Updated config
This commit is contained in:
parent
6d7312c465
commit
c04af12b8e
GPG key ID:
49226B848C78F6C8
6 changed files with 98 additions and 0 deletions
24
.config/etc/sysctl.d/20-security.conf
Normal file
24
.config/etc/sysctl.d/20-security.conf
Normal file
|
|
@ -0,0 +1,24 @@
|
|||
# Reduce timeout for stale connections
|
||||
net.ipv4.tcp_fin_timeout = 10
|
||||
|
||||
# Reduce keep alive time
|
||||
net.ipv4.tcp_keepalive_time = 300
|
||||
net.ipv4.tcp_keepalive_probes = 5
|
||||
net.ipv4.tcp_keepalive_intvl = 60
|
||||
|
||||
# Reduce connection time to fail
|
||||
net.ipv4.tcp_syn_retries = 1
|
||||
net.ipv4.tcp_synack_retries = 1
|
||||
|
||||
# Prevent simple DoS attacks
|
||||
net.ipv4.tcp_max_tw_buckets = 1048576
|
||||
|
||||
# Disable ICMP redirects
|
||||
net.ipv4.conf.all.accept_redirects = 0
|
||||
net.ipv4.conf.default.accept_redirects = 0
|
||||
net.ipv4.conf.all.secure_redirects = 0
|
||||
net.ipv4.conf.default.secure_redirects = 0
|
||||
net.ipv6.conf.all.accept_redirects = 0
|
||||
net.ipv6.conf.default.accept_redirects = 0
|
||||
net.ipv4.conf.all.send_redirects = 0
|
||||
net.ipv4.conf.default.send_redirects = 0
|
||||
Loading…
Add table
Add a link
Reference in a new issue