Windows 2008 TCP/IP Protocol Stack Hardening (Part 2)

http://winsrvtuts.com/2011/09/windows-2008-tcpip-protocol-stack-hardening-part-2/

As a quick cheat sheet these are the registry values that we added in the video for you to simply copy and paste instead of typing them all out.

Registry Location

HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters

DisableIPSourceRouting

REG_DWORD
Value 2
This will not only disable IP source routed packets but also stop them from being accepted

IPEnableRouter

REG_DWORD
Value 0
This will disable all IP forwarding between interfaces

SynAttackProtect

REG_DWORD
Value 3
This will enable the SYN Attack Protect Function after 3 half open connections are created

TcpMaxConnectResponseRetransmissions

REG_DWORD
Value 1
This will set any SYN / ACK handshake to time out after 3 seconds and will drop the connection after 9 seconds

TcpMaxHalfOpen

REG_DWORD
Value 500
Sets the total number of half open connections a system will allow

TcpMaxHalfOpenRetried

REG_DWORD
Value 400
Sets the total number of half open connections a system try and reestablish

 

Single Post Navigation

← Older Entry

Newer Entry →