Version vom 9. Januar 2007, 20:42 Uhr von Jonathan (Diskussion | Beiträge) (cat)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Zur Navigation springen Zur Suche springen

sysctl.conf hardening - Helps prevent TCP/IP stack from syn-flood attacks and other network abuses.

vi /etc/sysctl.conf

add the below code:

# Enable IP spoofing protection, turn on Source Address Verification (is alow done, not needed on this server, maybe from shorewall!)
net.ipv4.conf.all.rp_filter = 1
# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1