[nylug-talk] sysctl command
Y. Ph.
philolospher at yahoo.com
Thu Jul 5 18:08:20 EDT 2007
Thank you very much for everyone's help on nmap and chkrootkit. It's really encouraging. I am learning the Ubuntu system by reading a couple of books about it, one of the books talked about Built-in Protection services in Linux kernel. It says that "...These services can be enabled, disabled, or displayed using the sysctl command, or by echoing a value (usually a 1 or a 0 to turn a service on or off) to a kernel process file under the /proc directory". However, it doesn't go any further to explain the above statement in detail.
I type the sysctl in command line, it menitoned /etc/sysctl.conf, so I opened the sysctl.conf file, should I uncomment all the listed items in order to have more protection. Here are the list of functions in the file:
# Uncomment the next line to enable spoof protection (reverse-path filter)
#net.ipv4.conf.default.rp_filter=1
#Uncomment the next line to enable TCP/IP SYN cookies
#net. ipv4.tcp_syncookies=1
#Uncomment the next line to enable packet forwarding for Ipv4
#net.ipv4.conf.default.forwarding =1
#Uncomment the next line to enable packet forwarding for Ipv6
#net.ipv6.conf.default.forwarding=1
And, how to echoing a value to a kernel process file under the /proc directory? Which is the kernel process file under the /proc directory that I need to echo?
Many thanks for your help.
Y.
---------------------------------
Ready for the edge of your seat? Check out tonight's top picks on Yahoo! TV.
More information about the nylug-talk
mailing list