remote registry switch off ?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

i have xp pro and have heard that turning off this service is a good move for
security .
i am a very small business which i operate at a home office with a small
network .
i dont access my pc externally .
should i turn off this service and how do i do this ?
thanks steve
 
You could disable the process, but that might interfere with other
things you might want to do with your computer. Or you could set it to
start manually, but once started the process will be functional until
the next time you start your computer.

The truth is: If you have adopted sound security practices you have
nothing to worry about. Adopting sound security practices will go much
farther to protect your computer than fiddling with system services.
 
I couldn't disagree more. By far the greatest security issue in Windows is
that of buffer-overflow exploits, and services providing remote automation
such as DCOM or Remote Registry are the most vulnerable to this class of
attack.
 
Ian said:
I couldn't disagree more. By far the greatest security issue in Windows is
that of buffer-overflow exploits, and services providing remote automation
such as DCOM or Remote Registry are the most vulnerable to this class of
attack.
Click to expand...

Firewalls help more. Sure, if you know for sure that you won't need that
service then disable it as extra protection but just keep track of what
you've fiddled with so you can revert back later.
 
Ian

what does the remote registry do and by not having it what might i be losing
functionality of ?

thanks

Steve
 
stevenjf said:
Ian

what does the remote registry do and by not having it what might i be
losing
functionality of ?

thanks

Steve
Click to expand...

The ability to remotely edit your computer's registry (database of system
settings) from another computer on your network, using either the regedit
tool or other tools (some other remote administration or diagnostic tools
might make use of it.) You probably don't need it. If your network is
properly set up with a firewall then you are probably safe leaving it turned
on, but turning it off as another layer of protection is always good.
 
Colin

thanks your help .

if i dont really need it then please advise how to turn it off .

i dont intend to remotely fiddle with the registry on my pc or others on my
network .

i presume by turning it off it wont mean i cant transfer information around
the network such as data etc .

thanks

Steve
 
Let's think this through.

Do you really think an attacker from the internet has the time or
inclination to read through your registry and mess it up? Why bother,
when with a single worm or rootkit they can destroy thousands of computers?

And what would be the point of vandalizing your registry? Nobody does
that anymore. Now the name of the game is making a profit. No money is
made by messing up your registry.

In short...an attacker on the internet doesn't give a da*n about your
registry. And if you have a correctly configured firewall, no one from
the internet even knows that there's a computer at your IP address.

It's a different story if you actually know someone who a) has a desire
to make your life miserable and b) has a sufficient command of
technology to know how to break into your registry from a remote connection.

Moreover...and take this from a former all-star noob computer
destroyer...if you understood enough about the internals of the Windows
operating system, you wouldn't be asking your question. Do you really
want to mess around in something you don't understand?
 
It will only improve security if you are not following other security best
practices such as using a good firewall at the perimeter of your network,
using strong passwords for your user accounts, and configuring network
resources with the principle of least privilege. The remote registry service
can be useful in many situations. If you are sure that you will never have a
need to remotely manage or monitor a computer on your internal network then
you can disable it using services.msc and setting startup type to disabled
and stopping the service. The link below is on best security practices for
small businesses. Good security involves defense in depth and not relying on
one procedure or technology.

Steve

http://www.microsoft.com/smallbusiness/support/computer-security.mspx
 
Go to Control Panel
->Admin Tools
->Services
->Remote Registry

I've stopped this service on my PC, no probs so far, but it's your choice.

This hackers account might also interest you. Click on the Video button
 
Back
Top