File Details |
|
| File Size | 0.6 MB |
|---|---|
| License | Freeware |
| Operating System | Windows NT/Server 2003/XP |
| Date Added | April 22, 2005 |
| Total Downloads | 1,658 |
| Publisher | Thierry Zoller |
| Homepage | Harden-It |
Publisher's Description
Harden-It is a Network hardening tool for Windows. By hardening the IP stack your Network can sustain or completely twarth various sophisticated network attacks.
Latest Reviews
aruprc reviewed v1.2 on May 11, 2005
Excellent program, implements Windows security procedure in a nice to use GUI instead of reg hack and can be easily rolled back in case things don't go as expected, truly a must for every hardcore net user to implement a strict protection policy in case your existing firewall gets hacked, I also recommend the freeware Secure IT from YASC to be used in conjunction with Harden IT.
httpd.confused reviewed v1.2 on Apr 22, 2005
The concept and the execution are great, generally speaking, but I'd strongly recommend backing up the registry first, logging the changes made (using Total Uninstall 3), and verifying when necessary. (Yes, Harden-It has a built-in feature to restore settings, but I've seen too many applications fail to restore settings correctly to trust such a feature.)
Like every other utility that proposes to make configuration changes on my behalf, Harden-It 1.2 has errors (or, at least, discrepancies from official sources). As just a couple examples, Harden-It 1.2 states that a value of 100 for TcpMaxHalfOpen is recommended for workstations, while 500 is recommended for servers. Actually, it's just the other way around--100 for servers, and 500 for workstations. For TcpMaxHalfOpenRetried, Harden-It recommends 80 for workstations, and 400 for servers. Again, Microsoft actually recommends 80 for servers, and 400 for workstations.
And there was a blatant error as well: Harden-It added a "QueryIpMatching" value to my HKLM\SYSTEM\CurrentControlSet\Services key, but it belongs two levels below that, under Dnscache\Parameters (or Tcpip\Parameters, depending on what Microsoft doc you want to believe).
Just to note... Harden-It 1.2 added a value named "EnableICMPRedirects" to my Windows XP system, even though the correct value for Windows 2000 and later is "EnableICMPRedirect". (Note the lack of an "s" on the end. The value "EnableICMPRedirects" was correct for Windows NT 4.0, so the author adds both values blindly.
I find it annoying that Harden-It insists on loading Internet Explorer (in a maximized window, no less), whenever you opt to open an information link from it. There are ways to open the default browser, whatever that is configured to be, but apparently the author thinks he knows better than I do. Even the shortcuts that Harden-It automatically creates (without your permission, I hasten to add) have a hard-coded path to Internet Explorer, rather than being standard .URL files. There is no good reason for this.
I think it would also be quite nice if Harden-It allowed you to enter your own custom values.
aruprc reviewed v1.2 on May 11, 2005
Excellent program, implements Windows security procedure in a nice to use GUI instead of reg hack and can be easily rolled back in case things don't go as expected, truly a must for every hardcore net user to implement a strict protection policy in case your existing firewall gets hacked, I also recommend the freeware Secure IT from YASC to be used in conjunction with Harden IT.
httpd.confused reviewed v1.2 on Apr 22, 2005
The concept and the execution are great, generally speaking, but I'd strongly recommend backing up the registry first, logging the changes made (using Total Uninstall 3), and verifying when necessary. (Yes, Harden-It has a built-in feature to restore settings, but I've seen too many applications fail to restore settings correctly to trust such a feature.)
Like every other utility that proposes to make configuration changes on my behalf, Harden-It 1.2 has errors (or, at least, discrepancies from official sources). As just a couple examples, Harden-It 1.2 states that a value of 100 for TcpMaxHalfOpen is recommended for workstations, while 500 is recommended for servers. Actually, it's just the other way around--100 for servers, and 500 for workstations. For TcpMaxHalfOpenRetried, Harden-It recommends 80 for workstations, and 400 for servers. Again, Microsoft actually recommends 80 for servers, and 400 for workstations.
And there was a blatant error as well: Harden-It added a "QueryIpMatching" value to my HKLM\SYSTEM\CurrentControlSet\Services key, but it belongs two levels below that, under Dnscache\Parameters (or Tcpip\Parameters, depending on what Microsoft doc you want to believe).
Just to note... Harden-It 1.2 added a value named "EnableICMPRedirects" to my Windows XP system, even though the correct value for Windows 2000 and later is "EnableICMPRedirect". (Note the lack of an "s" on the end. The value "EnableICMPRedirects" was correct for Windows NT 4.0, so the author adds both values blindly.
I find it annoying that Harden-It insists on loading Internet Explorer (in a maximized window, no less), whenever you opt to open an information link from it. There are ways to open the default browser, whatever that is configured to be, but apparently the author thinks he knows better than I do. Even the shortcuts that Harden-It automatically creates (without your permission, I hasten to add) have a hard-coded path to Internet Explorer, rather than being standard .URL files. There is no good reason for this.
I think it would also be quite nice if Harden-It allowed you to enter your own custom values.