Hi, I am hardening OS: Windows 2003 SP 2 and want to check the impact on my application. I want to implement the following "Harden the TCP/IP stack against denial of service attacks" Reference "http://technet.microsoft.com/hi-in/library/dd277307(en-us).aspx". The reference based on Windows 2000 Can you please let me know equivalent registry in Windows 2003? Key: Parameters Value Name: DisableIPSourceRouting REG_DWORD 2 Key: Parameters Value Name: KeepAliveTime REG_DWORD 300,000 Key: Parameters Value Name: PerformRouterDiscovery REG_DWORD 0 Key: Parameters Value Name: SynAttackProtect REG_DWORD 2 Key: Parameters Value Name: TcpMaxConnectResponseRetransmissions REG_DWORD 2 Key: Parameters Value Name: TcpMaxConnectRetransmissions REG_DWORD 3 Key: Parameters Value Name: TcpMaxDataRetransmissions REG_DWORD 3 Key: Parameters Value Name: TCPMaxPortsExhausted REG_DWORD 5

I think this is what you are looking for: How to harden the TCP/IP stack against denial of service attacks in Windows Server 2003 http://support.microsoft.com/kb/324270

Hi , Thanks for the reply. I am using Windows 2003 Standard Edition SP2. I have found "EnableDeadGWDetect " in my registry entry. Do we need to add these entries manually or will come up with some windows patch?

When I checked my Win Server 2003 SP2 machine, in the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters section I found "DeadGWDetectDefault". This should perform the same function as the "EnableDeadGWDetect" entry. According to Microsoft, you should set this to '0'.

Yes, you are correct. What I mean to say that I have found only EnableDeadGWDetect registry Are you able to trace the other entries in your Windows 2003 say SynAttackProtect, EnablePMTUDiscovery, KeepAliveTime and NoNameReleaseOnDemand

I checked my server and it is the same as yours, the values in the article are not there by default. My suggestion would be to create a backup of your registry, add the values listed in the article, and perform testing to confirm your application is working correctly with the new changes. If you have problems, you can always rollback to your original configuration.

Hi, Can you please let me know the exact path where I should place the remaining registry entries(As EnableDeadGWDetect is present in 6 nodes of "Interfaces" TCPIP\Parameters\Interfaces)?