Mind Reference: Secure network with kernel features

Tuesday, April 27, 2010

Secure network with kernel features

You can configure /etc/sysctl.conf to enable certain kernel options that will help your network be more secure:

# Ignore ICMP broadcasts
net.ipv4.icmp_echo_ignore_broadcasts = 1
#
# Ignore bogus ICMP errors
net.ipv4.icmp_ignore_bogus_error_responses = 1
#
# Do not accept ICMP redirects (prevent MITM attacks)
net.ipv4.conf.all.accept_redirects = 0
#
# Do not send ICMP redirects (we are not a router)
net.ipv4.conf.all.send_redirects = 0
#
# Do not accept IP source route packets (we are not
# a router)
net.ipv4.conf.all.accept_source_route = 0

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )

wheezy.web is a lightweight, high performance, high concurrency WSGI web framework with the key features to build modern, efficient web: requires Python 2.4-2.7 or 3.2+, MVC architectural pattern (push-based), functionality includes routing, model update/validation, authentication/authorization, content caching with dependency, xsrf/resubmission protection, AJAX+JSON, i18n (gettext), middlewares, and more. Template engine agnostic (integration with jinja2, mako, tenjin and wheezy.template) plus html widgets. It is optimized for performance, well tested and documented.

reusable library is a collection of reusable abstractions for enterprise application developer: caching, IoC, pagination, repository, application services, unit of work, background processing, exception trace policy, work item, etc. Integration with Unity 2.0, EntLib 5.0, ASP.NET MVC 3.0, WatiN 2.0, Memcached 1.4.5+.

Mind Reference

Tuesday, April 27, 2010

Secure network with kernel features

No comments :

Post a Comment

Blog Scripts

Labels

Blog Archive

About Me

Pageviews last month

Visitors

Popular Posts

Mind Reference

Tuesday, April 27, 2010

Secure network with kernel features

No comments :

Post a Comment

Blog Scripts

Labels

Blog Archive

About Me

Pageviews last month

Visitors

Subscribe To

Popular Posts