How can I ask about modifying the registry to carry out computer maintenance?
[Users questions | Browse:59 | Favorites]
Users questions:The best point of authority, not to teach to someone else
Experts answer:Win2000 wrong to modify the registry to enhance security a) Set time to live HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services* Tcpip * ParametersDefaultTTLREG_DWORD0-0xff (0-255 Decimal, default value is 128) Description: Specifies the outgoing IP packets to set the default time to live (TTL) value. TTL determines the IP packetReach the target before the maximum time the network to survive. It is in fact limited to the IP data packets discarded by the router to allow the number of pre-. Sometimes take advantage of this value to detect the remote host operating system, .2) to prevent the attack ICMP Redirect messages HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services * Tcpip * ParametersEnableICMPRedirectsREG_DWORD0x0 (default is 0x1) Description: This parameter controls the Windows2000 whether it will change its routing tables to respond to network devices (such as routers) to send ICMP redirect messages to it, sometimes being used to do bad things. Win2000 the default value of 1, indicating response to ICMP Redirect messages .3) the prohibition circular route to respond to ICMP packets HKEY_LOCAL_MACHINE*SYSTEM*CurrentControlSet*Services*Tcpip*Parameters*Interfaces*interfacePerformRouterDiscoveryREG_DWORD0x0 (default is 0x2) Description: "ICMP Routing Notice" feature may result in someone else's computer network connection exception, the data have been eavesdropping, the computer has been used to attack and other serious consequences flow. This problem has resulted in large campus networks in some local area networksArea, a long time network anomaly. Therefore proposed circular route off to respond to ICMP packets. Win2000 the default value of 2 indicates that when the DHCP sends the router discover option enabled .4) to prevent SYN flood attacks HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services * Tcpip * ParametersSynAttackProtectREG_DWORD0x2 (default is 0x0) Description: SYN attack protection, including reduction of SYN -ACK re-transmission frequency, in order to reduce the allocation of resources to retain time. Route cache entry delay the allocation of resources until the connection up. If synattackprotect = 2, then the connection instructions AFD has been postponed until three-way handshake is completed. Note that only in TcpMaxHalfOpen and beyond the scope of TcpMaxHalfOpenRetried set, protection mechanisms will take measures to .5) prohibits the C $, D $ a class of the default shared HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services * lanmanserver * parametersAutoShareServer, REG_DWORD, 0x06) to prohibit the default ADMIN $ share HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services * lanmanserver * parametersAutoShareWks, REG_DWORD, 0x07) restrictions on IPC $ default share HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Control * LsarestrictanonymousREG_DWORD0x0 default 0x1 anonymous users can not list local user outTable 0x2 anonymous users can not connect to local IPC $ share Note: not recommended to use 2, otherwise, may cause some of your service can not start, such as SQLServer8) does not support the IGMP protocol HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services * Tcpip * ParametersIGMPLevelREG_DWORD0x0 (default is 0x2) Description: The recall under Win9x a bug, is to use so that others can use IGMP blue, Modify the registry to fix this bug.Win2000 Although he did not this bug, but IGMP is not necessary, and therefore still can be removed. Routeprint later changed to 0 will not see that annoying 224.0.0.0 entry of .9) set arp cache and oldDelivery time setting HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services: * Tcpip * ParametersArpCacheLifeREG_DWORD0-0xFFFFFFFF (seconds, default value is 120 seconds) ArpCacheMinReferencedLifeREG_DWORD0-0xFFFFFFFF (seconds, default value is 600) Note: If you ArpCacheLife is greater than or equal toYu ArpCacheMinReferencedLife, then the reference or references ARP cache entries expire in ArpCacheLife seconds. If ArpCacheLife less than ArpCacheMinReferencedLifeWithout reference to items in the ArpCacheLife seconds expire, while the reference to items in the ArpCacheMinReferencedLife seconds expire. Each outbound packet will be sent to the entry of the IP address, will be cited in the ARP cache entries. 10) prohibit the death Gateway Monitoring HKEY_LOCAL_MACHINE*SYSTEM*CurrentControlSet*Services:*Tcpip*ParametersEnableDeadGWDetectREG_DWORD0x0 (default value is ox1) Note: If you set up multiple gateways, then your machine have difficulty in dealing with multiple connections, they will automatically switch to a backup gateway. Sometimes this is not a good idea, propose to prohibit the death gateway monitoring .11) do not support routing functions HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services: * Tcpip * ParametersIPEnableRouterREG_DWORD0x0 (default is 0x0) Note: the value is set to0x1 can make Win2000 with routing capabilities, and the resulting unnecessary problems .12) to do NAT when converting the external port to enlarge the maximum HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services: * Tcpip * ParametersMaxUserPortREG_DWORD5000-65534 (decimal) (default value is 0x1388 ** decimal 5000) Description: When an application requests from the system when the number of available user port,MAC Address HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Control * Class * to find the right window shows a "card" directory, for example, is the (4D36E972-E325-1(R) 82559FastEthernetLANonMotherboard "and then in the right window, a new string value named" Networkaddress ", the contents of the MAC value for what you want, for example, is" 004,040,404,040"And then restart the computer, ipconfig * all to see.
Experts answer:Win2000 wrong to modify the registry to enhance security a) Set time to live HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services* Tcpip * ParametersDefaultTTLREG_DWORD0-0xff (0-255 Decimal, default value is 128) Description: Specifies the outgoing IP packets to set the default time to live (TTL) value. TTL determines the IP packetReach the target before the maximum time the network to survive. It is in fact limited to the IP data packets discarded by the router to allow the number of pre-. Sometimes take advantage of this value to detect the remote host operating system, .2) to prevent the attack ICMP Redirect messages HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services * Tcpip * ParametersEnableICMPRedirectsREG_DWORD0x0 (default is 0x1) Description: This parameter controls the Windows2000 whether it will change its routing tables to respond to network devices (such as routers) to send ICMP redirect messages to it, sometimes being used to do bad things. Win2000 the default value of 1, indicating response to ICMP Redirect messages .3) the prohibition circular route to respond to ICMP packets HKEY_LOCAL_MACHINE*SYSTEM*CurrentControlSet*Services*Tcpip*Parameters*Interfaces*interfacePerformRouterDiscoveryREG_DWORD0x0 (default is 0x2) Description: "ICMP Routing Notice" feature may result in someone else's computer network connection exception, the data have been eavesdropping, the computer has been used to attack and other serious consequences flow. This problem has resulted in large campus networks in some local area networksArea, a long time network anomaly. Therefore proposed circular route off to respond to ICMP packets. Win2000 the default value of 2 indicates that when the DHCP sends the router discover option enabled .4) to prevent SYN flood attacks HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services * Tcpip * ParametersSynAttackProtectREG_DWORD0x2 (default is 0x0) Description: SYN attack protection, including reduction of SYN -ACK re-transmission frequency, in order to reduce the allocation of resources to retain time. Route cache entry delay the allocation of resources until the connection up. If synattackprotect = 2, then the connection instructions AFD has been postponed until three-way handshake is completed. Note that only in TcpMaxHalfOpen and beyond the scope of TcpMaxHalfOpenRetried set, protection mechanisms will take measures to .5) prohibits the C $, D $ a class of the default shared HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services * lanmanserver * parametersAutoShareServer, REG_DWORD, 0x06) to prohibit the default ADMIN $ share HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services * lanmanserver * parametersAutoShareWks, REG_DWORD, 0x07) restrictions on IPC $ default share HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Control * LsarestrictanonymousREG_DWORD0x0 default 0x1 anonymous users can not list local user outTable 0x2 anonymous users can not connect to local IPC $ share Note: not recommended to use 2, otherwise, may cause some of your service can not start, such as SQLServer8) does not support the IGMP protocol HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services * Tcpip * ParametersIGMPLevelREG_DWORD0x0 (default is 0x2) Description: The recall under Win9x a bug, is to use so that others can use IGMP blue, Modify the registry to fix this bug.Win2000 Although he did not this bug, but IGMP is not necessary, and therefore still can be removed. Routeprint later changed to 0 will not see that annoying 224.0.0.0 entry of .9) set arp cache and oldDelivery time setting HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services: * Tcpip * ParametersArpCacheLifeREG_DWORD0-0xFFFFFFFF (seconds, default value is 120 seconds) ArpCacheMinReferencedLifeREG_DWORD0-0xFFFFFFFF (seconds, default value is 600) Note: If you ArpCacheLife is greater than or equal toYu ArpCacheMinReferencedLife, then the reference or references ARP cache entries expire in ArpCacheLife seconds. If ArpCacheLife less than ArpCacheMinReferencedLifeWithout reference to items in the ArpCacheLife seconds expire, while the reference to items in the ArpCacheMinReferencedLife seconds expire. Each outbound packet will be sent to the entry of the IP address, will be cited in the ARP cache entries. 10) prohibit the death Gateway Monitoring HKEY_LOCAL_MACHINE*SYSTEM*CurrentControlSet*Services:*Tcpip*ParametersEnableDeadGWDetectREG_DWORD0x0 (default value is ox1) Note: If you set up multiple gateways, then your machine have difficulty in dealing with multiple connections, they will automatically switch to a backup gateway. Sometimes this is not a good idea, propose to prohibit the death gateway monitoring .11) do not support routing functions HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services: * Tcpip * ParametersIPEnableRouterREG_DWORD0x0 (default is 0x0) Note: the value is set to0x1 can make Win2000 with routing capabilities, and the resulting unnecessary problems .12) to do NAT when converting the external port to enlarge the maximum HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Services: * Tcpip * ParametersMaxUserPortREG_DWORD5000-65534 (decimal) (default value is 0x1388 ** decimal 5000) Description: When an application requests from the system when the number of available user port,MAC Address HKEY_LOCAL_MACHINE * SYSTEM * CurrentControlSet * Control * Class * to find the right window shows a "card" directory, for example, is the (4D36E972-E325-1(R) 82559FastEthernetLANonMotherboard "and then in the right window, a new string value named" Networkaddress ", the contents of the MAC value for what you want, for example, is" 004,040,404,040"And then restart the computer, ipconfig * all to see.
- Attendance overtime clock
- Ask a new question master
- 230-volt power supply with the e5300 be enough?
- Lynnfield interface (front side bus, FSB) is the number?
- AMD Which products can compete with lynnfield * in the same grade?
- What is the biggest feature of Lynnfield?
- turboboost?
- Currently there are several processors Lynnfield?
- Microsoft.NETframework
- 640X480 pixels display settings, can not be changed
- This information provided by the users.Thanks!
Computer Knowledge Copyright 2005-2015 All Rights Reserved.