Information
This policy setting helps prevent a computer from receiving unicast responses to its outgoing multicast or broadcast messages. Typically, you would not want to receive unicast responses to multicast or broadcast messages. Such responses can indicate a denial of service (DoS) attack or an attempt to probe a known computer.
Solution
Configure the following Group Policy setting in a manner that is consistent with the security and operational requirements of your organization-
Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall\Standard Profile\Windows Firewall- Prohibit unicast response to multicast or broadcast requests
Impact- Note This policy setting has no effect if the unicast message is a response to a DHCP broadcast message that is sent by the computer. Windows Firewall always permits those DHCP responses. However, this policy setting can interfere with the NetBIOS messages that detect name conflicts.