Last active
February 24, 2021 22:35
-
-
Save jflyoo/bf02cdd7eec7bd128383a6c070227751 to your computer and use it in GitHub Desktop.
Security
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| REM Link-Local Multicast Name Resolution is a Windows service that leaves the OS open to DNS spoofing from machines on the local network | |
| reg add "hklm\software\policies\microsoft\windows nt\dnsclient" | |
| reg add "hklm\software\policies\microsoft\windows nt\dnsclient" /v EnableMulticast /t REG_DWORD /d "0" /f |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Source adapted from: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-16898 | |
| #This mitigation could be applied in lieu of October 2020 Microsoft Updates, however, per source guidance, every effort should be made to install the update ASAP. | |
| (Get-NetAdapter).ifindex | foreach { | |
| Write-Host "Current state: RA Based DNS Config on interface $_ :" | |
| netsh int ipv6 show int $_ | sls "RA Based DNS" | |
| Write-host "`nDisabling RA Based DNS Config on interface $_" | |
| netsh int ipv6 set int $_ rabaseddnsconfig=disable | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment