[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 26408 Download | Alert*

Disable DCCP The Datagram Congestion Control Protocol (DCCP) is a transport layer protocol that supports streaming media and telephony. DCCP provides a way to gain access to congestion control, without having to do it at the application layer, but does not provide in- sequence delivery.

Disable IPv6 Although IPv6 has many advantages over IPv4, few organizations have implemented IPv6.

Disable TIPC The Transparent Inter-Process Communication (TIPC) protocol is designed to provide communication between cluster nodes.

Enable RFC-recommended Source Route Validation Setting net.ipv4.conf.all.rp_filter and net.ipv4.conf.default.rp_filter to 1 forces the Linux kernel to utilize reverse path filtering on a received packet to determine if the packet was valid. Essentially, with reverse path filtering, if the return packet does not go out the same interface that the corresponding source packet came from, the packet i ...

Set SSH PermitEmptyPasswords to No The PermitEmptyPasswords parameter specifies if the server allows login to accounts with empty password strings.

Record Events That Modify Date and Time Information "Capture events where the system date and/or time has been modified. The parameters in this section are set to determine if the adjtimex (tune kernel clock), settimeofday (Set time, using timeval and timezone structures) stime (using seconds since 1/1/1970) or clock_settime (allows for the setting of several internal clocks and timers) system ca ...

Set Boot Loader Password Setting the boot loader password will require that anyone rebooting the system must enter a password before being able to set command line boot parameters

Ensure NIS is not installed The Network Information Service (NIS), formerly known as Yellow Pages, is a client-server directory service protocol used to distribute system configuration files.

Enable Auditing for Processes That Start Prior to auditd Configure grub or lilo so that processes that are capable of being audited can be audited even if they start up prior to auditd startup.

Enable TCP SYN Cookies When tcp_syncookies is set, the kernel will handle TCP SYN packets normally until the half-open connection queue is full, at which time, the SYN cookie functionality kicks in. SYN cookies work by not using the SYN queue at all. Instead, the kernel simply replies to the SYN with a SYN|ACK, but will include a specially crafted TCP sequence number that encodes the source and ...

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   2640

© SecPod Technologies