It is completely legitimate if you use this IP source routing mechanism to discover the TCP/IP addresses of routers within a network. However, a malicious user can use source routing to learn more about a network and target it for an attack. With the IP Source Routing data hijacked, the attackers host can use the information to easily masquerade as a trusted host or client due to which disabling IP Source routing is considered as a common security measure.
Now, let’s dive into the actual process of How To Disable IP Source Routing in Windows.
1. Go to Start–>Run… and type regedit or regedt32.exe and click OK.
This opens the Registry Editor window
2. From the left pane of the Registry Editor navigate to the System key
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters
3. Now create a new DWORD value with the Value name ‘DisableIPSourceRouting’ and set its value data to 2 which disables the source routing completely (recommended for best security).
The other variants of the value data are:
0 – enables source routing
1 – disables source routing when IP forwarding is also enabled
4. Close the Registry editor and Restart Windows.
That’s it!! You have successfully modified the system registry settings to disable the IP Source Routing.
