Tag: guides
TCP/IP Stack Hardening
by dominee on Oct.22, 2009, under HOWTO, security
source: http://www.cromwell-intl.com/security/security-stack-hardening.html
#Disable ICMP broadcast echo activity.
sysctl -w net.ipv4.icmp_echo_ignore_broadcasts=1
#Disable ICMP routing redirects.
sysctl -w net.ipv4.conf.all.accept_redirects=0
sysctl -w net.ipv6.conf.all.accept_redirects=0
sysctl -w net.ipv4.conf.all.send_redirects=0
sysctl -w net.ipv6.conf.all.send_redirects=0
#Disable IP source routing.
sysctl -w net.ipv4.conf.all.accept_source_route=0
sysctl -w net.ipv4.conf.all.forwarding=0
sysctl -w net.ipv4.conf.all.mc_forwarding=0
#Enforce sanity checking, also called ingress filtering or egress filtering
sysctl -w net.ipv4.conf.all.rp_filter=1
#Log and drop "Martian" packets.
sysctl -w net.ipv4.conf.all.log_martians=1
#Increase resiliance under heavy TCP load (which makes the system more resistant to SYN Flood attacks).
sysctl -w net.ipv4.tcp_max_syn_backlog=1280
sysctl -w net.ipv4.tcp_syncookies=1
Linux/UNIX hardening guides
by dominee on Aug.28, 2009, under HOWTO, security
Hardening Guides
Center for Internet Security (CIS)
Red Hat Enterprise Linux 4 Security guide
Red Hat Enterprise Linux 4 SElinux Guide
Securing Debian Manual
IASE : Security Technical Implementation Guides
NSA: Current Security Configuration Guides
Red Hat Enterprise Linux 5 Hardening guide
Hardening Tools
Bastille linux/UNIX
TRUSTED : Security Blanket
-
Hell-0!. Welcome to from.hell!
Thanks for dropping by! Feel free to join the discussion by leaving comments, and stay updated by subscribing to the RSS feed. See ya around!
Event Calendar
« Jan 
Mar » February 2012 M T W T F S S 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
