IMPORTANT: This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you
understand how to restore the registry if a problem occurs. For information
about how to back up, restore, and edit the registry, click the following
article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows Registry
SYMPTOMS
In Windows 2000, when you set the
SynAttackProtect value in the following registry key to
2, the "don't fragment" or DF bit is incorrectly set to 0 on all
packets that are sent from the computer:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
RESOLUTION
Service Pack Information
To resolve this problem, obtain the latest service pack for Microsoft Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
260910 How to Obtain the Latest Windows 2000 Service Pack
Hotfix Information
A supported fix is now available
from Microsoft, but it is only intended to correct the problem that is
described in this article. Apply it only to computers that are experiencing
this specific problem. This fix may receive additional testing. Therefore, if
you are not severely affected by this problem, Microsoft recommends that you
wait for the next Windows 2000 service pack that contains this hotfix.
To
resolve this problem immediately, contact Microsoft Product Support Services to
obtain the fix. For a complete list of Microsoft Product Support Services phone
numbers and information about support costs, visit the following Microsoft Web
site:
NOTE: In special cases, charges that are ordinarily incurred for
support calls may be canceled if a Microsoft Support Professional determines
that a specific update will resolve your problem. The typical support costs
will apply to additional support questions and issues that do not qualify for
the specific update in question.
The Global version of
this fix has the file attributes (or later) that are listed in the following
table. The dates and times for these files are listed in coordinated universal
time (UTC). When you view the file information, it is converted to local time.
To find the difference between UTC and local time, use the
Time Zone tab in the Date and Time tool in Control Panel.
Date Time Version Size File name
-----------------------------------------------------------
13-Nov-2002 16:36 5.0.2195.6127 118,896 Afd.sys
22-Nov-2002 22:29 5.0.2195.6020 105,232 Msafd.dll
22-Nov-2002 22:28 5.0.2195.6139 313,648 Tcpip.sys
31-Jul-2001 00:15 5.0.2195.3988 16,240 Tdi.sys
22-Nov-2002 22:29 5.0.2195.4874 17,680 Wshtcpip.dll
WORKAROUND
WARNING: If you use Registry Editor incorrectly, you may cause serious
problems that may require you to reinstall your operating system. Microsoft
cannot guarantee that you can solve problems that result from using Registry
Editor incorrectly. Use Registry Editor at your own risk.
To work around this problem, set the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcip\Parameters\SynAttackProtect
value to either
0 (zero) or
1:
- Click Start, and then click
Run.
- In the Open box, type
regedit, and then click OK.
- Locate, and then click the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcip\Parameters
- In the right pane, double-click SynAttackProtect.
- In the Value data box, type either
0 or 1, and then click
OK.
- Quit Registry Editor.