From Windows Server 2008 R2 Member Server Security Technical Implementation Guide
Part of Anonymous Access to the Registry
Associated with: CCI-002235
The registry is integral to the function, security, and stability of the Windows system. Some processes may require anonymous access to the registry. This must be limited to properly protect the system.
Run "Regedit".
Navigate to the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\
If the key does not exist, this is a finding.
Right-click on "winreg" and select "Permissions…".
Select "Advanced".
If the permissions are not as restrictive as the defaults listed below, this is a finding.
The following are the same for each permission listed:
Type - Allow
Inherited from -
Maintain permissions at least as restrictive as the defaults listed below for the "winreg" registry key. It is recommended to not change the permissions from the defaults.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\
The following are the same for each permission listed:
Type - Allow
Inherited from -
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer