|
|
Focus on Microsoft
RE: TCP/IP Stack Hardening Dec 19 2003 08:12PM Hoffmann, Aran (AHoffmann cta net) (3 replies) RE: TCP/IP Stack Hardening Dec 20 2003 04:29AM Frank Knobbe (frank knobbe us) (1 replies) RE: TCP/IP Stack Hardening Dec 23 2003 12:31AM dave kleiman (dave isecureu com) (1 replies) |
|
Privacy Statement |
I posted this a while back (but I think it was on iislists) maybe that is
the one you are referring too. My old e-mail was dave (at) netmedic (dot) net. [email concealed]
We have most of those on all of our servers, epically if they are in the DMZ
with absolutely no degradation in performance. Maybe Aran just applied them
improperly.
If you actually take the time to read and understand what each one does,
many of them would increase performance.
I will not waste the list time with a play by play but you can read some of
them at: http://support.microsoft.com/default.aspx?scid=kb;en-us;120642
_______________________________
Dave Kleiman, CISSP, MCSE, CIFI
dave (at) isecureu (dot) com [email concealed]
www.SecurityBreachResponse.com
"High achievement always takes place in the framework of high expectation."
Jack Kinder
-----Original Message-----
From: Hoffmann, Aran [mailto:AHoffmann (at) cta (dot) net [email concealed]]
Sent: Friday, December 19, 2003 15:12
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: RE: TCP/IP Stack Hardening
I used to work in a data center with high security requirements and we
applied all the referenced tcp/ip hardening to our Win2k servers. The
results? Crappy network performance and file transfer timeouts but boy were
we secure. As soon as we removed the hardening the network performance
problems went away.
-----Original Message-----
From: James Bowman [mailto:jim (at) drexel (dot) edu [email concealed]]
Sent: Friday, December 19, 2003 9:03 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: TCP/IP Stack Hardening
Wondering if anyone has experienced issues after hardening the TCP/IP stack
under Win2K server?
Specifically, I'm wondering about the potential impact of applying:
(pulled from previous posts - don't recall the original poster, but
thanks...)
HKLM\System\CurrentControlSet\Services\AFD\Parameters\DynamicBacklogGrow
thDelta Dword:A
HKLM\System\CurrentControlSet\Services\AFD\Parameters\EnableDynamicBackl
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]