Originally Posted by deepak_cucek
But my concern is how we can test the same in real time ..
like whether IP forwarding /IP source routing /SYN flooding is really disabled in the machine or not..
If you mean testing the effect
of those sysctls then you could try to determine what expected behaviour
would be and check for it.
- If forwarding is enabled for traffic originating from host A to end up at host C via host B then on the forwarding host the forward chain packet counter would go up.
- If source routing is enabled then you should be able to specify the route for traffic originating from host A and destined for host F to go via router B, D and E instead of router B, C and E (traceroute?).
- If SYN cookies are enabled then you should be able to see a certain response from the host to the flooding client once the SYN queue starts filling up (tcpdump?).
In my opinion testing sysctl values
is an OK question for the Newbie forum but questions about testing the effect
of those sysctls seems more appropriate in Networking.