# Ignore ICMP broadcasts net.ipv4.icmp_echo_ignore_broadcasts = 1 # # Ignore bogus ICMP errors net.ipv4.icmp_ignore_bogus_error_responses = 1 # # Do not accept ICMP redirects (prevent MITM attacks) net.ipv4.conf.all.accept_redirects = 0 # # Do not send ICMP redirects (we are not a router) net.ipv4.conf.all.send_redirects = 0 # # Do not accept IP source route packets (we are not # a router) net.ipv4.conf.all.accept_source_route = 0
Tuesday, April 27, 2010
Secure network with kernel features
You can configure /etc/sysctl.conf to enable certain kernel options that will help your network be more secure:
Subscribe to:
Post Comments
(
Atom
)
No comments :
Post a Comment