lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20040719144520.71975.qmail@web80306.mail.yahoo.com>
From: dwr3ckmailbox-fulldisclosure at yahoo.com (DWreck)
Subject: [Tool] HardTCP "Hardening TCP/IP" + SOURCE

Need to be careful when hardening the stack:
 

DefVal(8).Text = GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", "EnablePmtuDiscovery")
If DefVal(8).Text = "Error" Then DefVal(8).Text = "NP"
 
Disabling PMTU discovery sets the default MTU to 576 for all foreign networks.  In a properly segmented environment this setting can cause 3X the amount of packets sent between VLANs.


DefVal(11).Text = GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", "PerformRouterDiscovery")
If DefVal(11).Text = "Error" Then DefVal(11).Text = "NP"


Note:  Make sure IDRP is not in use in the client’s perimeter network.

Also, since the interface name changes whenever NICs are added/removed, keeping this edit in can be rough in large environments.

As for the rest, I've had 0 issues with the settings when implementing across 2000+ servers.



Thanks,

DWreck

CONFIDENTIALITY NOTICE: This e-mail and any attachments thereto may contain information which is privileged and confidential, and is intended for the sole use of the recipient(s) named above. Any use of the information contained herein (including, but not limited to, total or partial reproduction, communication or distribution in any form) by persons other than the designated recipient(s) is strictly prohibited. If you have received this e-mail in error, please notify the sender either by telephone or by e-mail and delete the material from any computer. Thank you for your cooperation.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040719/676ecf07/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ