Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

wep key problem


  • Please log in to reply

#16
ahmadi

ahmadi

    New Member

  • Member
  • Pip
  • 4 posts
Dear fawwodward
please ,can you explain to me how can i prevent access to regestry tools?
OS is win xp sp2
Dear peterm
the 2 programs recover the key from the registry I used Olydbg to analys them
there are 20 computers in my wireless network
I need away to prevent any one until the admin from accessing the registry
I now some ways to prevent access to registry tool and I used them but when I run combofix it remove the preventing access to the registry
I need way no program can remove it
I am sure that I will find it here
  • 0

Advertisements


#17
fawoodward

fawoodward

    Member

  • Member
  • PipPipPip
  • 141 posts
First make sure you have created a group for the wireless customers and a user name or names as well, make sure the user name(s) are assigned to this wireless group.

Unless you're running a server OS, then just go into control panel, administrative tools, and Local Security Policy. Open the Local Policies folder on the left, and then click on User Rights Assignment. You can try denying access to that computer from the network if all they're needing is just the wireless connection. Double click Access this computer from the network and remove the group/user name(s) of the wireless customers. Then double click Deny Access to this computer from the network and add the group/user name(s). Be very careful what you change because you can lock everyone out of the computer including yourself.

Make a backup of your registry before making any of the above changes, and if you have restore enabled, create a restore point prior to making the changes.

Good luck.
  • 0

#18
peterm

peterm

    Trusted Tech

  • Technician
  • 3,173 posts
Ok if you think they are going into the registry to get the information then try this on 1 computer only to start with.
1.Click Start, click Run, type gpedit.msc in the Open box, and then click OK.
2.Expand User Configuration, Administrative Templates, and System, and then right click Prevent access to registry editing tools.
Left click on propertities.
Click on Enabled
Click ok
Hope this is what you are after
Cheers
peterm
  • 0

#19
fawoodward

fawoodward

    Member

  • Member
  • PipPipPip
  • 141 posts
They're not editing the registry, they're accessing it and retrieving the information from it if I understand his posts correctly. And he stated he had Winxp SP2 so I'm assuming it's not a server - he probably won't have gpedit on his computer, and if he uses gpedit he will prevent ALL users from accessing the registry editing tools. That's why I thought limiting them from even having access to that computer would work since he can assign or remove permissions in Local Security Policy.

Edited by fawoodward, 17 May 2008 - 09:49 AM.

  • 0

#20
ahmadi

ahmadi

    New Member

  • Member
  • Pip
  • 4 posts

First make sure you have created a group for the wireless customers and a user name or names as well, make sure the user name(s) are assigned to this wireless group.

Unless you're running a server OS, then just go into control panel, administrative tools, and Local Security Policy. Open the Local Policies folder on the left, and then click on User Rights Assignment. You can try denying access to that computer from the network if all they're needing is just the wireless connection. Double click Access this computer from the network and remove the group/user name(s) of the wireless customers. Then double click Deny Access to this computer from the network and add the group/user name(s). Be very careful what you change because you can lock everyone out of the computer including yourself.

Make a backup of your registry before making any of the above changes, and if you have restore enabled, create a restore point prior to making the changes.

Good luck.

Dear I tried it but it is not work
I have router Linksys not aserver OS
the customers dont access the registry in my pc but in their pcs,the program wirelesskeyview get the wep key from the reg in their pcs

Edited by ahmadi, 18 May 2008 - 08:06 AM.

  • 0

#21
ahmadi

ahmadi

    New Member

  • Member
  • Pip
  • 4 posts

Ok if you think they are going into the registry to get the information then try this on 1 computer only to start with.
1.Click Start, click Run, type gpedit.msc in the Open box, and then click OK.
2.Expand User Configuration, Administrative Templates, and System, and then right click Prevent access to registry editing tools.
Left click on propertities.
Click on Enabled
Click ok
Hope this is what you are after
Cheers
peterm

thank you
that what i need ,but not my costumers get the key from the reg ,the program wirelesskeyview get the wep key from the reg
I tried this way but they use combofix program to remove this prevnting
all my customers have combofix program because I using it to scan their pcs evry 14 days from virus,troj, malware etc
and I told them that combofix it removes all preventig,task manager,disable reg tools,no run ,and no folder options
I need way to prevent accessing the registry tools that no programs can removes it
I tried this way but combofix removed it too :
[HKCU\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000001
regards
  • 0

#22
fawoodward

fawoodward

    Member

  • Member
  • PipPipPip
  • 141 posts

[Dear I tried it but it is not work
I have router Linksys not aserver OS
the customers dont access the registry in my pc but in their pcs,the program wirelesskeyview get the wep key from the reg in their pcs

OK after re-reading your original post, I see that none of this so far is the answer to your issue. It sounds to me like you need to have your customers have an actual user/password to access your wireless network. What you're asking is to disallow your customers from running certain applications on their own computers, which there's no way to do that. You can't make the key invisible to them and still allow htem to access your wireless network with it, unless you have a 2nd requirement to access it, such as a login.

By removing access to registry editing tools, you're locking yourself out. Your customers are not editing your registry at all, they're accessing information in their own computer's registry.

Edited by fawoodward, 18 May 2008 - 07:27 PM.

  • 0

#23
hproesler

hproesler

    New Member

  • Member
  • Pip
  • 5 posts
I agree, looks like the employees are just giving out the key after entered on their computer. Not really using aircrack at all, but WZcook, a component packaged with aircrack, which just lists the previous weps that have been entered on that particular computer. Aircrack itself is just a program to recover a key from the IVs which you obtain from the program airodump. In order to get enough IVs in a reasonable amount of time you must use packet injection which works only in Linux and only with certain wireless cards. It is not as easy to get working properly as downloading a piece of software. Sounds like a hopeless situation, if the employees are willing to give out the wep keys, why not a logon and password for Windows networking? I would think an employee that would be willing to do this, might as well take cash from the company drawers. Maybe use a logon for the network and find out who the person is willing to compromise the network and deal with them accordingly. Just my thoughts from what I have read.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP