msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m37s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-10-15 22:59:52 +01:00
parent cb15419010
commit 51d5829021
6 changed files with 132 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
includes/target/etc/sysctl.d/99_local.hardened
View File

@@ -278,15 +278,6 @@ net.ipv4.conf.all.forwarding=0
net.ipv6.conf.all.accept_ra=0
net.ipv6.conf.default.accept_ra=0
###########################################################################################
# These parameters relate to secure ICMP redirects. ICMP redirects are messages that a
# router sends to a device to inform it that there is a better route for the data traffic.
# This setting prevents the system from responding to redirects that have been spoofed by
# potential attackers to redirect traffic (e.g., for man-in-the-middle attacks).
###########################################################################################
net.ipv4.conf.all.secure_redirects=1
net.ipv4.conf.default.secure_redirects=1
###########################################################################################
# This setting prevents the disclosure of TCP timestamps that can be used for system
# fingerprinting: