For each tunable kernel parameters, each entry have to be added to the /etc/systcl.conf configuration file to make the change permanent after
reboots. To activate the configured kernel parameters immediately at run time, use:
# systcl -p
1. Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1
2. Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
3. Disable Source Routing
net.ipv4.conf.all.accept_souce_route = 0
4. Enable IP Spoofing Protection
net.ipv4.conf.all.rp_filter = 1
5. Enable Ignoring to ICMP Requests
net.ipv4.icmp_echo_ignore_all = 1
6. Enable Ignoring Broadcasts Requests
net.ipv4.icmp_echo_ignore_broadcasts = 1
7. Enable Ignoring Broadcasts Requests
net.ipv4.icmp_echo_ignore_bogus_error_responses = 1
Tuesday, April 8, 2008
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment