Windows 10: Need advice on a setting in Local Secuirty Policy and....

  1.    27 Sep 2016 #1

    Need advice on a setting in Local Secuirty Policy and....

    In the Local Security Policy on Windows 10 Pro Anniversary version 1607 there are 2 settings that I was wondering if I could adjust so there no way someone could access my computer remotely. It's under Security Settings then Local Policies, and then Security Options. The policies being Network access: Remotely accessible registry paths and Network access: Remotely accessible registry paths and sub-paths. Was wondering if it's safe to delete those paths since I don't do anything remotely wise. Hope that makes since. I hope the picture helps.

    Click image for larger version. 

Name:	Local Policy pic.PNG 
Views:	4 
Size:	84.7 KB 
ID:	103477

    Second question if I'm just a home user and let's say i wanted to make it really secure is there any other "Security Options" in Local S.P. that I could change to make it more secure. I see when searching the internet that Microsoft comes out with these group policy security templates. Can a regular home user use those templates and if they could how come it's not like on the front page of Microsoft's webpage or easy to understand. Forgive me for being such a noob. Just trying to dodge all the malware and ransomware and virus's and Zero day whatever's .

    Is the internet even worth it anymore I spend more time trying to secure this thing than using it.

    Sincerely Crazy8:)
      My ComputerSystem Spec

  2. TairikuOkami's Avatar
    Posts : 3,329
    10.5 Home 1803 x64
       28 Sep 2016 #2

    1, Sure you can. But, if you disable services like Server, WebClient, Workstation, you do not have to worry about it at all.
    2, That is, what they are for. It is just tedious to do, but every little bit helps these days, so if you are willing, go for it.

    craazziee8 said: View Post
    Is the internet even worth it anymore I spend more time trying to secure this thing than using it.
    Tell me about it, I am just trying to protect my computer and I ended up collecting tweaks, I do not even understand.
      My ComputerSystem Spec

  3.    28 Sep 2016 #3

    Thanks a lot TairikuOkami appreciate the help. Right now I have been using EMET a lot and seeing which programs and such I can apply to the safety of the EMET program. So far I get a good feeling about the EMET program and the great thing about it is it's free.

    "Having hope" Crazy 8
      My ComputerSystem Spec

  4.    28 Sep 2016 #4

    I actually just googled the darn policy and found this in case anyone else stumbles across my post wondering the same.
    and i quote, "Set this policy to a null value; that is, enable the policy setting, but do not enter any paths in the text box. Remote management tools, such as the Microsoft Baseline Security Analyzer and Microsoft Systems Management Server (SMS), require remote access to the registry. Removing the default registry paths from the list of accessible paths might cause these and other management tools to fail."
    so ya you can delete the values and really not worry about it because if you do delete it and find out that you need to re enter the deleted data that on the, "Explain" tab it tells you what the default values were. In case you wanted to use the above mentioned tools. And for myself I still have a lot more learning to do. Again, Thanks TairikuOkam this thread is answered and done.
      My ComputerSystem Spec

  5.    28 Sep 2016 #5

    Frankly, you are better off with a firewall. It will block access to those functions from outside your network.

    The problem here, is that these settings give you a false sense of security. Even setting these settings would not guarantee nobody could ever access your system remotely, since there are many ways to become compromised, even behind a firewall. For instance, if you are the victim of a drive-by-infection in your web browser, it can install software that allows an attacker to bypass any firewall (or these settings). The best defense against remote intrusion is vigilance.
      My ComputerSystem Spec

  6.    29 Sep 2016 #6

    Point taken thanks Mystere. Very sobering slap in the face but all so true. Would love to get some kind of hardware firewall someday but why bother I guess.
      My ComputerSystem Spec

  7.    29 Sep 2016 #7

    If you have a router from your cable company, chances are you already have a hardware firewall.
      My ComputerSystem Spec


Related Threads
Dear forum readers, I know it's possible to configure Wireless settings by policy. However it seems absent from the local group policy, which is where I would like to put it. How can I do ? Maybe it would work if I copy the corresponding...
I am looking for help from anyone with intimate knowledge of the group policies. I have switched off all the power management settings which allow the O/S to switch off a device to save power. I am still getting disconnects and some times this...
applying local group policy in Performance & Maintenance
Hi ive no experience applying group policy settings. What I'm hoping for is that I can have certain registry configurations applied cross all users. If I downloaded a registry.pol configuration, how do I apply this actually? So I've copied the...
Trying to solve a problem (listed on another forum here in these forums) I was told to go to my 'Local Group Policy Editor. I tried the following methods: -1- Windows -> Run -> type in 'gpedit.msc' and nothing happened, getting a window telling me...
Hello everyone. This is my first post to this forum. I hope someone can help me out. I am having a problem with Local Group Policy. I have been experimenting with this just for learning purposes and I am stumped by something. One of the first things...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 10:59.
Find Us