tailieunhanh - Protecting the Registry against Unauthorized Remote Access
Protecting the Registry against Unauthorized Remote Access Remote access to the registry is very convenient when the system administrator needs to support end users from his own workplace. | Protecting the Registry against Unauthorized Remote Access Remote access to the registry is very convenient when the system administrator needs to support end users from his own workplace. Furthermore some services must also have access to the registry in order to function correctly. For example on a system that runs directory replication the Directory Replicator service requires access to the remote registry. The Spooler service also requires this access when it is connecting to a printer over the network. However in some cases this capability may be potentially dangerous that s why remote access must be authorized. When you attempt to connect the registry of the remote Windows NT-based system the Server service will check if there s an HKEY_LOCAL_MACHINE System CurrentControlSet Control SecurePipeServers Win reg key in that registry Fig. . Getting remote access to the registry is made possible with the following factors If there isn t a winreg subkey key in the registry that you want to protect then any remote user will have access to the registry. This user will be able to manipulate your registry within the limits defined by its ACL. If there s a Winreg subkey then the Access Control List defined for this key will specify who can access the registry remotely. But remember that Back Orifice 2000 or BO2K allows remote access to the registry despite the presence of a winreg subkey and its access permissions. However someone must install its server part on your system . Figure Configuring the Access Control List for HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control SecurePipeServers W inreg This means that to protect your system from unauthorized remote access you need to configure the ACL for the following registry key HKEY_LOCAL_MACHINE System CurrentControlSet Control SecurePipeServers Win reg. If the ACL for Winreg key provides the remote user s read or write access explicitly or through group membership the user will be able to connect to the .
đang nạp các trang xem trước