sysctl: used to modify kernel parameters at runtime
sysctl is an interface that allows you to make changes to a running Linux kernel.
With /etc/sysctl.conf you can configure various Linux networking and system settings such as:
With /etc/sysctl.conf you can configure various Linux networking and system settings such as:
- Limit network-transmitted configuration for IPv4
- Limit network-transmitted configuration for IPv6
- Turn on execshield protection
- Prevent against the common 'syn flood attack'
- Turn on source IP address verification
- Prevents a cracker from using a spoofing attack against the IP address of the server.
- Logs several types of suspicious packets, such as spoofed packets, source-routed packets, and redirects.
http://www.cyberciti.biz/faq/linux-kernel-etcsysctl-conf-security-hardening/
沒有留言:
張貼留言