[Forgot Password]
Login  Register Subscribe

24544

 
 

132176

 
 

121593

 
 

909

 
 

100139

 
 

148

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 5111 Download | Alert*

Disable Support for RPC IPv6 RPC services for NFSv4 try to load transport modules for 'udp6' and 'tcp6' by default, even if IPv6 has been disabled in '/etc/modprobe.d'. To prevent RPC services such as 'rpc.mountd' from attempting to start IPv6 network listeners, remove or comment out the following two lines in '/etc/netconfig': udp6 tpi_clts v inet6 udp - - tcp6 ...

Disable Accepting IPv6 Router Advertisements To set the runtime status of the 'net.ipv6.conf.default.accept_ra' kernel parameter, run the following command:

Disable Accepting IPv6 Redirects This setting prevents the system from accepting ICMP redirects. ICMP redirects tell the system about alternate routes for sending traffic.

Manually Assign Global IPv6 Address To manually assign an IP address for an interface, edit the file '/etc/sysconfig/network-scripts/ifcfg-interface'. Add or correct the following line (substituting the correct IPv6 address): 'IPV6ADDR=2001:0DB8::ABCD/64' Manually assigning an IP address is preferable to accepting one from routers or from the network otherwise. The example address here is an IPv6 ...

Use Privacy Extensions for Address To introduce randomness into the automatic generation of IPv6 addresses, add or correct the following line in '/etc/sysconfig/network-scripts/ifcfg-interface': 'IPV6_PRIVACY=rfc3041' Automatically-generated IPv6 addresses are based on the underlying hardware (e.g. Ethernet) address, and so it becomes possible to track a piece of hardware over its lifetime using ...

Manually Assign IPv6 Router Address Edit the file '/etc/sysconfig/network-scripts/ifcfg-interface', and add or correct the following line (substituting your gateway IP as appropriate): 'IPV6_DEFAULTGW=2001:0DB8::0001' Router addresses should be manually set and not accepted via any auto-configuration or router advertisement.

Set Default ip6tables Policy for Incoming Packets To set the default policy to DROP (instead of ACCEPT) for the built-in INPUT chain which processes incoming packets, add or correct the following line in '/etc/sysconfig/ip6tables': ':INPUT DROP [0:0]' If changes were required, reload the ip6tables rules: '$ sudo service ip6tables reload'

Verify iptables Enabled The 'iptables' service can be enabled with the following command: '$ sudo systemctl enable iptables'

Set Default iptables Policy for Incoming Packets To set the default policy to DROP (instead of ACCEPT) for the built-in INPUT chain which processes incoming packets, add or correct the following line in '/etc/sysconfig/iptables': ':INPUT DROP [0:0]'

Set Default iptables Policy for Forwarded Packets To set the default policy to DROP (instead of ACCEPT) for the built-in FORWARD chain which processes packets that will be forwarded from one interface to another, add or correct the following line in '/etc/sysconfig/iptables': ':FORWARD DROP [0:0]'


Pages:      Start    5    6    7    8    9    10    11    12    13    14    15    16    17    18    ..   511

© SecPod Technologies