RE: Hardening TCP/IP Stack; conflicting sources

From: Jannie Hanekom (j_hanekom_at_hotmail.com)
Date: 03/21/04

Next message: Sarbjit Singh Gill: "RE: Hardening TCP/IP Stack; conflicting sources"

Previous message: dave kleiman: "RE: Hardening TCP/IP Stack; conflicting sources"
In reply to: captmeoff_at_yahoo.com: "Hardening TCP/IP Stack; conflicting sources"
Next in thread: Sarbjit Singh Gill: "RE: Hardening TCP/IP Stack; conflicting sources"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <focus-ms@securityfocus.com>
Date: Sun, 21 Mar 2004 10:09:46 -0000

The Microsoft Knowledge Base (usually the authority I trust on these) says:

HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\NoNameReleaseOnDeman
d
http://support.microsoft.com/?id=269239
http://support.microsoft.com/?id=315669

EnableFragmentChecking seems to have been under IPFilterDriver in NT 4.0,
but moved to Tcpip in Windows 2000, possibly in accordance with RRAS's
functionality being integrated into the base OS. It's rare, but it happens.
The following documents (indicating IPFilterDriver) are all specific to NT
4.0:
http://support.microsoft.com/?id=189594
http://support.microsoft.com/?id=168469
http://support.microsoft.com/?id=189099

However, this document uses Tcpip in reference to Windows 2000:
http://msdn.microsoft.com/library/en-us/dnnetsec/html/HTHardTCP.asp?frame=tr
ue

I'm afraid I don't have a straight answer on the second one. My hunch says
to put it in Tcpip, but it's better to implement and test.

Jan

-----Original Message-----
From: captmeoff@yahoo.com [mailto:captmeoff@yahoo.com]
Sent: 20 March 2004 21:24
To: focus-ms@securityfocus.com
Subject: Hardening TCP/IP Stack; conflicting sources

Which path is correct for Windows 2000 Server? I've seen both.

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NoNameReleaseOnDeman
d

-or-

HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\NoNameReleaseOnDeman
d

as well as this one:

HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableFragmentChecki
ng

- or -

HKLM\SYSTEM\CurrentControlSet\Services\IPFilterDriver\Parameters\EnableFragm
entChecking

---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with
Astaro Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost
of ownership.

Download your free trial at
http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
---------------------------------------------------------------------------

Next message: Sarbjit Singh Gill: "RE: Hardening TCP/IP Stack; conflicting sources"

Previous message: dave kleiman: "RE: Hardening TCP/IP Stack; conflicting sources"
In reply to: captmeoff_at_yahoo.com: "Hardening TCP/IP Stack; conflicting sources"
Next in thread: Sarbjit Singh Gill: "RE: Hardening TCP/IP Stack; conflicting sources"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: MS website - info please, NOT, Two-faced answers!
... experience with both security updates and searching the MSKB. ... Description of the format of Microsoft Knowledge Base articles for Microsoft ... How to query the Microsoft Knowledge Base by using keywords and query words: ...
(microsoft.public.windowsxp.basics)
Re: Please Help
... Microsoft Knowledge Base for the following article that tells you what value entries to ... And if you really want to reset security back to defaults, ...
(microsoft.public.win2000.security)