allowing remote users to modify registry

W

windsurferLA

Recently, when reviewing the list "services" running on my WinXP SR/2
machine (launch compmgmt.msc from the RUN window), I observed that
"Remote Registry" and "Help and Support" services are being
automatically started with each machine start-up. It would seem to me
that these "services" should not be enabled as my computer is not
serviced by some MIS organization.

It would seem that leaving them enabled would increase the
susceptibility of my machine to potential hackers. Am I correct? If so,
how do I change things so that neither of the services are launched on
start-up?
 
A

Anteaus

Go to Control Panel>Computer Management>Services, and set the service
in-question to Manual or Disabled. Note that a Disabled setting has no effect
until the service is next stopped.

Remote Registry is needed for some AD-domain maintenance functionality, but
it's a security risk, particularly on computers whose users are Admins. We
normally disable it.

The other related security-risk is the Administrative Shares, which may
allow a local-Admin user to access the entire disk of another computer if
passwords happen to match. (which they will if the same user has 'been on'
both) These need to be disabled by way of a registry change.

Help and Support I'd leave running unless your users never need such.
 
W

windsurferLA

Thanks Anteaus for prompt reply.

In WinXP-pro, When I go to Control Panel | ... Computer Management |
Services & Applications | Services | Remote Registry
and I try to disable it, I get this message:

"Could not stop the Remote Registry service on Local Computer. Error
1053: The service did not respond to the start or control request in a
timely fashion."

I note that at http://support.microsoft.com/kb/886695
there is a "hot fix" for this problem, but I'm hesitant to install it in
that I may end up causing a real problem in my attempt to prevent a
potential problem.

Inasmuch as my computer is behind a hardware firewall with NAT and
Media-Access-Control (MAC) address restrictions on the LAN, disabling
the Remote Registry Service may not really be necessary.

Suggestions???
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

ManagePC - Application to manage and inventorize remote machines 1
"This computer cannot connect to the remote computer..." 6
Hot to allow Normal Users Start/Stop system services (Performance Logs and Alerts) 1
Enable File/Print Sharing Remotely (on the windows firewall) 1
remote desktop unable to connect 9
Where is the Remote Registry service? 3
Networking, registry and more problems! 3
Lost user profile due to O/I operation initiated by registry failu 2

Top