Fix DHCP Security Flaw

Posted On 2007-05-03 by FortyPoundHead
Keywords: Fix DHCP Security Flaw (Windows 9x)
Tags:  
Views: 1473


The ICMP Router Discovery Protocol (IRDP) comes enabled by default on DHCP clients that are running Microsoft WIndows 9x/2000 machines. By spoofing IRDP Router Advertisements, an attacker can remotely add default route entries on a remote system.
For full details of this vulnerabilty see the L0pht advisory.
Open your registry and find the key below. Where #### is the binding for TCP/IP. More than one TCP/IP binding may exist.
For each number (eg. 0001) open the key and create a new DWORD value called 'PerformRouterDiscovery' and set the value to equal '0'.
Exit Windows and Restart.

Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Class\NetTrans\####]
Value Name: PerformRouterDiscovery
Data Type: REG_DWORD
Data: (0 = disable, 1 = enable)

More Info: http://support.microsoft.com/support/kb/articles/q216/1/41.asp


About the Author

has posted a total of 1974 articles.


Comments On This Post

No comments on this post yet!


Do you have a thought relating to this post? You can post your comment here. If you have an unrelated question, you can use the Q&A section to ask it.

Or you can drop a note to the administrators if you're not sure where you should post.


Your IP address is:54.166.212.152

Before you can post, you need to prove you are human. If you log in, this test goes away.


Code Links