Sysctl
Zur Navigation springen
Zur Suche springen
sysctl.conf hardening - Helps prevent TCP/IP stack from syn-flood attacks and other network abuses.
vi /etc/sysctl.conf
add the below code:
# Enable IP spoofing protection, turn on Source Address Verification (is alow done, not needed on this server, maybe from shorewall!) net.ipv4.conf.all.rp_filter = 1
# Enable TCP SYN Cookie Protection net.ipv4.tcp_syncookies = 1
from http://blog.eukhost.com/category/server-security/page/3/