Solved

I am securing my server and want to harden Host.conf & sysctl, how can I do this?

Posted on 2004-04-01
6
250 Views
Last Modified: 2010-04-22
I am securing my server and want to harden Host.conf & sysctl, how can I do this?
0
Comment
Question by:jesusispabst
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 

Author Comment

by:jesusispabst
ID: 10777533
Any help would be greatly appreciated
0
 

Author Comment

by:jesusispabst
ID: 10777537
155 points
0
 
LVL 1

Accepted Solution

by:
badrox earned 155 total points
ID: 10786154
Well, in regards to sysctl.conf at minimum you should set the file 600

As for within the file...

net.ipv4.ip_forward = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.tcp_max_syn_backlog = 4096
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0

And maybe you already have those set.  To be completely honest, I'd would look for filtering the IP information at the Router level personally.
0
 
LVL 3

Expert Comment

by:yhetti
ID: 11185775
Judging from the fact that you're worried about sysctl, I assume you're a right-minded anal-about-security administrator.  That's awesome.  I *highly* suggest LIDS, the Linux Intrusion Detection System.  It's pretty hardcore.  Play around with it on an experimental machine, because it's tought to configure and it becomes really easy to remove all privileges from root.  It removes a lot of the 'normal' methods of securing from consideration because it works at a lower level.  Excellent project.

0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
This is a high-level webinar that covers the history of enterprise open source database use. It addresses both the advantages companies see in using open source database technologies, as well as the fears and reservations they might have. In this…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question