
   Key: HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters
   Add Value: hidden
   Type: REG_DWORD
   Data: 1
   0 The computer's name and comment can be viewed by other computers. (default)
   1 The computer's name and comment cannot be viewed by other computers.
2. Each Windows XP system automatically creates a share for each drive letter on the computer. These shares are only available remotely to users with administrative access. However, in some instances, it may be handy to remove these "auto admin shares" from being created. If you simply right-click on the share and remove it in Explorer, the share will come back the next time the computer is started. By setting the AutoShareWks key () you can prevent these shares from being created.
   Key: HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters
   Value: AutoShareWks
   Type: REG_DWORD
   Data: 0
   0 Disables creation of the shares
   1 Enables creation of the shares (default)
3. My third favorite registry key is NoLMHash. This registry setting instructs the computer to not save the LanMan hash of your password on your computer. The LanMan hash is an extremely weak representation of your password and can weaken the overall password posture of your computer. By disabling the storage of the LanMan hash on all desktop systems, you can significantly improve the security of your network. Alternatively, you can run the thrashlm tool to remove the LM hashes from your computer.
   Key: HKLM\System\CurrentControlSet\Control\LSA\Parameters
   Value: NoLMHash
   Type: REG_DWORD
   Data: 1
   0 Stores the LanMan password hash (default)
   1 Disables storage of the LanMan password hash
4. Closely related to No. 3 is CachedLogonsCount (). Each user account and password that is used to log onto the domain from your computer is cached locally on your system. This ...
   
   To continue reading for free, register below or login

   Requires Membership to View

   To gain access to this and all member only content, please provide the following information:

   Email Address:
   
   
   

   By joining SearchEnterpriseDesktop.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.
   
   TechTarget cares about your privacy. Read our Privacy Policy
   To read more you must become a member of SearchEnterpriseDesktop.com

   As an existing member of the TechTarget network please activate your SearchEnterpriseDesktop.com account 

   By joining SearchEnterpriseDesktop.com you agree to receive email updates from the TechTarget network of sites, including updates on new content, magazine or event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile or unsubscribing via email.
   
   TechTarget cares about your privacy. Read our Privacy Policy
   
   
   

   Digg This!     StumbleUpon     Del.icio.us

   
   
   
   

   RELATED CONTENT Endpoint security management tools How to get -- and keep -- user support with security MDOP for Windows 7 available now Microsoft's Online Desktop Manager caters to small IT shops Monitoring user activity with network analyzers Using third-party technologies with Microsoft's NAP Understanding Microsoft's NAP's internal and external components Microsoft's NAP can ensure security compliance Microsoft releases WSUS 3 SP2 with Win 7, R2 support Using System Center Essentials as a patch management tool Troubleshooting Microsoft WSUS connectivity issues Windows desktop security tips Improvements to offline file synchronization in Windows 7 How to get -- and keep -- user support with security Structuring patch management in seven steps Underlying causes of inconsistent patch management Monitoring user activity with network analyzers Microsoft's Patch Tuesday brings a bumper crop of security fixes Using third-party technologies with Microsoft's NAP Understanding Microsoft's NAP's internal and external components Microsoft's NAP can ensure security compliance Secure Windows XP before a Windows 7 upgrade Microsoft Windows XP Pro Guide to converting from Windows XP to Windows 7 Manage the desktop image lifecycle to limit work, ensure security Secure Windows XP before a Windows 7 upgrade Microsoft's August patches run the gamut Hold on to Windows XP at your peril XP stragglers blame hardware costs, new features Your questions answered: The Windows 7 upgrade quandary Windows Vista users get little pricing relief on Windows 7 Vista shops eye quick path to Windows 7, XP shops likely to resist Google Chrome likely a niche player in Windows enterprise

   RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary system tray  (SearchEnterpriseDesktop.com)

   RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

   
   
   makes it possible to log onto your computer with your domain account when your machine isn't on the network. While a useful function, the cached passwords can be obtained using a password-cracking tool. It's best to limit the number of cached logons when possible. The other option is to run a trashpwhist tool to wipe the cached passwords from your machine.
   Key: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
   Value: CachedLogonsCount
   Type: REG_SZ
   Data: 1
   0 No user accounts or passwords are cached
   1-50 Number of user accounts and passwords to cache (default is 10)

5. If you're concerned about users visiting malicious websites or rogue SMBRelay servers on your internal network, it may be best to enable the key RequireSecuritySignature. This will prevent successful exploitation for all variants of credential reflection attacks.
   Key: HKLM\System\CurrentControlSet\Services\LanManServer\Parameters
   Value: RequireSecuritySignature
   Type: REG_DWORD
   Data: 1 (enable)
   0 SMB signing is not required (default)
   1 SMB signing is required

The above keys can be rolled out via Group Policy settings or individually via a .reg file that is executed on each machine. Although there is no silver bullet set of registry keys to securing your XP systems, implementing these five registry keys on your XP systems can help ensure the security of your network. Remember, fully test these registry settings before rolling them out to your enterprise.

ABOUT THE AUTHOR:   

[IMAGE]Eric Schultze
Eric Schultze is an independent security consultant who most recently designed Microsoft patch management solutions at Shavlik Technologies. Prior to Shavlik, Schultze worked at Microsoft, where he helped manage the security bulletin and patch release process. Schultze likes to forget that he used to work as an internal auditor on Wall Street.

Rate this Tip To rate tips, you must be a member of SearchEnterpriseDesktop.com. Register now to start rating these tips. Log in if you are already a member. DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.