Modify the TTL value of the implementation of the method to prevent the intranet "peep" _ Network security

Recently, some users in the unit local area network have been fascinated by learning network technology, they look at the server in the net, use it as the target of practice, often ping the server, and then judge the server's system type based on the TTL value returned, then use the appropriate tool software to find the security vulnerabilities of the server.
The author as a network management, of course, can not give these users "opportunity", in order to ensure the safe operation of the server, I think a lot of ways. Finally, the author intends to modify the TTL value of the server, so that users can not correctly judge the server system type.

Different operating system, its TTL value is not the same. By default, the TTL value of the Linux system is 64 or 255,windows nt/2000/xp the TTL value of the 128,windows 98 system is the TTL value of the 32,unix host is 255. The author unit uses Windows 2000 Server, TTL value defaults to 128, if this value is modified to 255, then users in the LAN will assume that this server is a Linux system or UNIX system, Then they will look for Linux systems or UNIX systems to find the Windows 2000 Server security vulnerabilities, but they will not find any security vulnerabilities, so the server is much more secure.

Specific implementation methods:

To modify the TTL value is very simple, through the Registry Editor can be implemented, click "Start → run", in the "Run" dialog box, enter the "regedit" command and Return, pop-up "Registry Editor" dialog box, expand the hkey_local_machine/system/ Currentcontrolset/services/tcpip/parameters ", find" DefaultTTL ", modify the value to decimal" 255 ", restart the server system.