|
There are several useful kernel flags you can set to increase your default
network security without using IP Tables. The /proc filesystem is a window
into various parts of the Linux kernel. Some of these values in the running
kernel are read-only, others may be modified on the fly.
Kernel entries made on the fly do not apply after a reboot. Some proc entries
have a value of either 0 or 1, while others have character string values.
View current hostname:
cat /proc/sys/kernel/hostname
Change the current hostname instantly:
echo 'newhostname' > /proc/sys/kernel/hostname
Enable IP Forwarding: (echo 0 disables)
echo 1 > /proc/sys/net/ipv4/ip_forward
To turn off answers to icmp_echos (such as ping): (echo 0 turns back on)
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
_______________________________________________________________________________
Sat Jul 12 16:17:01 CDT 2003
|
