RE: [Full-Disclosure] [Tool] HardTCP "Hardening TCP/IP" + SOURCE

[DWreck <dwr3ckmailbox-fulldisclosure@xxxxxxxxx>]

Need to be careful when hardening the stack:
 

DefVal(8).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnablePmtuDiscovery")
If DefVal(8).Text = "Error" Then DefVal(8).Text = "NP"
 
Disabling PMTU discovery sets the default MTU to 576 for all foreign networks.  
In a properly segmented environment this setting can cause 3X the amount of 
packets sent between VLANs.


DefVal(11).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "PerformRouterDiscovery")
If DefVal(11).Text = "Error" Then DefVal(11).Text = "NP"


Note:  Make sure IDRP is not in use in the client?s perimeter network.

Also, since the interface name changes whenever NICs are added/removed, keeping 
this edit in can be rough in large environments.

As for the rest, I've had 0 issues with the settings when implementing across 
2000+ servers.



Thanks,

DWreck

CONFIDENTIALITY NOTICE: This e-mail and any attachments thereto may contain 
information which is privileged and confidential, and is intended for the sole 
use of the recipient(s) named above. Any use of the information contained 
herein (including, but not limited to, total or partial reproduction, 
communication or distribution in any form) by persons other than the designated 
recipient(s) is strictly prohibited. If you have received this e-mail in error, 
please notify the sender either by telephone or by e-mail and delete the 
material from any computer. Thank you for your cooperation.