TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- Hi I'm analysing the C2 configuration of NT 4.0 of its impact on functionality and efficency. There are some configuration in the installation I don�t understand and other where I don�t have practical experience to see the impact onto the system/application. Please tell me from your expierence whatever it concerns. What is the impact? 1. No NetBIOS and NetBEUI, only TCP/IP with static addresses can be used 2. These services have to be disabled: Alerter, ClipBook Server, Directory Replicator, License Logging Service, Messenger, Network DDE, Network DDE DSDM, Plug and Play, Protected Storage, Schedule, Telephony Service, UPS 3. Null session are not allowed (HKLM\SYSTEM\CurrentControlSet\Control\Lsa\ RestrictAnonymous=1 and HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\NullSessionPipes and NullSessionShares are to be deleted) 4. only read permission for everyone on the whole root drive 5. Only read permission for everyone for HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RunOnce and Uninstall 6. Protection Mode of base objects (HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\ProtectionMode=1) 7. Only the administrator is allowed to register shares 8. Port listening is not allowed (HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\EnablePortLocking) 9. deep auditing (HKLM\SYSTEM\CurrentControlSet\Control\Lsa\AuditBaseObjects 10. no os/2 and posix 11. Only vga and no Direct Draw is allowed (HKLM\SYSTEM\CurrentControlSet\Control\GraphicsDrivers\DCI\Timeout=0) What I don�t understand: 1. What exactly do this devices, they are to disable: Changer, ParVdm, PCIDump, PnP ISA Enabler Driver, Scsiprnt, Scsiscan, update, Modem, Sfloppy 2. What are kerne object attributes for? Why have they to be changed? (HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\EnhancedSecurityLevel=1) 3. What is the user right �Debug programs" exactly for? Thank you for your feedback Daniel [EMAIL PROTECTED]
