[TOOL] Zigstack - TCP/IP Stack Hardening for Windows

From: SecuriTeam (support_at_securiteam.com)
Date: 02/05/04

  • Next message: SecuriTeam: "[NT] The Palace Stack Overflow Vulnerability" 
    To: list@securiteam.com
Date: 5 Feb 2004 19:33:08 +0200

    The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
    - - promotion

    The SecuriTeam alerts list - Free, Accurate, Independent.

    Get your security news from a reliable source.
    http://www.securiteam.com/mailinglist.html

    - - - - - - - - -

      Zigstack - TCP/IP Stack Hardening for Windows
    ------------------------------------------------------------------------

    DETAILS

    The TCP/IP protocol suite implementation for Windows NT/2K/XP/2003 obtains
    all of its configuration data from the registry. This information is
    written to the registry by the Setup program. Some customer installations
    may require changes to certain default values. To handle these cases,
    optional registry parameters can be created to modify the default behavior
    of some parts of the protocol drivers.

    All of the TCP/IP parameters are registry values located under the
    registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

    Features:
     * GUI (The tool GUI is written in Delphi)
     * OS and already implemented methods auto detection

    Available methods:
     * TCP data retransmission
     * TCP ports exhausted
     * Perform router discovery
     * Window scaling and timestamp
     * ICMP redirect
     * IP source routing
     * Syn attack protection
     * Dead gateway detection protection, and more.

    ADDITIONAL INFORMATION

    The tool can be downloaded from:
    <http://xaitax.de/bin/full/zigstack_v4.rar>
    http://xaitax.de/bin/full/zigstack_v4.rar.

    The information has been provided by <mailto:ah@primepage.de> Alexander
    'xaitax' Hagenah.

    ========================================

    This bulletin is sent to members of the SecuriTeam mailing list.
    To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
    In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

    ====================
    ====================

    DISCLAIMER:
    The information in this bulletin is provided "AS IS" without warranty of any kind.
    In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

  • Next message: SecuriTeam: "[NT] The Palace Stack Overflow Vulnerability"

    Relevant Pages