Author Topic: Hardening TCP/IP and system  (Read 392 times)

0 Members and 1 Guest are viewing this topic.

Offline v17564

  • Vollwertiges Mitglied
  • ***
  • Posts: 138
  • I'm new. Be nice!
  • Skill: Novice
Hardening TCP/IP and system
« on: 15. June 2015, 18:46:49 »
Why is not included a file of this type adapted to the proper distribution?

Many examples of hardening can be found in the Internet. Normally, the content of these files is commented and is the user who must activate these functions. For example.

99-sysctl.conf:
Code: [Select]
## sets the kernels reverse path filtering mechanism to value 1(on)
## will do source validation of the packet's recieved from all the interfaces on the machine
## protects from attackers that are using ip spoofing methods to do harm
net.ipv4.conf.all.rp_filter = 1
#net.ipv6.conf.all.rp_filter = 1

50-default.conf:
Code: [Select]
# TOCTOU
# http://en.wikipedia.org/wiki/TOCTOU
#
fs.protected_hardlinks=1
fs.protected_symlinks=1

And many more options.
Greetings.
« Last Edit: 15. June 2015, 19:00:21 by v17564 »