RE: Hardening TCP/IP Stack; conflicting sources

From: Jannie Hanekom (j_hanekom_at_hotmail.com)
Date: 03/21/04

  • Next message: Sarbjit Singh Gill: "RE: Hardening TCP/IP Stack; conflicting sources"
    To: <focus-ms@securityfocus.com>
    Date: Sun, 21 Mar 2004 10:09:46 -0000
    
    

    The Microsoft Knowledge Base (usually the authority I trust on these) says:

    HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\NoNameReleaseOnDeman
    d
    http://support.microsoft.com/?id=269239
    http://support.microsoft.com/?id=315669

    EnableFragmentChecking seems to have been under IPFilterDriver in NT 4.0,
    but moved to Tcpip in Windows 2000, possibly in accordance with RRAS's
    functionality being integrated into the base OS. It's rare, but it happens.
    The following documents (indicating IPFilterDriver) are all specific to NT
    4.0:
    http://support.microsoft.com/?id=189594
    http://support.microsoft.com/?id=168469
    http://support.microsoft.com/?id=189099

    However, this document uses Tcpip in reference to Windows 2000:
    http://msdn.microsoft.com/library/en-us/dnnetsec/html/HTHardTCP.asp?frame=tr
    ue

    I'm afraid I don't have a straight answer on the second one. My hunch says
    to put it in Tcpip, but it's better to implement and test.

    Jan

    -----Original Message-----
    From: captmeoff@yahoo.com [mailto:captmeoff@yahoo.com]
    Sent: 20 March 2004 21:24
    To: focus-ms@securityfocus.com
    Subject: Hardening TCP/IP Stack; conflicting sources

    Which path is correct for Windows 2000 Server? I've seen both.

    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NoNameReleaseOnDeman
    d

    -or-

    HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\NoNameReleaseOnDeman
    d

    as well as this one:

    HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableFragmentChecki
    ng

    - or -

    HKLM\SYSTEM\CurrentControlSet\Services\IPFilterDriver\Parameters\EnableFragm
    entChecking

    ---------------------------------------------------------------------------
    Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
    wireless security

    Protect your network against hackers, viruses, spam and other risks with
    Astaro Security Linux, the comprehensive security solution that combines six
    applications in one software solution for ease of use and lower total cost
    of ownership.

    Download your free trial at
    http://www.securityfocus.com/sponsor/Astaro_focus-ms_040301
    ---------------------------------------------------------------------------


  • Next message: Sarbjit Singh Gill: "RE: Hardening TCP/IP Stack; conflicting sources"

    Relevant Pages

    • Re: MS website - info please, NOT, Two-faced answers!
      ... experience with both security updates and searching the MSKB. ... Description of the format of Microsoft Knowledge Base articles for Microsoft ... How to query the Microsoft Knowledge Base by using keywords and query words: ...
      (microsoft.public.windowsxp.basics)
    • Re: Please Help
      ... Microsoft Knowledge Base for the following article that tells you what value entries to ... And if you really want to reset security back to defaults, ...
      (microsoft.public.win2000.security)