UCF STIG Viewer Logo

The system must be configured to disable the Internet Router Discovery Protocol (IRDP).


Overview

Finding ID Version Rule ID IA Controls Severity
V-4112 WN08-SO-000044 SV-48544r1_rule ECSC-1 Low
Description
The Internet Router Discovery Protocol (IRDP) is used to detect and configure default gateway addresses on the computer. If a router is impersonated on a network, traffic could be routed through the compromised system.
STIG Date
Windows 8 Security Technical Implementation Guide 2014-01-07

Details

Check Text ( C-44850r1_chk )
Analyze the system using the Security Configuration and Analysis snap-in. (See "Performing Analysis with the Security Configuration and Analysis Snap-in" in the STIG Overview document.)
Expand the Security Configuration and Analysis tree view.
Navigate to Local Policies -> Security Options.

(See "Updating the Windows Security Options File" in the STIG Overview document if MSS settings are not visible in the system's policy tools.)

If the value for "MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)" is not set to "Disabled", this is a finding.

Registry Hive: HKEY_LOCAL_MACHINE
Subkey: \System\CurrentControlSet\Services\Tcpip\Parameters\

Value Name: PerformRouterDiscovery

Value Type: REG_DWORD
Value: 0
Fix Text (F-41261r1_fix)
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> "MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)" to "Disabled".