O'Reilly logo

Managing The Windows 2000 Registry by Paul Robichaux

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security Tweaks

Warning

A surprising number of Windows 2000 and NT’s security features are only accessible through Registry tweaks. For the most part, these adjustments add to your system’s security; except as noted, you are not adding extra risk by not making the changes discussed here. You should carefully note the security suggestions included in Chapter 9. They reflect changes you should make to preserve system security, while the items in this section are optional.

Clear the System Pagefile at Shutdown

The U.S. Government (actually the National Computer Security Center) has established a rating system for configurations of computer operating systems. This rating system, set forth in a document called the Orange Book, rates how secure operating systems are. To earn a particular rating, there are certain features an OS must implement. One of these features is object reuse. Simply put, object reuse just means that objects (including disk blocks, memory, and other shared resources) are cleared out after use. This prevents any leakage of confidential data.

While Windows 2000 and NT can be made compliant, as shipped neither OS clears inactive pages in the virtual memory’s pagefile. A couple of publicized attacks[54] rely on the fact that the system’s pagefile is left intact when the system shuts down; it can then be scanned for useful data. To prevent this, you can add the REG_DWORD value HKLM\System\CurrentControlSet\Control\Session Manager\Memory Management\ ClearPageFileAtShutdown ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required