Technology Plus Inc

Security
Home | Hardware | Disk drive tweaking | Network | Support | windows | Software | Websites | Security

Clear the Page File at System Shutdown (Windows NT/2000/XP)

 

Windows does not normally clear or recreate the page file. On a heavily used system this can be both a security threat and performance drop. Enabling this setting will cause Windows to clear the page file whenever the system is shutdown.

Open your registry and find the key below.

Create a new DWORD value, or modify the existing value called 'ClearPageFileAtShutdown' using the settings below.  

Registry Editor Example
| Name Type Data |
| (Default) REG_SZ (value not set) |
| ClearPageFileAtShutdown REG_DWORD 0x00000001 (1) |
-
| HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memo... |
-

Settings:
System Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
Memory Management]
Name: ClearPageFileAtShutdown
Type: REG_DWORD (DWORD Value)
Value: (0 = disabled, 1 = enabled)

Warning: Modifying the registry can cause serious problems that may require you to reinstall your operating system. We cannot guarantee that problems resulting from modifications to the registry can be solved. Use the information provided at your own risk.

Restart Windows for the changes to take effect.

Protect Against SYN Flood Attacks (Windows NT/2000/XP)
 

Windows includes protection that allows it to detect and adjust when the system is being targeted with a SYN flood attack (a type of denial of service attack). When enabled the connection responses time out more quickly in the event of an attack.

Open your registry and find the key below.

Create a new DWORD value called "SynAttackProtect" and set it to either 0, 1 or 2 based on the table below.

This value causes Transmission Control Protocol (TCP) to adjust retransmission of SYN-ACKS. When you configure this value, the connection responses time out more quickly in the event of a SYN attack (a type of denial of service attack).

  • 0 (default) - typical protection against SYN attacks
  • 1 - better protection against SYN attacks that uses the advanced values below.
  • 2 (recommended) - best protection against SYN attacks. This value adds additional delays to connection indications, and TCP connection requests quickly timeout when a SYN attack is in progress.
Optional Advanced Values

For extra control you can create these additional DWORD values in the same key for each of the items below. They are not required for SynAttackProtect to be effective.

  • TcpMaxHalfOpen - default value is "100"
  • TcpMaxHalfOpenRetried - default value is "80"
  • TcpMaxPortsExhausted - default value is "5"
  • TcpMaxConnectResponseRetransmissions - default value is "3"

 

Registry Editor Example
| Name Type Data |
| (Default) REG_SZ (value not set) |
| SynAttackProtect REG_DWORD 0x00000002 (2) |
| TcpMaxHalfOpen REG_DWORD 0x00000064 (100) |
| TcpMaxHalfOpenedRetried REG_DWORD 0x00000050 (64) |
| TcpMaxPortsExhausted REG_DWORD 0x00000005 (5) |
| TcpMaxConnectResponseRetrans... REG_DWORD 0x00000003 (3) |
-
| HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters |
-

Settings:
System Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
Name: SynAttackProtect,
Type: REG_DWORD (DWORD Value)

Warning: Modifying the registry can cause serious problems that may require you to reinstall your operating system. We cannot guarantee that problems resulting from modifications to the registry can be solved. Use the information provided at your own risk.

Restart Windows for the changes to take effect.

registy.jpg

Email us for support