services.exe modifying synattackprotect?

From: techlists@xxxxxxxxxxx
Date: Thu, 9 Dec 2010 17:23:27 +0000 (UTC)

Why would 'C:\Windows\system32\services.exe' be trying to change the following registry key?

\REGISTRY\MACHINE\SYSTEM\ControlSet\SERVICES\TCPIP\PARAMETERS\SYNATTACKPROTECT

Is this an indication of an attack or a normal part of the 'services.exe' process?

PG

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Follow-Ups:
- RE: services.exe modifying synattackprotect?
  - From: Style War
- Re: services.exe modifying synattackprotect?
  - From: Christophe Vandeplas

References:
- RE: A L0phCrack Alternative
  - From: Tom Steele

Prev by Date: How to become a pentester
Next by Date: Re: felons as pentesters
Previous by thread: RE: A L0phCrack Alternative
Next by thread: Re: services.exe modifying synattackprotect?
Index(es):
- Date
- Thread

Relevant Pages

Re: Assessing the security awareness of web users at a national level
... IRC, facebook, myspace, etc) or the different attack vectors (e.g. virus ... Information Assurance Certification Review Board ... Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. ...
(Pen-Test)
Re: demoing sslv2 vulns
... This might not be a stand alone attack, however for a POC you can use ... and modify this list and remove strong cipher suites. ... only pick a weak cipher and thus the encryption is much weaker as one would ... Information Assurance Certification Review Board ...
(Pen-Test)
RE: Programming SKills for PT...?
... trying to attack a Web based application: ... Instructor-Led and Online formats is the most concentrated exam prep ... Comprehensive course materials and an expert instructor means ... Information Assurance Certification Review Board ...
(Pen-Test)
Re: Leased Lines
... Depending on the physical plant in your immediate vicinity, the attack ... the DSL circuit was installed in a unlocked ... I'm looking for any information related to the security of leased ... Information Assurance Certification Review Board ...
(Pen-Test)
Re: Assessing the security awareness of web users at a national level
... awareness level of my fellow citizens concerning social engineering attacks ... will record whether the users clicked on the download button/malicious link ... IRC, facebook, myspace, etc) or the different attack vectors (e.g. virus ... Information Assurance Certification Review Board ...
(Pen-Test)