I have Disabled LLMNR through the group policy editor, under the
“policy setting” menu under Local Computer Policy > Computer Configuration > Administrative Templates > Network > DNS Client.
NBT-NS is turned off through the Network Connection Settings. Navigate to Network Connections > Internet Protocol Version 4 > Properties > General > Advanced > WINS, then select “Disable NetBIOS over TCP/IP”.
HKLM\Software\Policies\Microsoft\Windows NT\DNSClient is set to 0. I am still able to log keystrokes through Responder on a kali machine on the network and capture pw hashes.
I am at a loss as to what I am missing and would truly appreciate any suggestions.