| TABLE 1: TCP/IP and NetBIOS DoS Prevention Registry Parameters | ||
| TCP/IP-Based DoS Attacks | ||
| Registry subkey: | ||
| HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters | ||
| Registry Parameter | Recommended Value | Value Meaning |
| SynAttackProtect | 2 | Enable SYN attack protection. |
| EnableDeadGWDetect | 0 | Disable dead gateway detection. |
| EnableICMPRedirect | 0 | Ignore ICMP-redirect messages. |
| EnablePMTUDiscovery | 0 | Disable PMTU discovery. |
| KeepAliveTime | 300,000 | Keep idle connections alive for 5 minutes. |
| NetBIOS-Based DoS Attacks | ||
| Registry subkey: | ||
| HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\ <interface> |
||
| Registry Parameter | Recommended Value | Value Meaning |
| NoNameReleaseOnDemand | 1 | Disable unauthenticated name release. |