Check or Attack Name: IP Forwarding

The machine has IP forwarding enabled. If this machine is outside of the firewall, then it could allow access to internal networks.

If IP forwarding is not allowed by your security policy, then disable IP Forwarding.

WARNING: Installing Windows NT Remote Access Service (RAS) after installing Microsoft Proxy Server will enable IP forwarding. You must disable IP forwarding after installing RAS.

To disable IP forwarding, follow these steps:

1. Open the Network control panel. From the Windows NT Start menu, select Settings, Control Panel, Network.
2. Click the Protocols tab.
3. Select TCP/IP Protocol from the list of network protocols.
4. Click Properties.
5. Click the Routing tab.
6. Clear the Enable IP Forwarding check box.
7. Click OK twice to apply changes.

If you want to disable this function remotely, open the registry on the remote host and locate the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters key. Set the IPEnableRouter value to zero. You will need to reboot the remote host to apply this change.

Microsoft Knowledge Base Article Q164882, Practical Recommendations for Securing Internet-Connections, http://support.microsoft.com/support/kb/articles/q164/8/82.asp