Feeds:
Posts
Comments

Archive for September 11th, 2007

Linux Operating System has a number of built-in protection mechanism. You can activate it by modifying the system kernel parameters in the /proc filesystem via the /etc/sysctl.conf file.

taufanlubis@zyrex:/etc$ sudo gedit sysctl.conf

Just, remove the ‘#’ to activate the parameters

 

Content of sysctl.conf:

#

# /etc/sysctl.conf – Configuration file for setting system variables

# See sysctl.conf (5) for information.

#

 

#kernel.domainname = example.com

#net/ipv4/icmp_echo_ignore_broadcasts=1

 

# the following stops low-level messages on console

kernel.printk = 4 4 1 7

##############################################################

# Functions previously found in netbase

#

 

# Uncomment the next line to enable Spoof protection (reverse-path filter)

#net.ipv4.conf.default.rp_filter=1

 

# Uncomment the next line to enable TCP/IP SYN cookies

#net.ipv4.tcp_syncookies=1

 

# Uncomment the next line to enable packet forwarding for IPv4

#net.ipv4.conf.default.forwarding=1

 

# Uncomment the next line to enable packet forwarding for IPv6

#net.ipv6.conf.default.forwarding=1

 

A bit explanation to make it more clear.

 

Disable routing triangulation. Respond to queries out the same interface, not another.

Help to maintain state. Also protects againts IP spoofing

net.ipv4.conf.default.rp_filter=1

Turn on protection from Denial of Service (DOS) attacks

net.ipv4.tcp_syncookies=1

 

Enable IP routing. Required if your firewall is protecting a network, NAT included.

net.ipv4.conf.default.forwarding=1

 

Disable responding to ping broadcasts.

net/ipv4/icmp_echo_ignore_broadcasts=1

Read Full Post »

Follow

Get every new post delivered to your Inbox.

Join 75 other followers