[Forgot Password]
Login  Register Subscribe

25354

 
 

132805

 
 

139176

 
 

909

 
 

113006

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 25354 Download | Alert*

Manually Assign IPv6 Router Address Edit the file '/etc/sysconfig/network-scripts/ifcfg-interface', and add or correct the following line (substituting your gateway IP as appropriate): 'IPV6_DEFAULTGW=2001:0DB8::0001' Router addresses should be manually set and not accepted via any auto-configuration or router advertisement.

Set Default ip6tables Policy for Incoming Packets To set the default policy to DROP (instead of ACCEPT) for the built-in INPUT chain which processes incoming packets, add or correct the following line in '/etc/sysconfig/ip6tables': ':INPUT DROP [0:0]' If changes were required, reload the ip6tables rules: '$ sudo service ip6tables reload'

Verify iptables Enabled The 'iptables' service can be enabled with the following command: '$ sudo systemctl enable iptables'

Set Default iptables Policy for Incoming Packets To set the default policy to DROP (instead of ACCEPT) for the built-in INPUT chain which processes incoming packets, add or correct the following line in '/etc/sysconfig/iptables': ':INPUT DROP [0:0]'

Set Default iptables Policy for Forwarded Packets To set the default policy to DROP (instead of ACCEPT) for the built-in FORWARD chain which processes packets that will be forwarded from one interface to another, add or correct the following line in '/etc/sysconfig/iptables': ':FORWARD DROP [0:0]'

Disable RDS Support The Reliable Datagram Sockets (RDS) protocol is a transport layer protocol designed to provide reliable high- bandwidth, low-latency communications between nodes in a cluster. To configure the system to prevent the 'rds' kernel module from being loaded, add the following line to a file in the directory '/etc/modprobe.d':

Disable TIPC Support The Transparent Inter-Process Communication (TIPC) protocol is designed to provide communications between nodes in Acluster. To configure the system to prevent the 'tipc' kernel module from being loaded, add the following line to a file in the directory '/etc/modprobe.d':

Install libreswan Package The Libreswan package provides an implementation of IPsec and IKE, which permits the creation of secure tunnels over untrusted networks. The 'libreswan' package can be installed with the following command: '$ sudo yum install libreswan'

Ensure rsyslog is Installed Rsyslog is installed by default. The 'rsyslog' package can be installed with the following command: '$ sudo yum install rsyslog'

Enable rsyslog Service The 'rsyslog' service provides syslog-style logging by default on RHEL 7. The 'rsyslog' service can be enabled with the following command: '$ sudo systemctl enable rsyslog'


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   2535

© SecPod Technologies