09-11-2005, 16.51.01
|
|||
|
|||
Disabilitare pings e icmp
Accedere tramite ssh sul server e editare il seguente file
Codice:
nano /etc/sysctl.conf Codice:
# disable packet forwarding net.ipv4.ip_forward = 0 # enable source route verification net.ipv4.conf.all.rp_filter = 1 # ignore broadcast pings net.ipv4.icmp_echo_ignore_broadcasts = 1 # enable syn cookies net.ipv4.tcp_syncookies = 1 # size of syn backlog net.ipv4.tcp_max_syn_backlog = 512 # disable automatic defragmentation # set max files fs.file-max = 32768 # Enable IP spoofing protection, turn on Source Address Verification net.ipv4.conf.all.rp_filter = 1 # Enable TCP SYN Cookie Protection net.ipv4.tcp_syncookies = 1 # Enable ignoring ping request net.ipv4.icmp_echo_ignore_all = 1 Codice:
nano /etc/rc.local Codice:
for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 1 > done echo 1 > /proc/sys/net/ipv4/tcp_syncookies for f in /proc/sys/net/ipv4/conf/*/accept_source_route; do echo 0 > done echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all Codice:
nano /etc/host.conf Codice:
# Lookup names via DNS first then fall back to /etc/hosts. order bind,hosts # We have machines with multiple IP addresses. multi on # Check for IP address spoofing. nospoof on Codice:
reboot 
|
 |
| Strumenti discussione | |
| Modalità visualizzazione | |
|
|
Discussioni simili
|
||||
| Discussione | Autore discussione | Forum | Risposte | Ultimo messaggio |
| Disabilitare Telnet | serverplan | Server Dedicati | 0 | 09-11-2005 16.45.22 |
| Disabilitare servizi non necessari | serverplan | Server Dedicati | 0 | 09-11-2005 16.40.26 |
Modalità lineare
