Disabling LLMNR via command line

Discussion:

(too old to reply)

John C.

2023-03-01 12:44:59 UTC

I've read that Microsoft is in the process of disabling LLMNR and
NETBIOS in W10 and W11.

Both protocols are now considered obsolete and present security risks I
believe. Because of this, I would like to know how to disable LLMNR.

This website:

https://www.blackhillsinfosec.com/how-to-disable-llmnr-why-you-want-to/

tells how to do this via command line, but I'm convinced that there is
an error in the instructions. Specifically, this (ignore the long lines
of dashes):
_______________________________________________________________________
REG ADD “HKLM\Software\policies\Microsoft\Windows NT\DNSClient”
REG ADD “HKLM\Software\policies\Microsoft\Windows NT\DNSClient” /v ”
EnableMulticast” /t REG_DWORD /d “0” /f
_______________________________________________________________________

should possibly be this:
_______________________________________________________________________
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient"
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient" /v
"EnableMulticast" /t REG_DWORD /d "0" /f
_______________________________________________________________________

where the second and third lines are one command. The error was caused
by an extra space after the quotation mark before the word EnableMulticast.

Ironically, I've checked out some other websites which offer the same
instructions and it appears that they may have simply copied and pasted
the command lines from that website and included the error.

Can anybody verify if I'm correct in my version of the command lines?

TIA

--
John C.

Paul

2023-03-01 14:00:12 UTC

Permalink

Post by John C.
I've read that Microsoft is in the process of disabling LLMNR and
NETBIOS in W10 and W11.
Both protocols are now considered obsolete and present security risks I
believe. Because of this, I would like to know how to disable LLMNR.
https://www.blackhillsinfosec.com/how-to-disable-llmnr-why-you-want-to/
tells how to do this via command line, but I'm convinced that there is
an error in the instructions. Specifically, this (ignore the long lines
_______________________________________________________________________
REG ADD “HKLM\Software\policies\Microsoft\Windows NT\DNSClient”
REG ADD “HKLM\Software\policies\Microsoft\Windows NT\DNSClient” /v ”
EnableMulticast” /t REG_DWORD /d “0” /f
_______________________________________________________________________
_______________________________________________________________________
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient"
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient" /v
"EnableMulticast" /t REG_DWORD /d "0" /f
_______________________________________________________________________
where the second and third lines are one command. The error was caused
by an extra space after the quotation mark before the word EnableMulticast.
Ironically, I've checked out some other websites which offer the same
instructions and it appears that they may have simply copied and pasted
the command lines from that website and included the error.
Can anybody verify if I'm correct in my version of the command lines?
TIA

You can see that each switch, has a value next to it, so visually
the command looks reasonable. I checked my registry, and that isn't
set. On a copy of Pro, you could use gpedit.msc to do that. The github
example below, uses the same logic as gpedit.msc and so is a
clever emulation of the same.

_______________________________________________________________________
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient"
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient" /v "EnableMulticast" /t REG_DWORD /d "0" /f
_______________________________________________________________________

If you pump the amended line into Google and search for it,
there are examples.

https://gist.github.com/1ijack/bd5ed0da9bcaebb2a14e3698cefe7a49

When people make web page, their software uses the "crazy quotes" of
literature, instead of the straight quotes of computing. It's a
given that quote marks will be the wrong flavor.

What might happen on occasion, is a script may have a backslash
as a line continuation character on the end of the line, and the
web software eats that. Again, the syntax balance of the command,
hint that a space is needed. At least a few lines like that, you
can kinda guess that something is messed up with the copy/pasta.

Paul

John C.

2023-03-02 13:13:15 UTC

Permalink

Post by Paul

Post by John C.
I've read that Microsoft is in the process of disabling LLMNR and
NETBIOS in W10 and W11.
Both protocols are now considered obsolete and present security risks I
believe. Because of this, I would like to know how to disable LLMNR.
https://www.blackhillsinfosec.com/how-to-disable-llmnr-why-you-want-to/
tells how to do this via command line, but I'm convinced that there is
an error in the instructions. Specifically, this (ignore the long lines
_______________________________________________________________________
REG ADD “HKLM\Software\policies\Microsoft\Windows NT\DNSClient”
REG ADD “HKLM\Software\policies\Microsoft\Windows NT\DNSClient” /v ”
EnableMulticast” /t REG_DWORD /d “0” /f
_______________________________________________________________________
_______________________________________________________________________
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient"
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient" /v
"EnableMulticast" /t REG_DWORD /d "0" /f
_______________________________________________________________________
where the second and third lines are one command. The error was caused
by an extra space after the quotation mark before the word
EnableMulticast.
Ironically, I've checked out some other websites which offer the same
instructions and it appears that they may have simply copied and pasted
the command lines from that website and included the error.
Can anybody verify if I'm correct in my version of the command lines?
TIA

Unfortunately, I'm currently running Windows 7 Home Premium on this
system, so gpedit.msc isn't available. This is why I'm asking about
accomplishing the task via command line (prompt).

Post by Paul
_______________________________________________________________________
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient"
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient" /v
"EnableMulticast" /t REG_DWORD /d "0" /f
_______________________________________________________________________

Heh. when I read your reply, I see that you were able to post the second
line without any wrap, but when I quote your post here it wraps. Not to
worry though, I tried copying and pasting the second command in both a
command prompt window as well as Microsoft PowerShell and in both cases,
the line break was ignored. However, the uncorrected version does
include the extra space after "/v". My corrected version, OTOH, does
paste into either a command prompt window or Microsoft PowerShell
without any problems.

Post by Paul
If you pump the amended line into Google and search for it,
there are examples.
https://gist.github.com/1ijack/bd5ed0da9bcaebb2a14e3698cefe7a49
When people make web page, their software uses the "crazy quotes" of
literature, instead of the straight quotes of computing. It's a
given that quote marks will be the wrong flavor.

Yeah, I noticed that. Part of my correction was to insert the correct
quotation marks, although I'm not sure that would be a problem in either
the command prompt or PowerShell.

Post by Paul
What might happen on occasion, is a script may have a backslash
as a line continuation character on the end of the line, and the
web software eats that. Again, the syntax balance of the command,
hint that a space is needed. At least a few lines like that, you
can kinda guess that something is messed up with the copy/pasta.

Thanks very much for replying. And just so you'll know, I did attempt to
contact the people at the link I provided in the OP. My attempt to send
them the commands in their form got me temporarily blocked by their host.

I just sent another message to then and circuitously described the
issue. We'll see if they reply.

Thanks again!

--
John C.

Roger Mills

2023-03-01 19:58:09 UTC

Permalink

I think they are effectively the same - the line break will be ignored.

--
Cheers,
Roger

John C.

2023-03-02 12:56:51 UTC

Permalink

Post by Roger Mills

Post by John C.
I've read that Microsoft is in the process of disabling LLMNR and
NETBIOS in W10 and W11.
Both protocols are now considered obsolete and present security risks I
believe. Because of this, I would like to know how to disable LLMNR.
https://www.blackhillsinfosec.com/how-to-disable-llmnr-why-you-want-to/
tells how to do this via command line, but I'm convinced that there is
an error in the instructions. Specifically, this (ignore the long lines
_______________________________________________________________________
REG ADD “HKLM\Software\policies\Microsoft\Windows NT\DNSClient”
REG ADD “HKLM\Software\policies\Microsoft\Windows NT\DNSClient” /v ”
EnableMulticast” /t REG_DWORD /d “0” /f
_______________________________________________________________________
_______________________________________________________________________
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient"
REG ADD "HKLM\Software\policies\Microsoft\Windows NT\DNSClient" /v
"EnableMulticast" /t REG_DWORD /d "0" /f
_______________________________________________________________________
where the second and third lines are one command. The error was caused
by an extra space after the quotation mark before the word
EnableMulticast.
Ironically, I've checked out some other websites which offer the same
instructions and it appears that they may have simply copied and pasted
the command lines from that website and included the error.
Can anybody verify if I'm correct in my version of the command lines?
TIA

I think they are effectively the same - the line break will be ignored.

First, thanks very much for replying.

As for copying and pasting the commands, yes, the line break is ignored
but the extra space isn't. This occurs in either a command prompt *or*
in Windows PowerShell (right click to paste.) This problem, if ignored,
will undoubtedly introduce an error in the command and I'm not willing
to attempt to actually *run* the command because of this.

OTOH, my versions of the two commands (which, I presume, should be run
in the sequence indicated but separately), do paste into either a
command prompt or Windows Powershell without any errors.

Messing with the registry like this isn't something I do lightly,
although over time I've done it a lot and (so far) without any problems.
That I don't do this kind of thing lightly is exactly why I'm looking
for advice here in alt.windows7.general.

Again, thanks for replying.

--
John C.