Windows 2008 TCP/IP Protocol Stack Hardening (Part 2)
http://winsrvtuts.com/2011/09/windows-2008-tcpip-protocol-stack-hardening-part-2/
As a quick cheat sheet these are the registry values that we added in the video for you to simply copy and paste instead of typing them all out.
Registry Location
HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters
DisableIPSourceRouting
REG_DWORD
Value 2
This will not only disable IP source routed packets but also stop them from being accepted
IPEnableRouter
REG_DWORD
Value 0
This will disable all IP forwarding between interfaces
SynAttackProtect
REG_DWORD
Value 3
This will enable the SYN Attack Protect Function after 3 half open connections are created
TcpMaxConnectResponseRetransmissions
REG_DWORD
Value 1
This will set any SYN / ACK handshake to time out after 3 seconds and will drop the connection after 9 seconds
TcpMaxHalfOpen
REG_DWORD
Value 500
Sets the total number of half open connections a system will allow
TcpMaxHalfOpenRetried
REG_DWORD
Value 400
Sets the total number of half open connections a system try and reestablish