XP Firewall Standard Profile – Unicast Response

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-17409	5.421	SV-18465r1_rule	ECSC-1	Medium

Description
The receipt of unicast responses to outgoing multicast or broadcast messages will be blocked when not connected to the domain.

STIG	Date
Windows XP Security Technical Implementation Guide	2012-08-22

Details

Check Text ( C-18116r1_chk )
If the following registry value doesn’t exist or is not configured as specified, then this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Subkey: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\ Value Name: DisableUnicastResponsesToMulticastBroadcast Type: REG_DWORD Value: 1 Note: If a 3rd party firewall is used, document this with the IAO and mark the Windows Firewall settings as Not Applicable. The Desktop/Secure Remote Computing STIGs contain additional requirements for systems used remotely. The XP Firewall does not meet the requirements for personal firewalls from the Desktop/Secure Remote Computing STIGs.

Check Text ( C-18116r1_chk )

If the following registry value doesn’t exist or is not configured as specified, then this is a finding:

Registry Hive: HKEY_LOCAL_MACHINE
Subkey: SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\

Value Name: DisableUnicastResponsesToMulticastBroadcast
Type: REG_DWORD
Value: 1

Note: If a 3rd party firewall is used, document this with the IAO and mark the Windows Firewall settings as Not Applicable. The Desktop/Secure Remote Computing STIGs contain additional requirements for systems used remotely. The XP Firewall does not meet the requirements for personal firewalls from the Desktop/Secure Remote Computing STIGs.

Fix Text (F-17313r1_fix)
Configure the policy value for Computer Configuration -> Administrative Templates -> Network -> Network Connections -> Windows Firewall -> Standard Profile “Windows Firewall: Prohibit unicast response to multicast or broadcast requests” to “Enabled”