Should I disable network access to Windows registry?
The Network Access to Windows Registry allow you to configure the registry on another PC, but you have limited permissions to configure the registry.
You can connect to this computer's registry on another computer, but only two hives can be seen, HKEY_LOCAL_MACHINE
and HKEY_USERS
. For some registries, you need advanced permissions to allow configuration remotely.
It is easy to enable or disable this setting on your computer:
You can just run the services.msc
as administrator and find the service Remote Registry to start/stop it.
Related videos on Youtube
Comments
-
bjkeefe over 1 year
Avast Antivirus (the free version) lists, as a "health problem," that my "registry may be visible to others," and recommends that I "disable network access to Windows registry to help prevent snooping." Screenshot below. (Running Windows 7 Home Premium, if that matters.)
Questions:
- Should I do it?
- Are there possible downsides to doing it?
- Is it easy enough to undo this action, should I decide for some reason I want to?
[ETA] At the risk of getting too meta, I'd also appreciate thoughts on these questions:
- Does "network access" mean just other machines on my home network (running a basic cable Internet access set-up), or is it possible for someone to access my registry from somewhere outside of this?
- What possible information could be obtained that I might not want shared?
Thanks.
-
Ramhound almost 6 yearsNo; Stop using snake oil registry programs that do absolutely nothing
-
bjkeefe almost 6 yearsHeh. That much I know, at least. But this doesn't seem like the typical "fix your registry errors" nonsense, so it made me curious enough to ask around.
-
Mr Ethernet over 4 yearsThat's what I call them as well. Snake oil.
-
bjkeefe almost 6 yearsThanks, Otto. Would the two computers have to be on the same LAN, or similar? And is the ability to have one's registry modified remotely the default setting for Windows, do you know?
-
OOOO almost 6 yearsOn the server, it should be automatic (trigger start), and on the client it is disable by default. I am not sure about this, but during my tests, we can connect to the server register, but since we connect to the server, we still need permissions to control its register, and by default, both server and client can't connect to client's register,