Difference between revisions of "Kernel Hack"

From Free Knowledge Base- The DUCK Project: information for everyone
Jump to: navigation, search
(New page: There are several useful kernel flags you can set to increase your default network security without using IP Tables. The /proc filesystem is a window into various parts of the Linux kerne...)
 
m
Line 23: Line 23:
 
   
 
   
 
<nowiki>_______________________________________________________________________________</nowiki>
 
<nowiki>_______________________________________________________________________________</nowiki>
Sat Jul 12 16:17:01 CDT 2003
+
*Sat Jul 12 16:17:01 CDT 2003
  
 
   
 
   

Revision as of 18:07, 25 June 2007

There are several useful kernel flags you can set to increase your default network security without using IP Tables. The /proc filesystem is a window into various parts of the Linux kernel. Some of these values in the running kernel are read-only, others may be modified on the fly.

Kernel entries made on the fly do not apply after a reboot. Some proc entries have a value of either 0 or 1, while others have character string values.

View current hostname:

cat /proc/sys/kernel/hostname

Change the current hostname instantly:

echo 'newhostname' > /proc/sys/kernel/hostname

Enable IP Forwarding: (echo 0 disables)

echo 1 > /proc/sys/net/ipv4/ip_forward

To turn off answers to icmp_echos (such as ping): (echo 0 turns back on)

echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all



_______________________________________________________________________________

  • Sat Jul 12 16:17:01 CDT 2003