Security tips Windows XP

Two security tips for Windows XP:

1. Disable administrative shares:

Modify the key

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters]

by adding or modifying the value:

"AutoShareWks"=dword:00000000 .

---

2. Disable remote registry access:

Method 1: Go to Start->Run and type services.msc and then find Remote Registry service, right click it and choose Properties, then change under Startup type the value to Disabled. You can also stop the service right away.

Method 2: Disable Remote Registry service using the sc command:

sc stop RemoteRegistry
sc config RemoteRegistry start= disabled

Set the default back with:

sc config RemoteRegistry start= auto
sc start RemoteRegistry

String pad function in JavaScript

I've found this mind blowing function for padding a string in JavaScript:

String.prototype.pad = function(l, s, t){
return s || (s = " "), (l -= this.length) > 0 ? (s = new Array(Math.ceil(l / s.length)+ 1).join(s)).substr(0, t = !t ? l : t == 1 ? 0 : Math.ceil(l / 2))+ this + s.substr(0, l - t) : this;
};

Let's break it in pieces :

• The construction String.prototype.pad = function(l, s, t) extends the functionality of the String object adding a new method called pad, which is a function that has three parameters.
• Parameters of the function stand for: l=maximal length of the string, s=padding string and t=type of padding (0=left, 1=right and 2=center).
• An expression which contains an enumeration is evaluated to the last member of the enumeration, therefore the second expression in the return clause will be the result of the function.
• A logical OR expression is evaluated until a member is true, therefore the expression s || (s=" ") actually means: if s contains something then it is true and left alone, otherwise s will contain exactly one space.
• Expression (l-=this.length) makes l contain the number of needed characters for the string to have the required length (if the length of the string is 7 and we want it padded to 20 characters, now the l is 13).
• Is well known the expression like <logical> ? <value_for_true> : <value_for_false>.
• If new l is greater than 0, then computations are required, otherwise the string (referenced using this) is returned as it is.
• Math.ceil(<value>) gives the closest upper integer value of the given value.
• join(<separator>) creates a single string value from the array it is applied to using the given separator string.
• The expression s=new Array(Math.ceil(l/s.length)+1).join(s) creates a new array with a number of elements equal to the number of times s is required to repeat for the string to be padded, plus one (because there are -1 separators involved in such a join), then the empty values are joined using s as a separator. The new value is now assigned to s. For example, if we want the string "xunrage" padded with s="{}" to the left (t=0) for a total length of l=20, first l became 13, and now l/s.length=13/2=6.5, therefore Math.ceil(l/s.length)=7, following that a new array with 8 elements will be created. When joined, only 7 separators forms the result, therefore s="{}{}{}{}{}{}{}".
• substr(<start>,<length>) returns a portion of a string that the function is applied to starting at the given position and having the given length.
• Expression substr(0, t=!t ? l : t == 1 ? 0 : Math.ceil(l/2)) contains two ?: expressions and an assignment in the second parameter of the substr function. The first expression is !t ? l : <the_rest> and the second expression is t==1 ? 0 : Math.ceil(l/2). The value of the entire expression at the end is assigned to t. In our example t=0, therefore !t is true and t=l=13, resulting a string like "{}{}{}{}{}{}{" that will be added to the result.
• Finally, if something left to be added is added at the end, using substr again. For left padding (t=0) there is nothing left to be added because t=l=13 and l-t=0, resulting in "{}{}{}{}{}{}{xunrage". For right padding t=1, we have t=0 initially (t==1 ? 0 : ...) and l-t=13 at the end, resulting in "xunrage{}{}{}{}{}{}{". For center padding t=2 and we have t=Math.ceil(l/2) which is t=Math.ceil(13/2)=Math.ceil(6.5)=7, finally l-t=13-7=6, resulting in "{}{}{}{xunrage{}{}{}".

Now you can see how amazing this one line of code is.

Stop autorun.inf from running in Windows

Put the following into the registry:

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"

Note: @ stands for (Default) value.