Securing Linux Opearting System – Bare minimum checklist

view story

http://linux-news.org – Please find below the bare minimum checklists for Linux Hardening Guide. ZEROCONF: On by default. Used by avahi for local service discovery. Disable this service. Edit /etc/sysconfig/network. Add NOZEROCONF=yes . Then remove the avahi package and its dependencies /etc/sysctl.conf settings : Don’t reply to broadcasts. Prevents joining a smurf attack. net.ipv4.icmp_echo_ignore_broadcasts = 1 Enable protection for bad icmp error messages. net.ipv4.icmp_ignore_bogus_error_responses = 1 (HowTos)