[Vol-users] Re: OT: Using netsh to set ip address of an interface on winfe/winpe 4.0.

To follow up on this question, it looks like the dhcp, ikeext, lmhosts and netbt services all need to be running to enumerate and set a static IP address on an interface. Without those services the nics don't even get enumerated. Rather ironic that you need the dhcp service in order to avoid using the dhcp service. However, you can initialize WinPE and set the static IP address before plugging the network adapter in. Then once the static IP has been set these services can all be turned off (using net stop). The DHCP service continues to broadcast IPv6 solicitations unless you also set a v6 static IP on the adapter. There is also a registry key to turn off LLMR broadcasts (also a noisy feature): HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\DNSClient \EnableMulticast IPv6 can be disabled using the HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\ServicesTCPIP6\Parameters\DisabledComponents same as for regular Windows. IPv6 emits a lot of traffic, particularly if you don't have an IPv6 infrastructure. Firewall connection and dropped packet logging also can be enabled though getting it to work right is an involved process. Thanks to the connection logging I was able to see the winpe IKEEXT service try to start a conversation with a potentially infected host (on my test network), which might be fatal in real life. Hope this helps someone. Regards, George.