Created
October 9, 2019 14:26
-
-
Save joswr1ght/39eb7a2e69a593f6a938de6ccf988a57 to your computer and use it in GitHub Desktop.
Disable WPAD and LLMNR on Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" | |
REG ADD "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad" /v "WpadOverride" /t REG_DWORD /d "1" /f | |
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient" | |
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient" /v "EnableMulticast" /t REG_DWORD /d "0" /f |
Don't forget to disable mDNS as well (from https://f20.be/blog/mdns)
REG ADD "HKLM\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters" /v " EnableMDNS" /t REG_DWORD /d "0" /f
Many thanks for this.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Run these commands on Windows as an administrator to stop WPAD and LLMNR attacks (e.g. the Responder attack).