ICMP redirect is a type 5 ICMP error message sent by a gateway router to a sending host informing of an optimal alternate route to the destination host and to update its routing table with the new host route to the target destination host.
ICMP Redirects being an inefficient way to update a hosts routing table of an optimal route to a target destination can cause security issues. A malicious hacker with little knowledge about the network can launch a Denail of Service (DoS) attack on a host on the network.
ICMP Redirect is by default enabled in Windows. If ICMP redirects are not required for the host it should be disabled. To disable ICMP Redirects in Windows (windows 2000, Windows XP and higher) you need to edit the Windows Registry and modify the default value for ICMP Redirects.
WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Use Registry Editor at your own risk.
Click Start – Run, type "regedit" and press enter.
Once into Windows Registry, navigate to
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
In the right pane, double-click "EnableICMPRedirect" DWORD and change the value to "0"
This should disable ICMP Redirects in Windows.
Leave a Reply