Scribd
Upload
78 views13 pages

How Registry Is Helpful in Managing Security.: Term Paper On

The document discusses how the Windows registry helps manage system security and configuration. It provides an overview of the registry, explaining that it is a central hierarchical database used to store configuration information for users, applications, and hardware. The registry contains data that Windows references during operation, such as user profiles, installed applications, and hardware devices. It improves on earlier Windows versions by centralizing this configuration data instead of storing it across multiple INI files. The registry helps manage security by maintaining accurate configuration information that Windows relies on to properly assign resources and authorize access during system startup and operation.

Uploaded by

Ashish Vaniya
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
78 views13 pages

How Registry Is Helpful in Managing Security.: Term Paper On

The document discusses how the Windows registry helps manage system security and configuration. It provides an overview of the registry, explaining that it is a central hierarchical database used to store configuration information for users, applications, and hardware. The registry contains data that Windows references during operation, such as user profiles, installed applications, and hardware devices. It improves on earlier Windows versions by centralizing this configuration data instead of storing it across multiple INI files. The registry helps manage security by maintaining accurate configuration information that Windows relies on to properly assign resources and authorize access during system startup and operation.

Uploaded by

Ashish Vaniya
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 13

Term Paper on

How registry is helpful in managing security.

Submitted by
***************************

Section: *****

Roll No: R*********


Reg. No: *********
Branch: B.Tech (IT)

Submitted To:
***********************
Lovely Professional University
Introduction Windows Registry
The registry is the heart and soul of
The Registry has to be one of the least
MS Windows XP. In other words,
understood aspects of the Windows
The registry contains the
operating system family. Even
configuration data that makes the
seasoned professionals approach it
operating system work. The registry
with a degree of caution, knowing that
enables developers to organize
a wrong entry can potentially wreak
configuration data in ways that are
havoc on the system. Description of
impossible with other mechanisms,
the registry.
such as INI files. It's behind just about
every feature in Windows XP that you
The registry as a central hierarchical
think is cool. More importantly, it
database used in Microsoft Windows
enables you to customize Windows
used to store information that is
XP in ways you can't through the user
necessary to configure the system for
interface.
one or more users, applications and
hardware devices. The Registry
Windows XP and every application
contains information that Windows
that runs on MS's latest desktop
continually references during
operating system do absolutely
operation, such as profiles for each
nothing without consulting the
user, the applications installed on the
registry first. When you double-click
computer and the types of documents
a file, Windows XP consults the
that each can create, property sheet
registry to figure out what to do with
settings for folders and application
it. When you install a device,
icons, what hardware exists on the
Windows XP assigns resources to the
system, and the ports that are being
device based on information in the
used. The Registry replaces most of
registry and then stores the device's
the text-based .ini files that are used
configuration in the registry. When
in Windows 3.x and MS-DOS
you run an application such as MS
configuration files, such as the
Word 2002, the application looks up
Autoexec.bat and Config.sys.
your preferences in the registry
Overview of Registry During system startup, Windows uses
the registry to get configuration data
The Registry was introduced as a way regarding the hardware, software and
out of the “INI files mess” that other peripherals that have been
plagued early versions of Windows. configured. It also maintains a backup
Configuration information regarding copy of the registry with which the
the operating system, application system had successfully started up
files, hardware, and soon were stored last. Hence, if it encounters a problem
in INI files scattered all over the with the current startup, it can then
system. For example, when an use the configuration information
application is installed, it needs to from the backup to attempt to start the
know various parameters regarding system. Some of the information
the operating system and the available stored in the registry is specific to the
hardware. Much of this information is particular startup session only, and is
common to other applications as well. mostly user-specific Physically.

However, if there was any change in The Registry information in XP is


the hardware or operating system stored in multiple files in the
software, updating the application’s System32\Config folder of the
INI files used to be hell. The Registry operating system (or root) folder
was conceived as a way out of this usually C:\Windows or C:\WINNT.
madness. It is a hierarchical database These files cannot be edited directly;
that stores information regarding the they have to be accessed through a
hardware, operating system software, Registry- editing program such as
application software, users Regedit.exe or Regedt32.exe
preferences and system preferences.
Registry Hives
The hierarchy separates the machine
information, user information and the A registry hive is a group of keys, sub
software information into logically keys, and values in the registry that
discrete units that can be manipulated has a set of supporting files that
with greater ease. Any changes made contain backups of its data. The
by users, the operating system, newly supporting files for all hives except
installed software, and hardware are HKEY_CURRENT_USER are in
all updated and reflected in the %SystemRoot%\System32\Configfolder on
Registry.
Windows NT 4.0, Windows 2000, registry files are named Classes.dat,
Windows XP, Windows Server 2003, User.dat, and System.dat.
and Windows Vista. The supporting
files for HKEY_CURRENT_USER Managing Security
are in the
%System Root%\Profiles\Username Security has become one of the most
folder.  urgent issues for many organizations.
It is an essential requirement for
The file name extensions of the files doing business in a globally
in these folders indicate the type of networked economy and for achieving
data that they contain. Also, the lack organizational goals and mission. But
of an extension may sometimes it is no small task. The technical and
indicate the type of data that they environmental complexity of today’s
contain.. organizations and the ever-increasing
dependence on technology to drive
Registry hive and automate processes and create
Supporting files competitive advantages make security
a challenging activity. Adding to this
HKEY_LOCAL_MACHINE\SAM complexity is a growing list of
Sam,Sam.log,Sam.sav vulnerabilities and increasingly
HKEY_LOCAL_MACHINE\Security sophisticated threats to which
Security, Security.log, Security.sav organizations are subjected on a daily
HKEY_LOCAL_MACHINE\Softwar basis.
e Software,Software.sav
HKEY_LOCAL_MACHINE\System Organizations can no longer be
System,System.alt effective in managing security from
HKEY_CURRENT_CONFIG the technical sidelines. Security lives
in an organizational and operational
System,System.alt,System.log
context, and thus cannot be managed
HKEY_USERS\DEFAULT
effectively as a stand-alone discipline.
Default, Default.log, Default.sav
Because security is a business
problem, the organization must
In Windows 98, the registry files are
activate, coordinate, deploy, and
named User.dat and System.dat. In
direct many of its existing core
Windows Millennium Edition, the
competencies to work together to
provide effective solutions. And to Managing the user registry
sustain success, security at an with many types
enterprise level requires that the
organization move toward a security Manage your user registry by running
management process that is strategic, various update and/or delete tasks
systematic, and repeatable—in other after you have configured the user
words, efficient at using security registry as part of the installation and
resources and effective at meeting deployment process.
security goals on a consistent basis.
Initial security configuration is part of
Managing for enterprise security the installation instructions. This is a
defines a disciplined and structured change from previous versions of the
means for realizing these objectives. information center. The information
This report presents the interim results in this section assumes you have
of work done by members of the already configured the user registry as
Networked Systems Survivability part of the installation and
Program at the Software Engineering deployment process. If you are
Institute in exploring these issues. The looking for instructions to initially
authors offer a view of the changing setup your user registry, refer to the
environment in which security must Installing Web Sphere Portal section
be performed and, from their field of the information.
work and research, itemize If you are running any of the
characteristics of common existing following tasks after setting up your
approaches to clustered production environment, we
security that limit effectiveness and will need to run an additional task to
success. A “desired state” as a update the security settings on the
security target for the organization is secondary nodes, see Configuring
outlined, and the organizational security after cluster creation for
transformation that the authors information.
believe is essential for approaching
Enabling application groups
security as a business problem is
presented. Application groups is a concept that
allows you to define user groups
within the database user registry with
members (users or groups) contained for WebSphere Portal because the
in the federated LDAP user registry roles assigned to the Application
you configured. Group also apply to all of its
members.
Run the wp-create-db task to add all
required federated database user Perform the following steps to enable
registries and run the wp-create- application groups:
ldap task to add all required federated
LDAP user registries to meet your 1. Run the following task to enable
business requirements before enabling application groups.
application groups. You must also set 2. where ldapid  is the value
the Group entity type to the database specifiedin federated.ldap.id when
user registry and the Person entity running the wp-create-ldap task
type to the LDAP user registry. and where dbid is the value
specified in federated.db.id when
You can use application groups in the
running the wp-create-db task.
following scenarios:
3. Perform the following steps to
 Read-only LDAP
stop and restart the server1
If you have a read-only LDAP, and WebSphere_Portal servers,
you cannot change the group where server1 is the name of
membership of users and theWebSphere Application
groups. If you need to define access Server and WebSphere_Portal i
rights for certain users that are in s the name of the WebSphere
different groups, you can create an Portal server.
Application group for these users with
a. Open a command prompt
the required access rights.
and change to the following
 Special group setup for Web directory:
Sphere Portal
 Windows: wp_pro
In this scenario you need to setup a file_root\bin
special group hierarchy that is only  UNIX: wp_profile
used by WebSphere Portal and not by _root/bin
other applications that access your
b. Enter the following
LDAP server. This can help you apply
command to stop
special access control rules just
the WebSphere Application d. Enter the following
Server: command to start the WebSphere
 Windows: stopSer Application Server:
ver.bat server1  Windows: startSer
-username admin_userid - ver.bat server1
password admin_password  UNIX: ./startServe
 UNIX: ./stopServe r.sh server1
r.sh server1 e. Enter the following
-username admin_userid - command to start
password admin_password the WebSphere_Portal server,
 i5/OS: stopServer where WebSphere_Portal is the
server1 name of the WebSphere
-username admin_userid - Portal server:
password admin_password
 Windows: startServer.bat Web
c. Enter the following Sphere_Portal
command to stop  UNIX: ./startServerhere_Portal
the WebSphere_Portal server,  i5/OS: startServer WebSphere
where WebSphere_Portal is the _Portal
name of the WebSphere
Portal server: Managing your user
 Windows: stopSer registry on AIX
ver.bat WebSphere_Portal -
After installing and deploying Web
username admin_userid -
Sphere Portal, which includes
password admin_password
installing and configuring the user
 UNIX: ./stopServe
registry, you can manage the user
r.sh WebSphere_Portal -
registry by running various update
username admin_userid -
and/or delete tasks. These tasks
password admin_password
include, but are not limited to, adding
 i5/OS: stopServer 
a property extension database,
WebSphere_Portal -username ad
updating or deleting the entity type,
min_userid -password admin_pas
and deleting the registry.
sword
Perform the following tasks to default VMM setup with a
configure security: federated file repository, which
will allow you to reconfigure
 Updating your user registry your user registry to meet your
on AIX business needs. The task
After deploying  Web Sphere deletes all existing repositories,
Portal, you may need to make creates a new realm, and
adjustments to your standalone configures a file repository in
LDAP user registry or to your VMM. The task also creates a
federated user repository new user and a new user group,
configurations. You can update which is set to portal and WAS
these configurations to achieve administrators.
the proper user registry
configuration. Managing your user
registry on an HP-UX
 Deleting your user registry
configurations on AIX In this which includes installing and
You may find that you no configuring the user registry, you can
longer need some of the LDAP manage the user registry by running
entity types, realms, realm base various update and/or delete tasks.
entries, repositories, etc. that These tasks include, but are not
you created. You can delete limited to, adding a property
these configurations to achieve extension database, updating or
the proper user registry deleting the entity type, and deleting
configuration. the registry.

 Restoring the VMM setup Perform the following tasks to


with a federated file configure security:
repository on AIX
If your business needs change  Updating your user registry
or something happens to make on an HP-UX
your user registry configuration You may need to make
inoperable, you can run the wp- adjustments to your standalone
restore-default-repository- LDAP user registry or to your
configuration task to restore the federated user repository
configurations. You can update
these configurations to achieve which is set to portal and WAS
the proper user registry administrators.
configuration.
Managing your user registry
 Deleting your user registry on i5/OS
configurations on an HP-UX
You may find that you no In this we includes installing and
longer need some of the LDAP configuring the user registry, you can
entity types, realms, realm base manage the user registry by running
entries, repositories, etc. that various update and/or delete tasks.
you created. You can delete These tasks include, but are not
these configurations to achieve limited to, adding a property
the proper user registry extension database, updating or
configuration. deleting the entity type, and deleting
the registry.
 Restoring the VMM setup
with a federated file Perform the following tasks to
repository on HP-UX configure security:
If your business needs change
or something happens to make  Updating your user registry
your user registry configuration on i5/OS
inoperable, you can run the wp- we may need to make
restore-default-repository- adjustments to your standalone
configuration task to restore the LDAP user registry or to your
default VMM setup with a federated user repository
federated file repository, which configurations. You can update
will allow you to reconfigure these configurations to achieve
your user registry to meet your the proper user registry
business needs. The task configuration.
deletes all existing repositories,
 Deleting your user registry
creates a new realm, and
configurations on i5/OS
configures a file repository in
we may find that you no longer
VMM. The task also creates a
need some of the LDAP entity
new user and a new user group,
types, realms, realm base
entries, repositories, etc. that
you created. You can delete limited to, adding a property
these configurations to achieve extension database, updating or
the proper user registry deleting the entity type, and deleting
configuration. the registry.

 Restoring the VMM setup Perform the following tasks to


with a federated file configure security:
repository on i5/OS
If your business needs change  Updating your user registry
or something happens to make on Linux
your user registry configuration After deploying IBM Web
inoperable, you can run the wp- Sphere Portal, you may need to
restore-default-repository- make adjustments to your
configuration task to restore the standalone LDAP user registry
default VMM setup with a or to your federated user
federated file repository, which repository configurations. You
will allow you to reconfigure can update these configurations
your user registry to meet your to achieve the proper user
business needs. The task registry configuration.
deletes all existing repositories,
 Deleting your user registry
creates a new realm, and
configurations on Linux
configures a file repository in
After deploying IBM
VMM. The task also creates a
WebSphere Portal, you may
new user and a new user group,
find that you no longer need
which is set to portal and WAS
some of the LDAP entity types,
administrators.
realms, realm base entries,
Managing your user repositories, etc. that you
created. You can delete these
registry on Linux
configurations to achieve the
In which includes installing and proper user registry
configuring the user registry, you can configuration.
manage the user registry by running
 Restoring the VMM setup
various update and/or delete tasks.
with a federated file
These tasks include, but are not
repository on Linux
If your business needs change  Updating your user registry
or something happens to make on Solaris
your user registry configuration we may need to make
inoperable, you can run the wp- adjustments to your standalone
restore-default-repository- LDAP user registry or to your
configuration task to restore the federated user repository
default VMM setup with a configurations. You can update
federated file repository, which these configurations to achieve
will allow you to reconfigure the proper user registry
your user registry to meet your configuration.
business needs. The task
deletes all existing repositories,  Deleting your user registry
creates a new realm, and configurations on Solaris
configures a file repository in we may find that you no longer
VMM. The task also creates a need some of the LDAP entity
new user and a new user group, types, realms, realm base
which is set to portal and WAS entries, repositories, etc. that
administrators. you created. You can delete
these configurations to achieve
Managing your user the proper user registry
registry on Solaris configuration.

In which includes installing and  Restoring the VMM setup


configuring the user registry, you can with a federated file
manage the user registry by running repository on Solaris
various update and/or delete tasks. If your business needs change
These tasks include, but are not or something happens to make
limited to, adding a property your user registry configuration
extension database, updating or inoperable, you can run the wp-
deleting the entity type, and deleting restore-default-repository-
the registry. configuration task to restore the
default VMM setup with a
Perform the following tasks to federated file repository, which
configure security: will allow you to reconfigure
your user registry to meet your
business needs. The task the proper user registry
deletes all existing repositories, configuration.
creates a new realm, and
configures a file repository in  Deleting your user registry
VMM. The task also creates a configurations on Windows
new user and a new user group, we may find that you no longer
which is set to portal and WAS need some of the LDAP entity
administrators. types, realms, realm base
entries, repositories, etc. that
you created. You can delete
these configurations to achieve
Managing your user the proper user registry
registry on Windows configuration.

After installing and deploying  Web  Restoring the VMM setup


Sphere Portal, which includes with a federated file
installing and configuring the user repository on Windows
registry, you can manage the user If your business needs change
registry by running various update or something happens to make
and/or delete tasks. These tasks your user registry configuration
include, but are not limited to, adding inoperable, you can run the wp-
a property extension database, restore-default-repository-
updating or deleting the entity type, configuration task to restore the
and deleting the registry. default VMM setup with a
federated file repository, which
Perform the following tasks to will allow you to reconfigure
configure security: your user registry to meet your
business needs. The task
 Updating your user registry
deletes all existing repositories,
on Windows
creates a new realm, and
we may need to make
configures a file repository in
adjustments to your standalone
VMM. The task also creates a
LDAP user registry or to your
new user and a new user group,
federated user repository
which is set to portal and WAS
configurations. You can update
administrators.
these configurations to achieve
BIBLOGRAPHY  http://technet.us/library/cc77825
 Encyclopedia: 6(WS.10).aspx
 http://news.1017-933185.html

You might also like