Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Kernel tunable security parameter versus iptables, which is prefer? Or can I use both methods? For example, to modify the /etc/sysctl.conf as to tune security parameter, otherwise use iptables. Some command lines I have modified in my system were:
net.ipv4.tcp_syncookies = 1
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.all.rp_filter = 1
net.ipv4.icmp_echo_ignore_all = 1
net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.conf.all.log_martians = 1
These seems to be acting like iptables, and this get me confuses that should I just use iptables only, or I can add those lines above to /etc/sysctl.conf for additional security measures? I think when done modify the /etc/sysctl.conf, you have to reboot to have your kernel activates those parameters, am I right? Thanks...
Kernel tunable security parameter versus iptables, which is prefer? Or can I use both methods? (...) These seems to be acting like iptables, and this get me confuses that should I just use iptables only,
Both. They serve different purposes and complement each other.
Quote:
Originally Posted by argh2xxx
or I can add those lines above to /etc/sysctl.conf for additional security measures?
Yes. In your kernel source documentation directory there's a nice text on sysctls explaining everything. Else it should be somewhere in the LQ FAQ: Security references or maybe search LQ.
Quote:
Originally Posted by argh2xxx
I think when done modify the /etc/sysctl.conf, you have to reboot to have your kernel activates those parameters, am I right?
No reboot necessary: edit your sysctl.conf then 'sysctl -p' (uses "/etc/sysctl.conf" by default) to set the values (or single values manually with 'sysctl -w key=value') but only config changes in files like sysctl.conf survive a reboot.
Distribution: openSuSE Tumbleweed-KDE, Mint 21, MX-21, Manjaro
Posts: 4,629
Rep:
If you want your sysctls in different states you can put the changes in scripts. In fact, I have some sysctl statements in the first section of my iptables file.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.