General System Registry Secrets

General System Registry Secrets
Table of contents

I-324 If you need to limit the number of application-requested user ports that Windows NT dynamically assigns, change this registry value.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\Tcpip\Parameters
Value Name:	MaxUserPort
Data Type:	REG_DWORD
Value:	0x1388

This value is in hexadecimal. The default value is 1388 hex, or 5000 decimal. Restart the machine for any changes to take effect.

I-325 If your systems are prone to SYN attacks (Unix hackers love that trick), you may want to change this registry entry.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\Tcpip\Parameters
Value Name:	TcpMaxConnectRetransmissions
Data Type:	REG_DWORD
Value:	3

This value limits the number of times Windows NT lets someone try to connect during a given connect session. The default value is 3.

I-326 If you have remote users with unreliable connections, you can reduce network congestion by adjusting this registry value.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\Tcpip\Parameters
Value Name:	TcpMaxDataRetransmissions
Data Type:	REG_DWORD
Value:	5

This value controls how many times a given data segment is retransmitted. Initially, this value is set according to the length of the round-trip time for a particular connection.

I-327 Do you have too many people connecting to your system with TCP/IP, or are you connecting to more machines than is necessary? You can set a hard limit for the number of connections that TCP/IP can have open at a time.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\Tcpip\Parameters
Value Name:	TcpNumConnections
Data Type:	REG_DWORD
Value:	0xfffffe

The default value is 0xfffffe. Restart your system for any changes to take effect

I-328 If you need strict control over the kind of information that comes into your network, these registry parameters let you specify what your network does and doesn�t accept.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\Tcpip\Parameters
Value Name:	EnableSecurityFilters
Data Type:	REG_DWORD
Value:	1

When this registry value is set to 1, all incoming raw IP datagrams are filtered. This feature must be enabled before you can use the RawIpAllowedProtocols, TcpAllowedPorts, or UdpAllowedPorts values.

I-329	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
�	Value Name:	RawIpAllowedProtocols
�	Data Type:	REG_DWORD
�	Value:	0

This value determines which IP datagrams are accepted by the transport. A value of 0 indicates that all values are valid. If this value is missing from the registry for a particular interface, all values are accepted.

I-330	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
�	Value Name:	TcpAllowedPorts
�	Data Type:	REG_DWORD
�	Value:	0

These values control which TCP ports accept SYN requests. A value of 0 indicates that all values are valid. If this value is missing from the registry for a particular interface, all values are accepted.

I-331	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
�	Value Name:	UdpAllowedPorts
�	Data Type:	REG_DWORD
�	Value:	0

This value determines which ports accept incoming UDP datagrams. A value of 0 indicates that all values are valid. If this value is missing from the registry for a particular interface, all values are accepted.

I-132 If you are using your Windows NT server as a dial-up server on the Internet and can�t see all the computers on your network, you may be suffering from multiple default routes. To fix this problem, you must add the following key for each LAN adapter that is not connected to the Internet.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\Services\\Parameters\Tcpip

Add the following value under the Parameters key:

Value Name:	DontAddDefaultGateway
Data Type:	REG_DWORD
Value:	1

Then use the route command to add persistent routes for the LAN that the other LAN adapters referenced.

I-333 If you are troubleshooting clients running TCP/IP and you aren�t using DHCP (shame on you), you often need to adjust particular settings. Using the remote capabilities of Regedt32, you are just a few registry entries away from tweaking TCP/IP to your heart�s content. These registry entries store most of the standard TCP/IP information.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\Tcpip\Parameters
Value Name:	Hostname
Data Type:	REG_SZ
Value:	Example: BigDog

This value is the DNS name of your computer. When users issue a �ping -a 200.200.200.1� command, your system returns this value.

I-334	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\Tcpip\Parameters
�	Value Name:	IPAddress
�	Data Type:	REG_MULTI_SZ
�	Value:	any valid IP address. Example: 200.200.200.1

This value is the IP address of a particular machine. Issuing a �ping -a � command returns this value.

I-335	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\Tcpip\Parameters
�	Value Name:	SearchList
�	Data Type:	REG_SZ
�	Value:	any valid list of DNS suffixes. Examples: .com .org .edu

When your system tries to resolve a via DNS, it applies this list of suffixes to the generic . If you specify bigdog.winntmag, the first suffix applied to this request is .com. The resultant query then searches for bigdog.winntmag.com.

I-336	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
�	Value Name:	SubnetMask
�	Data Type:	REG_MULTI_SZ
�	Value:	any valid list of IP addresses

Windows NT uses this value when it applies the subnet mask to a particular IP interface bound to an adapter.

DHCP

I-337 To enable the DHCP client service on a remote system, you can use the Select Computer option in Regedt32.exe to remotely change this registry entry. It tells Windows NT to configure the first IP interface on the machine using DHCP.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
Value Name:	EnableDhcp
Data Type:	REG_DWORD
Value:	1

You need to restart the client for these changes to take effect.

I-338 Ever since you installed DHCP, your network traffic has gone up. This registry parameter helps reduce network broadcast traffic.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\DhcpServer\Parameters

Add the following value under the Parameters key:

Value Name:	IgnoreBroadcastFlag
Data Type:	REG_DWORD
Value:	0

This registry modification works only on homogenous Ethernet networks or same-subnet Token-Ring networks. If your network has a router that translates MAC-level addresses, do not modify this registry entry.

I-339 If you need to find out DHCP information about a particular client but don�t have access to the DHCP admin tool, you can still get the information by viewing these registry entries remotely.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
Value Name:	DhcpDefaultGateway
Data Type:	REG_MULTI_SZ
Value:	any valid IP address

This value specifies the default gateway list assigned to the client by the DHCP server.

I-340	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
�	Value Name:	DhcpIPAddress
�	Data Type:	REG_SZ
�	Value:	any valid IP address

This value is the IP address assigned to the user via the DHCP server. If the first value is anything other than 0.0.0.0, that value will override the DHCP-assigned value.

I-341	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
�	Value Name:	DhcpNameServer
�	Data Type:	REG_SZ
�	Value:	any set of valid IP addresses

This value is the set of name servers that your system uses to resolve DNS queries.

I-342	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
�	Value Name:	DhcpServer
�	Data Type:	REG_SZ
�	Value:	any valid IP address

This value is the IP address of the DHCP server that granted your client the IP address that�s stored in the DhcpIPAddress registry value.

I-343	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
�	Value Name:	DhcpSubnetMask
�	Data Type:	REG_SZ
�	Value:	any valid subnet mask for the current IP address space

This value is the DHCP Server-assigned subnet mask.

I-344	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
�	Value Name:	Lease
�	Data Type:	REG_SZ
�	Value:

This value is the number of seconds that the current lease is valid for a given client.

I-345	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\Parameters\Tcpip
�	Value Name:	LeaseObtainedTime
�	Data Type:	REG_SZ
�	Value:	number of seconds since 1/1/70

This value is the time in seconds since the current lease was obtained. You need to convert this number to do anything meaningful with it. Several programs available on the Web can convert it for you.

I-346	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\\ Parameters\Tcpip
�	Value Name:	LeaseTerminatesTime
�	Data Type:	REG_SZ
�	Value:	number of seconds since 1/1/70

This value is the time when the current lease will expire, stored in form of the number of seconds since 1/1/70. Using the remote viewing capabilities of Regedt32.exe, you can view this information on any machine you have access to via the network.

I-347 If you need to see what a client�s DHCP parameters were before the most recent changes, you can find them in the following registry entries. Note that you find this out by looking at the ControlSet001 value, which is different from the CurrentControlSet value. To go back one more revision, you can look at ControlSet002 value.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\ControlSet001\Services\\ Parameters\Tcpip

The following list of DHCP values is available under the Tcpip key:

Value Name:	DefaultGateway
Data Type:	REG_MULTI_SZ
Value:	0.0.0.0

I-348	Value Name:	EnableDHCP
�	Data Type:	REG_DWORD
�	Value:	0x1

I-349	Value Name:	IPAddress
�	Data Type:	REG_MULTI_SZ
�	Value:	0.0.0.0

I-350	Value Name:	PPTPFiltering
�	Data Type:	REG_DWORD
�	Value:	0

I-351	Value Name:	SubnetMask
�	Data Type:	REG_MULTI_SZ
�	Value:	0.0.0.0

I-352	Value Name:	UseZeroBroadcast
�	Data Type:	REG_DWORD
�	Value:	0

You can edit any of these values. Reboot the machine for changes to take effect.

NETBIOS OVER TCP (NETBT)

I-353 If a client is having trouble with its NetBT configuration on Windows NT (see the Appendix for instructions for Windows 95) and you want to change or verify some of the settings, you can use the remote capability of Regedt32.exe. Using the Select Computer option, choose the computer you need to access and use these registry keys to view NetBT-related information. Generally, you set these with the Network Control Panel Application; however, it is very useful to be able to view these values remotely.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\NetBt\Parameters
Value Name:	EnableLmhosts
Data Type:	REG_DWORD
Value:	1

When this registry entry is set to 1, NetBT uses the LMHOSTS file to resolve any outstanding queries that couldn�t be resolved using WINS or broadcasts.

I-354	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\LanmanServer\ Parameters

Add the following value under the Parameters key:

Value Name:	OptionalNames
Data Type:	REG_SZ
Value:	< any name you want as an alias>

You can then use this alias for any command that requires a server, such as Net Use.

I-355	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\NetBt\Parameters
�	Value Name:	EnableDns
�	Data Type:	REG_DWORD
�	Value:	0

When this registry entry is set to 1, NetBT uses DNS to resolve queries that it could not resolve with WINS, broadcast, or the LMHOSTS file.

I-356	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\NetBt\Parameters
�	Value Name:	EnableProxy
�	Data Type:	REG_DWORD
�	Value:	0

When this registry entry is set to 1, the machine acts as a proxy name server for networks that are bound to NetBT. A proxy name server answers other clients� name queries for system names it has resolved via WINS.

I-357	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\NetBt\Parameters
�	Value Name:	NameServer
�	Data Type:	REG_DWORD
�	Value:

This value is the address of the machine that the client machine uses for WINS queries. The default value is blank.

I-358	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\NetBt\Parameters
�	Value Name:	NameServerBackup
�	Data Type:	REG_DWORD
�	Value:

This is the address of the secondary WINS server. If the machine whose value is stored in NameServer cannot be reached, the machine at this address is queried.

I-359	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\NetBt\Parameters
�	Value Name:	ScopeID
�	Data Type:	REG_DWORD
�	Value:	Example: Winntmag.com

This value governs the NetBios name scope. Any valid DNS domain name automatically overrides the DHCP-assigned equivalent.

I-360 If you have a lot of memory and a fairly busy network, you can specify the maximum amount of memory NetBT allocates to store all outgoing datagrams. If you fill up the allocated memory, any other attempt to send fails.

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\NetBt\Parameters
Value Name:	MaxDgramBuffering
Data Type:	REG_DWORD
Value:	0x20000

The default is 128K. Restart the machine for any changes to take effect.

I-361 If you have broadcast storms on your network or just are looking for ways to reduce network traffic, try changing these registry entries:

Hive:	HKEY_LOCAL_MACHINE
Key:	System\CurrentControlSet\Services\NetBt\Parameters
Value Name:	BcastNameQueryCount
Data Type:	REG_DWORD
Value:	3

I-362	Hive:	HKEY_LOCAL_MACHINE
�	Key:	System\CurrentControlSet\Services\NetBt\Parameters
�	Value Name:	NodeType
�	Data Type:	REG_DWORD
�	Value:	1 or 8 (default)

This value determines the way NetBT registers and resolves names. Valid values and their meanings are listed below.

Value	Node-Type	Description
1	b-node	Uses broadcasts only
2	p-node	Uses point-to-point name queries to a WINS server
4	m-node	Broadcasts first, then queries the name server
8	h-node	Queries the name server first, then broadcasts

Restart your system for any changes to take effect.

Page: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11

Hosted by www.Geocities.ws