The system must be configured to prevent IP source routing

-

hell,

configured the policy. 

computer configuration -> windows settings -> security settings -> local policies -> security options -> "mss: (disableipsourcerouting) ip source routing protection level (protects against packet spoofing)" "highest protection, source routing disabled".

but  don't know how check functionality of rule. windows  protecting "protects against packet spoofing" or not.


hi vijay,

source routing allows computer sends packet specify route packet takes. attackers can use source routed packets obscure identity , location.

if configure setting 0: source routed packets allowed.

if configure setting 1: source routed packets ignored when ip forwarding enabled. if have configured forwarder in environment, packet, source route has been changed forwarder, accepted. , other packet source route has been configured blocked.

if configure setting 2: source routed packets ignored when ip forwarding enabled. packer have configure source route blocked.

best regards,

jay

please remember mark replies answers if help.
if have feedback technet subscriber support, contact tnmff@microsoft.com.



Windows Server  >  Group Policy



Comments

Post a Comment

Popular posts from this blog

Schannel Issue

-
hello there, i have windows 2008 r2 machine. , have hosted sharepoint 2010 on it. i have site have published on internet. i don't know whether it's related , getting error unable resolve or come conclusion. it's pretty frequent. my server patched latest updates. log name:      system source:        schannel date:          8/12/2011 3:49:43 pm event id:      36887 task category: none level:         error keywords:      user:          system computer:      mycomp.domain.com description: following fatal alert received: 42.   the above error doesn't provide info . could please me identify issue , possible solution ? there have been lot of posts one. i believe can safely ignored...
Read more

Indexing Server

-
just quick question - 2008 have indexing server? can't see option - , want setup web based search engine using indexing server catalogs , asp.net....   it availble? does not based on - http://technet2.microsoft.com/windowsserver2008/en/library/82bac070-bee4-452e-a783-3ce31b5e1d0f1033.mspx?mfr=true Windows Server  >  Management
Read more

oclist /xml or /?

-
oclist have qualifiers? can behaviour changed, example output xml?   given previous comments andrew m , comments in forums , blogs think answer no, it’s simple app calling underlying api, thought i'd ask can't seem find anything.   why asking question? i'd @ least 2 things oclist (apart nicer looking output [which i'm not going get], dependances listed [dicussed in forum , ruled out], , refrushing add ad componets , telling use dcpromo [which in banner know]): - whether installing component cuase / require reboot (currently believe qwave , printing services require reboot)   - xml output, can't justify team looking see if can commality with full server   fwiw :j   hi,   oclist not have qualifiers or ways change output. when iis came in late, make oclist output longer, unfortunately late make significant changes.   i'll take feedback , add our list next version.   thanks,   andrew   ...
Read more