Osnovni registry tweakovi
redorange
(poke, mem, kill)
08. мај 2020. у 20.15
Change the Maximum Transmission Unit (MTU) Size (Windows NT)
By optimizing the MTU setting you can gain substantial network performance increases, especially when using dial-up modem connections.
MTU stands for Maximum Transmission Unit and in basic terms, it defines the maximum size of a packet that can be transferred in one frame over a network.
Open your registry and find the key below. Add a new value, or edit the existing value, to equal the new MTU size. For low bandwidth modem connections a MTU value of '576' (1398 in decimal) would be a good size.
(Default) REG_SZ (value not set)
MTU REG_DWORD 0x00000576 (1398)
HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters
Settings:
Key: [HKEY_LOCAL_MACHINESystemCurrentControlSetServicesTcpipParameters]
Name: MTU
Type: REG_DWORD (DWORD Value)
Value: Default = 0xFFFFFFFF
Key: [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesEventLog]
Name: RestrictGuestAccess
Type: REG_DWORD (DWORD Value)
Value: (0 = guest access, 1 = restricted access)
Removing Windows NT Devices and Services (Windows NT/2000)
Sometimes it is possible to get orphaned services remaining in the registry. These services can be remove be modifying this key.
Open your registry and find the key below.
Under this key are subkeys representing each device and service installed on the machine.
To remove, first stop the service through Control Panel / Services, then locate the subkey corresponding to device or service and delete it.
Settings:
Key: [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServices]
brzina za minimalni internet u windowsu 8.1 je 768-1
redorange
(poke, mem, kill)
18. мај 2020. у 09.21
1. Introduction
For the basic introduction about Intel ® TXT, the
reader is referenced to our previous paper on this
topic [1], or alternatively, for a much more complete
and in-depth introduction, to the updated book by
David Grawrock [2].
The attack presented below assumes the attacker
can execute his or her code before the TXTʼs
SENTER instruction is executed, e.g. by infecting
the boot loader. The attacker code, as we will show
below, can then misconfigure the chipset in such a
way that the SENTER instruction would be unable
to properly setup VT-d protections for the newly
loaded MLE (e.g. hypervisor). As a result, the at-
tacker would be able to compromise the securely
loaded hypervisor using a classic DMA attack.
The Intel ® TXT technology has been designed ex-
actly to prevent scenarios like the above. In other
words, Intel ® TXT secure launch process assumes
that the system might be compromised before the
SENTER instruction is executed, and yet the
SENTER instruction is expected to securely load
and start the hypervisor. The attack described in
this paper demonstrates this assumption doesnʼt
hold in practice, because of certain implementation
errors.
2. Intel VT-d background information
For the attack described in this paper, it is impor-
tant to understand certain internals of how Intel VT-
d technology is implemented. The reader can find much more details about VT-d internals in the Intel
official specification [3].
As illustrated on Figure 1, Intel VT-d logic is imple-
mented in the Memory Controller Hub (MCH, also
called the Northbridge). System software, such as
the OS or the hypervisor, can configure each VT-d
remapping unit so that all devices connected under
the particular unit are allowed DMA access to only
certain regions of the system physical memory
Figure 1. VT-d remapping units located in the Memory Controller
Hub (MCH). Source: intel.com.
In particular, the hypervisor memory should never
be accessible to any DMA device. Otherwise the
attacker can perform a DMA attack, e.g. from a
driver domain, and subvert the hypervisor
redorange
(poke, mem, kill)
12. август 2020. у 03.31
ima dosta reg podesavanja, neka su beskorisna... koristim eussie registry cleaner pre svega.
