GigaOM Radar Report

How to Disable Network Access to Windows Registry

How to Disable Network Access to Windows Registry

Ilija Miljkovac

Once a malicious agent (or even simply a careless one) has access to your system registry, you may face various issues. Regardless of whether they’re attempting to use this access for malicious activity or are simply careless or unskilled, you’ll want to disable this access.

Today, we’ll discuss how you can disable network access to the Windows registry on Windows 7. Still, the process is very similar on later editions of Windows and some common reasons that lead people to do this.

What Is The Windows Registry?

Your computer’s hard drive database is called the Windows Registry. This is where many basic settings for your applications and the system itself are stored.

Due to the fact the registry contains a lot of crucial data, it should only be changed when the person doing it knows what they’re messing with. You should never try to tamper with the settings without having someone very IT-savvy on your side or when you’re following a trustworthy guide.

With that being said, knowing how to use the registry will open up a lot of options. For example, it can let you speed up your device’s performance, in addition to giving way for a lot of different personalization options to make your experience the best it can be.

Why Would I Disable Registry Access?

Although this isn’t always a threat, you should be aware of the possibility of someone doing serious damage to your device by editing the registry. If your network has access to your registry, this is even more important, as they might not even be using the same computer.

Malicious cases aside, there’s a chance someone, not you, messes something up by pure carelessness or lack of education. To prevent this, it’s often recommended to disable registry access.

How Do I Disable Registry Access?

Method 1

One of the easiest ways to disable people from remotely accessing your registry files is simply to disable registry file access altogether.

Windows 7 has tools to help you see and configure all of the services that run on your device. We’ll be taking advantage of this to rid ourselves of registry network access.

  1. Press the Windows Key and hold it. Press R while keeping this, and you’ll see the “Run” tool pop up. You can also search for it by typing “Run” in the Start menu search bar.
  2. The Run tool will have a field where you will type in “services.msc”. Press “OK” and wait for the Windows Service Manager to launch.
  3. On the right-hand side, you’ll see a long list of services. For example, find “Remote Registry” there, it’s alphabetized, so it’ll be easy to find.
  4. Double click “Remote Registry”.
  5. Go to the “General” tab and set “Startup Type” to “Disabled”.
  6. Click “Apply”.
  7. Restart your device, and this will finalize the changes.

This should have the effect of disabling remote users and services on the same network to edit your registry files. You can reverse this by simply setting the Startup Type to either of the two other options.

Method 2

The second method deals with using the registry to change its settings. This will require access to a Registry Editor; luckily, all Windows 7 installations come with one pre-installed.

As we’ve talked about before, you need to be very careful when handling your registry. If you’re looking to make any changes other than the ones outlined here, you should ensure that you’ve got a trustworthy guide at the ready.

Just in case, you should set up a System Restore point now. This will help you restore your PC to this state if anything goes wrong. Alternatively, you can simply back up the registry itself.

  1. Press the Windows key and hold it. Next, tap the R key- this will open up the “Run” utility. Alternatively, you can type in “Run” in the Start menu search bar.
  2. In the field that pops up, write “ragedit” and click “OK” this will open the Registry Editor.
  3. The primary method of navigating within the registry is by using the arrows next to the names of each folder, and these are called the Registry Keys.
  4. Go to “HKEY_LOCAL_MACHINE” then “SYSTEM” then “CurrentControlSet” then “Services” and finally “RemoteRegistry”.
  5. Double click “Start” in “REG_DWORD”.
  6. You’ll see a field pop up in “Value Data.” Here, just type in “4,” if there’s already a number there, erase it.
  7. Press “OK” and restart your device.

This was a simple way to tweak the registry. The number you entered corresponds with the settings in method 1. The numbers are as follows:

  • 2 Automatic
  • 3 Manual
  • 4 Disabled

All you need to do to reverse these changes is to type in any other number.

Windows 8.1

To open up the registry, you’ll want to press the Start button and type in “gpedit.msc” this will open up a window where you can further navigate to the registry.

Go to “User Configuration” then “Administrative Templates” “Prevent access to registry” make sure that “Disabled” is checked and click OK.

To regain access to the registry, click the Start button, and in the search field, type the command gpedit.msc.

Go to User Configuration/Administrative Templates/System, and double click on the parameter “Prevent access to registry”. Next, check “Disabled” and click OK.

Disabling Network Access

If you’re looking to disable network access altogether, there’s a straightforward way to do this:

  1. Go to “Control Panel”.
  2. Navigate to “Connections” and open up “LAN settings”.
  3. If “Automatically detect settings” is checked, uncheck it.
  4. Instead, check “Use a proxy server”.
  5. Type in the settings of a non-existent proxy server.

This will lead to the browser timing out any time someone tries to open a site on the internet.

Further Manipulating The Registry

You might want to do some other things in addition to or instead of disabling network access to the Windows Registry. One of these is stopping access to the registry editor, which is essential for ensuring your device’s security.

Disabling Registry Keys

  1. Hold the Windows key and press R, and this will open up the “Run” utility.
  2. Type in “regedit” or “regedt32” and press OK.
  3. In the Registry Editor, navigate to “HKEY_LOCAL_MACHINE \ CurrentControlSet \ Control \ Keyboard Layout”.
  4. In the Edit menu, press “New- Binary Value”.
  5. Enter the name of the “Scancode Map” and press the enter key.
  6. Set the value to “00000000000000000300000000005BE000005CE000000000”.
  7. Press OK.
  8. Close regedit and restart your device.

Disabling Regedit Access Altogether

Sometimes, you might want to stop access to the registry editor altogether; in these cases, do this:

  1. Open the Start menu search bar and write “dpedit.msc” and press Enter. This will open the Group Policy Editor.
  2. Go to “Open User Configuration” then “Administrative Templates” then “System”.
  3. Double click “Prevent Access To Registry Editing Tools” and enable it.
  4. Restart your device.

How do you regain access to the registry in Windows 7?

If you’ve lost registry access, regaining it is just a few steps away:

  1. First, press the Windows key to open up the Start menu, and type in “gpedit.msc” in the search bar.
  2. Navigate to “User Configuration” then “Administrative Templates” “System” and double click on “prevent access to registry”.
  3. Disable it.
  4. Restart your device.

How do I disable remote access to my computer?

Disabling remote access to your device can be a good idea if you don’t need it or have suspicions of malicious activity.

  1. Open the Windows Control Panel.
  2. Type in “remote” into the search bar at the top right.
  3. Open up “Allow remote access to this computer” this will open the Remote Access Settings.
  4. Uncheck the “allow remote support connections to this computer” checkbox.
  5. Restart your device.

Is It Possible For My Device To Be Hacked If It’s Off?

Generally speaking, a turned-off computer isn’t operational. This means that no malicious actors can hack it. So regardless of what you’ve done, even if you leave your PC connected to the internet and the powerline, it’s pretty much impossible to hack remotely.

Wrapping Up

Manipulating the Windows Registry is a precarious business. Since all of your crucial data and applications rely on operating correctly, you shouldn’t tamper with it needlessly. No matter what you’re doing to it, make sure you’ve made the proper backups so you can restore the registry in case anything goes wrong.

Having the ability to stop network access to your Windows Registry can save you a lot of time and hassle. For example, in a corporate environment, you might find that someone can tamper with the Windows Registry on your computer from theirs. Sometimes, this can lead to simple carelessness losing you dozens of files and applications.

Although the methods in this article are made for Windows 7, they work just as well on any newer Windows installations.

GigaOM Radar Report