ubuntu:sysctl:harden_the_system_using_sysctl
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| ubuntu:sysctl:harden_the_system_using_sysctl [2019/12/04 21:46] – created peter | ubuntu:sysctl:harden_the_system_using_sysctl [2020/07/15 09:30] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 72: | Line 72: | ||
| net.core.netdev_max_backlog = 5000 | net.core.netdev_max_backlog = 5000 | ||
| net.ipv4.tcp_window_scaling = 1 | net.ipv4.tcp_window_scaling = 1 | ||
| + | </ | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== Example ===== | ||
| + | |||
| + | <file bash / | ||
| + | net.ipv4.ip_forward = 0 | ||
| + | net.ipv4.conf.all.send_redirects = 0 | ||
| + | net.ipv4.conf.default.send_redirects = 0 | ||
| + | net.ipv4.tcp_max_syn_backlog = 1280 | ||
| + | net.ipv4.icmp_echo_ignore_broadcasts = 1 | ||
| + | net.ipv4.conf.all.accept_source_route = 0 | ||
| + | net.ipv4.conf.all.accept_redirects = 0 | ||
| + | net.ipv4.conf.all.secure_redirects = 0 | ||
| + | net.ipv4.conf.all.log_martians = 1 | ||
| + | net.ipv4.conf.default.accept_source_route = 0 | ||
| + | net.ipv4.conf.default.accept_redirects = 0 | ||
| + | net.ipv4.conf.default.secure_redirects = 0 | ||
| + | net.ipv4.icmp_echo_ignore_broadcasts = 1 | ||
| + | net.ipv4.icmp_ignore_bogus_error_responses = 1 | ||
| + | net.ipv4.tcp_syncookies = 1 | ||
| + | net.ipv4.conf.all.rp_filter = 1 | ||
| + | net.ipv4.conf.default.rp_filter = 1 | ||
| + | net.ipv4.tcp_timestamps = 0 | ||
| </ | </ | ||
ubuntu/sysctl/harden_the_system_using_sysctl.1575496015.txt.gz · Last modified: 2020/07/15 09:30 (external edit)