Sep 282008
 

IP Soure routing is an option which allows the source of a packet to specify the path that the packet will take, and what path return packets sent back to the source will take. Source routing is useful when the default route that a connection will take fails or is suboptimal for some reason, or for network diagnostic purposes. However, even more is a menace as poses a severe security issue where malicous users can exploit this feature to cause DoS attacks or even bypass LAN security rules in place.


Windows 2008 & Windows Vista by default do not forward source routed packets. However, if you want to change this behaviour to forward source routed packets (not recommended) or to drop all incoming source packets as well as disable forwarding source routed packets then this can be controlled from the Windows Registry.

The following procedure to edit the Windows Registry should help you enable/disable source routed packets and/or drop incoming source routed packets. This applies to Windows Server 2008 & Windows Vista.

1. Click Start -  Search and type “regedit”. This launches the WIndows Registry.

2.  In the registry, navigate to the following registry key

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]

HKEY_LOCAL_MACHINE
\SYSTEM
\CurrentControlSet
\Services
\Tcpip
\Parameters

Disable IP Source Routing in Registry

3. In the right pane, right-click and select New – DWORD (32-bit value) and set its name as “DisableIPSourceRouting” and set its value as one of the following:

“0″ To Forward all packets
“1″ Not to forward source routed packets (default)
“2″ Drop all incoming source routed packets

If you ever would like to return to defaults, simply delete the key or set its value to “1″ (default).

Incoming search terms:

 Leave a Reply

(required)

(required)

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>