"TEXT 2"="Never ever change the configured gateway"
"DESCRIPTION 1"="The TCP/IP Protocol separates the entire address space into different segments called subnets. When a computer from one subnet wants to speak to another computer on a different subnet, it will do this not directly, but forward the data to a gateway. This gateway will then forward the data to the correct computer in the other subnet.
"DESCRIPTION 2"="Inside a LAN, your gateway will properly be a router or a switch that helps to keep the network running. By default, Windows can dynamically switch to a backup gateway when it detects that the default gateway is "dead" (not responding) and can switch to a backup gateway.
"DESCRIPTION 3"="A hacker could use this feature to trick the server. The hacker first bombs the real gateway with a lot of garbage data so it's overloaded and can no longer respond (Denial Of Service Attack). The hacker then announces its own computer as backup gateway.
"DESCRIPTION 4"="The server will detect that the real gateway is dead and searches for a backup gateway which is now the computer of the hacker. Thus, any data the server sends back to the clients it serves, will go through the computer of the hacker. This allows him to look for interesting data.
"DESCRIPTION 5"="When this setting (also known as Dead Gateway Detect) is turned off, Windows will never ever use a backup gateway and will always try to send through the primary gateway.
"AUTHOR"="Xteq Systems"
"CONTACTURL"="http://www.xteq.com/"
"COPYRIGHT"="Copyright ⌐ Xteq Systems - All Rights Reserved"
"COMMENT 1"=" "
sP="HKLM\System\CurrentControlSet\Services\TcpIp\Parameters\EnableDeadGWDetect" 'DW 0 = never switch
