Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[TOOL] Windows TCP/IP Stack Hardening Tool

from [SecuriTeam] Network Security [Permanent Link]
Subject: [TOOL] Windows TCP/IP Stack Hardening Tool
Date: 14 Aug 2005 17:40:41 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  Windows TCP/IP Stack Hardening Tool
------------------------------------------------------------------------


SUMMARY



DETAILS

The following tool was designed to harden the Windows TCP/IP stack against 
different types of DoS attacks. The tool also provides a simple to use 
GUI. The tool has been tested to work under all versions of Windows XP and 
Windows 2000.

You can download the tool's source code from:  
<http://www.securitywireless.info/download/sourceHard.txt> 
http://www.securitywireless.info/download/sourceHard.txt

Tool Source:
Private Sub cmdRetrive_Click()

DefVal(0).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnableICMPRedirect")
If DefVal(0).Text = "Error" Then DefVal(0).Text = "NP"
 
DefVal(1).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "SynAttackProtect")
If DefVal(1).Text = "Error" Then DefVal(1).Text = "NP"
 
DefVal(2).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxConnectResponseRetransmissions")
If DefVal(2).Text = "Error" Then DefVal(2).Text = "NP"

DefVal(3).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TcpMaxHAlfOpen")
If DefVal(3).Text = "Error" Then DefVal(3).Text = "NP"

DefVal(4).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxHalfOpenRetired")
If DefVal(4).Text = "Error" Then DefVal(4).Text = "NP"

DefVal(5).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxPortsExhausted")
If DefVal(5).Text = "Error" Then DefVal(5).Text = "NP"

DefVal(6).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxDataRetransmissions")
If DefVal(6).Text = "Error" Then DefVal(6).Text = "NP"

DefVal(7).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnableDeadGwDetect")
If DefVal(7).Text = "Error" Then DefVal(7).Text = "NP"

DefVal(8).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnablePmtuDiscovery")
If DefVal(8).Text = "Error" Then DefVal(8).Text = "NP"

DefVal(9).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "DisableIPSourceRouting")
If DefVal(9).Text = "Error" Then DefVal(9).Text = "NP"

DefVal(10).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "NonameReleaseOnDemand")
If DefVal(10).Text = "Error" Then DefVal(10).Text = "NP"

DefVal(11).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "PerformRouterDiscovery")
If DefVal(11).Text = "Error" Then DefVal(11).Text = "NP"

DefVal(12).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "KeepAliveTime ")
If DefVal(12).Text = "Error" Then DefVal(12).Text = "NP"

End Sub

Private Sub cmdHArdreg_Click()

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"EnableICMPRedirect", DefVal(25).Text
DefVal(0).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnableICMPRedirect")
If DefVal(0).Text = "Error" Then DefVal(0).Text = "NP"
 
SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"SynAttackProtect", DefVal(24).Text
DefVal(1).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "SynAttackProtect")
If DefVal(1).Text = "Error" Then DefVal(1).Text = "NP"
 
SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"TCPMaxConnectResponseRetransmissions", DefVal(23).Text
DefVal(2).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxConnectResponseRetransmissions")
If DefVal(2).Text = "Error" Then DefVal(2).Text = "NP"

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"TcpMaxHAlfOpen", DefVal(22).Text
DefVal(3).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TcpMaxHAlfOpen")
If DefVal(3).Text = "Error" Then DefVal(3).Text = "NP"

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"TCPMaxHalfOpenRetired", DefVal(21).Text
DefVal(4).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxHalfOpenRetired")
If DefVal(4).Text = "Error" Then DefVal(4).Text = "NP"

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"TCPMaxPortsExhausted", DefVal(20).Text
DefVal(5).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxPortsExhausted")
If DefVal(5).Text = "Error" Then DefVal(5).Text = "NP"

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"TCPMaxDataRetransmissions", DefVal(19).Text
DefVal(6).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxDataRetransmissions")
If DefVal(6).Text = "Error" Then DefVal(6).Text = "NP"

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"EnableDeadGwDetect", DefVal(18).Text
DefVal(7).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnableDeadGwDetect")
If DefVal(7).Text = "Error" Then DefVal(7).Text = "NP"

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"EnablePmtuDiscovery", DefVal(17).Text
DefVal(8).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnablePmtuDiscovery")
If DefVal(8).Text = "Error" Then DefVal(8).Text = "NP"

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"DisableIPSourceRouting", DefVal(16).Text
DefVal(9).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "DisableIPSourceRouting")
If DefVal(9).Text = "Error" Then DefVal(9).Text = "NP"

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"NonameReleaseOnDemand", DefVal(15).Text
DefVal(10).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "NonameReleaseOnDemand")
If DefVal(10).Text = "Error" Then DefVal(10).Text = "NP"

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"PerformRouterDiscovery", DefVal(14).Text
DefVal(11).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "PerformRouterDiscovery")
If DefVal(11).Text = "Error" Then DefVal(11).Text = "NP"

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"KeepAliveTime", DefVal(13).Text
DefVal(12).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "KeepAliveTime ")
If DefVal(12).Text = "Error" Then DefVal(12).Text = "NP"
End Sub

Private Sub Command3_Click()
Check1(0).Value = 1
Check1(1).Value = 1
Check1(2).Value = 1
Check1(3).Value = 1
Check1(4).Value = 1
Check1(5).Value = 1
Check1(6).Value = 1
Check1(7).Value = 1
Check1(8).Value = 1
Check1(9).Value = 1
Check1(10).Value = 1
Check1(11).Value = 1
Check1(12).Value = 1

End Sub

Private Sub Autore_Click()
Frame3.Visible = True

End Sub

Private Sub Command1_Click(Index As Integer)
On Error GoTo GestoreErrori
Dim msg As String

msg = msg & "Are you Sure?"

If MsgBox(msg, vbQuestion + vbYesNo, "ATTENTION!") = vbYes Then

If Check1(0).Value = vbChecked Then

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"EnableICMPRedirect", DefVal(25).Text
DefVal(0).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnableICMPRedirect")
If DefVal(0).Text = "Error" Then DefVal(0).Text = "NP"
 
 End If

If Check1(1).Value = vbChecked Then
 
 
SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"SynAttackProtect", DefVal(24).Text
DefVal(1).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "SynAttackProtect")
If DefVal(1).Text = "Error" Then DefVal(1).Text = "NP"

End If

If Check1(2).Value = vbChecked Then
 
SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"TCPMaxConnectResponseRetransmissions", DefVal(23).Text
DefVal(2).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxConnectResponseRetransmissions")
If DefVal(2).Text = "Error" Then DefVal(2).Text = "NP"

End If
If Check1(3).Value = vbChecked Then
SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"TcpMaxHAlfOpen", DefVal(22).Text
DefVal(3).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TcpMaxHAlfOpen")
If DefVal(3).Text = "Error" Then DefVal(3).Text = "NP"

End If
If Check1(4).Value = vbChecked Then
SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"TCPMaxHalfOpenRetired", DefVal(21).Text
DefVal(4).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxHalfOpenRetired")
If DefVal(4).Text = "Error" Then DefVal(4).Text = "NP"

End If
If Check1(5).Value = vbChecked Then
SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"TCPMaxPortsExhausted", DefVal(20).Text
DefVal(5).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxPortsExhausted")
If DefVal(5).Text = "Error" Then DefVal(5).Text = "NP"

End If
If Check1(6).Value = vbChecked Then

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"TCPMaxDataRetransmissions", DefVal(19).Text
DefVal(6).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxDataRetransmissions")
If DefVal(6).Text = "Error" Then DefVal(6).Text = "NP"

End If
If Check1(7).Value = vbChecked Then

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"EnableDeadGwDetect", DefVal(18).Text
DefVal(7).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnableDeadGwDetect")
If DefVal(7).Text = "Error" Then DefVal(7).Text = "NP"

End If
If Check1(8).Value = vbChecked Then

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"EnablePmtuDiscovery", DefVal(17).Text
DefVal(8).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnablePmtuDiscovery")
If DefVal(8).Text = "Error" Then DefVal(8).Text = "NP"

End If
If Check1(9).Value = vbChecked Then
SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"DisableIPSourceRouting", DefVal(16).Text
DefVal(9).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "DisableIPSourceRouting")
If DefVal(9).Text = "Error" Then DefVal(9).Text = "NP"

End If
If Check1(10).Value = vbChecked Then

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"NonameReleaseOnDemand", DefVal(15).Text
DefVal(10).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "NonameReleaseOnDemand")
If DefVal(10).Text = "Error" Then DefVal(10).Text = "NP"

End If
If Check1(11).Value = vbChecked Then
SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"PerformRouterDiscovery", DefVal(14).Text
DefVal(11).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "PerformRouterDiscovery")
If DefVal(11).Text = "Error" Then DefVal(11).Text = "NP"

End If

If Check1(12).Value = vbChecked Then

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters", 
"KeepAliveTime", DefVal(13).Text
DefVal(12).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "KeepAliveTime")
If DefVal(12).Text = "Error" Then DefVal(12).Text = "NP"

End If

GestoreErrori:

If Err.Number = 13 Then

MsgBox "Wrong Value!", vbCritical, "ERRORE"
End If
End If

End Sub

Private Sub Command2_Click()
Frame3.Visible = False

End Sub

Private Sub Command4_Click()
Check1(0).Value = 0
Check1(1).Value = 0
Check1(2).Value = 0
Check1(3).Value = 0
Check1(4).Value = 0
Check1(5).Value = 0
Check1(6).Value = 0
Check1(7).Value = 0
Check1(8).Value = 0
Check1(9).Value = 0
Check1(10).Value = 0
Check1(11).Value = 0
Check1(12).Value = 0
End Sub

Private Sub Command5_Click()
Check2(0).Value = 1
Check2(1).Value = 1
Check2(2).Value = 1
Check2(3).Value = 1

End Sub

Private Sub Command6_Click()
Check2(0).Value = 0
Check2(1).Value = 0
Check2(2).Value = 0
Check2(3).Value = 0
End Sub

Private Sub Form_Load()


DefVal(0).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnableICMPRedirect")
If DefVal(0).Text = "Error" Then DefVal(0).Text = "NP"
 

DefVal(1).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "SynAttackProtect")
If DefVal(1).Text = "Error" Then DefVal(1).Text = "NP"
 

DefVal(2).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxConnectResponseRetransmissions")
If DefVal(2).Text = "Error" Then DefVal(2).Text = "NP"

DefVal(3).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TcpMaxHAlfOpen")
If DefVal(3).Text = "Error" Then DefVal(3).Text = "NP"

DefVal(4).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxHalfOpenRetired")
If DefVal(4).Text = "Error" Then DefVal(4).Text = "NP"

DefVal(5).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxPortsExhausted")
If DefVal(5).Text = "Error" Then DefVal(5).Text = "NP"

DefVal(6).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "TCPMaxDataRetransmissions")
If DefVal(6).Text = "Error" Then DefVal(6).Text = "NP"

DefVal(7).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnableDeadGwDetect")
If DefVal(7).Text = "Error" Then DefVal(7).Text = "NP"

DefVal(8).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "EnablePmtuDiscovery")
If DefVal(8).Text = "Error" Then DefVal(8).Text = "NP"

DefVal(9).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "DisableIPSourceRouting")
If DefVal(9).Text = "Error" Then DefVal(9).Text = "NP"

DefVal(10).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "NonameReleaseOnDemand")
If DefVal(10).Text = "Error" Then DefVal(10).Text = "NP"

DefVal(11).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "PerformRouterDiscovery")
If DefVal(11).Text = "Error" Then DefVal(11).Text = "NP"

DefVal(12).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters",
 "KeepAliveTime")
If DefVal(12).Text = "Error" Then DefVal(12).Text = "NP"

DeflValW(0).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters",
 "EnableDynamicBacklog")
If DeflValW(0).Text = "Error" Then DeflValW(0).Text = "NP"

DeflValW(1).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters",
 "MinimumDynamicBacklog")
If DeflValW(1).Text = "Error" Then DeflValW(1).Text = "NP"

DeflValW(2).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters",
 "MaximumDynamicBacklog")
If DeflValW(2).Text = "Error" Then DeflValW(2).Text = "NP"

DeflValW(3).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters",
 "DynamicBacklogGrowthDelta")
If DeflValW(3).Text = "Error" Then DeflValW(3).Text = "NP"

End Sub

Private Sub Label1_Click()
MsgBox "EnableICMPRedirect  When ICMP redirects are disabled (by setting 
the value to 0), attackers cannot carry out attacks that require a host to 
redirect the ICMP-based attack to a third party.", , "Help"

End Sub

Private Sub Label10_Click()
MsgBox "DisableIPSourceRouting  Determines whether a computer allows 
clients to predetermine the route that packets take to their destination. 
When this value is set to 2, the computer will disable source routing for 
IP packets.", , "Help"
End Sub

Private Sub Label11_Click()
MsgBox "NoNameReleaseOnDemand  Determines whether the computer will 
release its NetBIOS name if requested by another computer or a malicious 
packet attempting to hijack the computer's NetBIOS name.", , "Help"
End Sub

Private Sub Label12_Click()
MsgBox "PerformRouterDiscovery  Determines whether the computer performs 
router discovery on this interface. Router discovery solicits router 
information from the network and adds the information retrieved to the 
route table. Setting this value to 0 will prevent the interface from 
performing router discovery.", , "Help"
End Sub

Private Sub Label13_Click()
MsgBox "Keep Alive settings control how Windows manages connection keep 
alive transmissions. Including the timeout before keepalives are sent and 
the interval between keepalive transmissions.", , "Help"

End Sub

Private Sub Label14_Click()
MsgBox "EnableDynamicBacklog  Switches between using a static backlog and 
a dynamic backlog. By default, this parameter is set to 0, which enables 
the static backlog. You should enable the dynamic backlog for better 
security on Winsock.", , "Help"
End Sub

Private Sub Label15_Click()
MsgBox "MinimumDynamicBacklog  Controls the minimum number of free 
connections allowed on a listening Winsock endpoint. If the number of free 
connections drops below this value, a thread is queued to create 
additional free connections. Making this value too large (setting it to a 
number greater than 100) will degrade the performance of the computer.", , 
"Help"
End Sub

Private Sub Label16_Click()
MsgBox "MaximumDynamicBacklog  Controls the maximum number of half-open 
and free connections to Winsock endpoints. If this value is reached, no 
additional free connections will be made.", , "Help"
End Sub

Private Sub Label17_Click()
MsgBox "DynamicBacklogGrowthDelta  Controls the number of Winsock 
endpoints in each allocation pool requested by the computer. Setting this 
value too high can cause system resources to be unnecessarily occupied.", 
, "Help"
End Sub

Private Sub Label2_Click()
MsgBox "SynAttackProtect  Enables SYN flood protection in Windows 2000 and 
Windows XP. You can set this value to 0, 1, or 2. The default setting, 0, 
provides no protection. Setting the value to 1 will activate SYN/ACK 
protection contained in the TCPMaxPortsExhausted, TCPMaxHalfOpen, and 
TCPMaxHalfOpenRetried values. Setting the value to 2 will protect against 
SYN/ACK attacks by more aggressively timing out open and half-open 
connections.", , "Help"

End Sub

Private Sub Label3_Click()

MsgBox "TCPMaxConnectResponseRetransmissions  Determines how many times 
TCP retransmits an unanswered SYN/ACK message. TCP retransmits 
acknowledgments until the number of retransmissions specified by this 
value is reached.", , "Help"

End Sub

Private Sub Label4_Click()
MsgBox "TcpMaxHalfOpen parameter controls the number of connections in the 
SYN-RCVD state allowed before SYN-ATTACK protection begins to operate.", , 
"Help"
End Sub

Private Sub Label5_Click()
MsgBox "TCPMaxHalfOpenRetired  Determines how many connections the server 
can maintain in the half-open state even after a connection request has 
been retransmitted. If the number of connections exceeds the value of this 
entry, TCP/IP initiates SYN flooding attack protection. This entry is used 
only when SYN flooding attack protection is enabled on this server that 
is, when the value of the SynAttackProtect entry is 1 and the value of the 
TCPMaxConnectResponseRetransmissions entry is at least 2.", , "Help"
End Sub

Private Sub Label6_Click()
MsgBox "TCPMaxPortsExhausted  Determines how many connection requests the 
system can refuse before TCP/IP initiates SYN flooding attack protection. 
The system must refuse all connection requests when its reserve of open 
connection ports runs out. This entry is used only when SYN flooding 
attack protection is enabled on this server that is, when the value of the 
SynAttackProtect entry is 1, and the value of the 
TCPMaxConnectResponseRetransmissions entry is at least 2.", , "Help"
End Sub

Private Sub Label7_Click()
MsgBox "TCPMaxDataRetransmissions  Determines how many times TCP 
retransmits an unacknowledged data segment on an existing connection. TCP 
retransmits data segments until they are acknowledged or until the number 
of retransmissions specified by this value is reached.", , "Help"
End Sub

Private Sub Label8_Click()
MsgBox "EnableDeadGWDetect  Determines whether the computer will attempt 
to detect dead gateways. When dead gateway detection is enabled (by 
setting this value to 1), TCP might ask IP to change to a backup gateway 
if a number of connections are experiencing difficulty. Backup gateways 
are defined in the TCP/IP configuration dialog box in Network Control 
Panel for each adapter. When you leave this setting enabled, it is 
possible for an attacker to redirect the server to a gateway of his 
choosing.", , "Help"
End Sub

Private Sub Label9_Click()
MsgBox "EnablePMTUDiscovery  Determines whether path MTU discovery is 
enabled (1), in which TCP attempts to discover the largest packet size 
over the path to a remote host. When path MTU discovery is disabled (0), 
the path MTU for all TCP connections will be fixed at 576 bytes.", , 
"Help"
End Sub

Private Sub Web_Click()
Unload Me
End Sub

Private Sub winsok_Click(Index As Integer)
On Error GoTo GestoreErrori
Dim msg As String

msg = msg & "Are you Sure?"

If MsgBox(msg, vbQuestion + vbYesNo, "ATTENTION!") = vbYes Then

If Check2(0).Value = vbChecked Then

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"EnableDynamicBacklog", DeflValW(7).Text
DeflValW(0).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters",
 "EnableDynamicBacklog")
If DeflValW(0).Text = "Error" Then DeflValW(0).Text = "NP"

End If

If Check2(1).Value = vbChecked Then

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"MinimumDynamicBacklog", DeflValW(6).Text
DeflValW(1).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters",
 "MinimumDynamicBacklog")
If DeflValW(1).Text = "Error" Then DeflValW(1).Text = "NP"

End If

If Check2(2).Value = vbChecked Then

SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"MaximumDynamicBacklog", DeflValW(5).Text
DeflValW(2).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters",
 "MaximumDynamicBacklog")
If DeflValW(2).Text = "Error" Then DeflValW(2).Text = "NP"

End If

If Check2(3).Value = vbChecked Then


SetDWORDValue 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters", 
"DynamicBacklogGrowthDelta", DeflValW(4).Text
DeflValW(3).Text = 
GetDWORDValue("HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters",
 "DynamicBacklogGrowthDelta")
If DeflValW(3).Text = "Error" Then DeflValW(3).Text = "NP"

End If

GestoreErrori:

If Err.Number = 13 Then

MsgBox "Wrong Value!", vbCritical, "ERRORE"
End If

End If

End Sub

' EoF


ADDITIONAL INFORMATION

The information has been provided by  <mailto:admin@securitywireless.info> 
D'Amato Luigi.
To keep updated with the tool visit the project's homepage at:  
<http://www.securitywireless.info/> http://www.securitywireless.info/



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [TOOL] Windows TCP/IP Stack Hardening Tool, SecuriTeam <=
Previous by Date:  [NT] Ares FileShare Buffer Overflow, SecuriTeam
Next by Date:  [TOOL] PA168 Web Interface Password Brute Forcer, SecuriTeam
Previous by Thread:  [NT] Ares FileShare Buffer Overflow, SecuriTeam
Next by Thread:  [TOOL] PA168 Web Interface Password Brute Forcer, SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]