WN12-SO-000044 - The system must be configured to disable the Internet Router Discovery Protocol (IRDP).

Information

The Internet Router Discovery Protocol (IRDP) is used to detect and configure default gateway addresses on the computer. If a router is impersonated on a network, traffic could be routed through the compromised system.

Solution

Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> 'MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)' to 'Disabled'.

(See 'Updating the Windows Security Options File' in the STIG Overview document if MSS settings are not visible in the system's policy tools.)

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_2012_and_2012_R2_DC_V3R4_STIG.zip

Item Details

References: CAT|III, CCI|CCI-002385, Rule-ID|SV-226308r794563_rule, STIG-ID|WN12-SO-000044, STIG-Legacy|SV-52926, STIG-Legacy|V-4112, Vuln-ID|V-226308

Plugin: Windows

Control ID: 7bacaf7c245120be45a99d875230a08ffd5b2e52fa0df6d73e1b94778a3e1769