How to modify the TTL value to prevent intranet "pegging"

Recently, some users in the LAN are addicted to learning network technology. They are interested in servers on the Intranet and use it as a practice target. They often use Ping commands to detect servers, then, the system type of the server is determined based on the returned TTL value, and the corresponding tool software is used to find the security vulnerabilities on the server.
As a network administrator, I certainly cannot "give these users the opportunity". To ensure the safe operation of the server, I have come up with many ways. Finally, I intend to modify the server's TTL value so that users cannot correctly determine the server's system type.

Different operating systems have different TTL values. By default, the TTL value of Linux is 64 or 255, the TTL value of Windows NT/2000/XP is 128, and the TTL value of Windows 98 is 32, the TTL value of a UNIX host is 255. I use a Windows 2000 Server. The default TTL value is 128. If I change this value to 255, users in the LAN will think that this server is a Linux or UNIX system, then they will find the security vulnerabilities of Windows 2000 servers for Linux or UNIX systems, but they will not find any security vulnerabilities, so that the server is more secure.

Implementation Method:

You can use the Registry Editor to modify the TTL value. Click "Start> Run", enter the "regedit" command in the "run" dialog box, and press Enter, in the "Registry Editor" dialog box, expand "HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/Tcpip/Parameters", find "DefaultTTL", and change the value to "255" in decimal format ", restart the server system.