Disables DHCP Router Discovery
The ICMP Router Discovery Protocol (IRDP) comes enabled by default for Windows clients using DHCP. This can be a security issue because by spoofing IRDP Router Advertisements, an attacker can remotely add default route entries on a remote system.
Open your registry and find the key below for your operating system.
Windows 95, 98 and Me
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Class\NetTrans\####]
Where #### is the protocol binding for TCP/IP. More than one TCP/IP binding may exist.
Windows NT, 2000 and XP [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
Create a new DWORD value called "PerformRouterDiscovery" and set the value to equal "0" to disable router discovery.
Restart Windows for the change to take effect.
Note: It is recommended that you disable this value as it is a possible security flaw in the DHCP service.
Settings:
System Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
Name: PerformRouterDiscovery
Type: REG_DWORD (DWORD Value)
Value: (0 = disabled, 1 = enabled)
Open your registry and find the key below for your operating system.
Windows 95, 98 and Me
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Class\NetTrans\####]
Where #### is the protocol binding for TCP/IP. More than one TCP/IP binding may exist.
Windows NT, 2000 and XP [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
Create a new DWORD value called "PerformRouterDiscovery" and set the value to equal "0" to disable router discovery.
Restart Windows for the change to take effect.
Note: It is recommended that you disable this value as it is a possible security flaw in the DHCP service.
Settings:
System Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
Name: PerformRouterDiscovery
Type: REG_DWORD (DWORD Value)
Value: (0 = disabled, 1 = enabled)