[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 26408 Download | Alert*

Disable ICMP Redirect Acceptance ICMP redirect messages are packets that convey routing information and tell your host (acting as a router) to send packets via an alternate path. It is a way of allowing an outside routing device to update your system routing tables. By setting net.ipv4.conf.all.accept_redirects to 0, the system will not accept any ICMP redirect messages, and therefore, won't allo ...

Disable Source Routed Packet Acceptance In networking, source routing allows a sender to partially or fully specify the route packets take through a network. In contrast, non-source routed packets travel a path determined by routers in the network. In some cases, systems may not be routable or reachable from some locations (e.g. private addresses vs. Internet routable), and so source routed packe ...

Set LogLevel to INFO The INFO parameter specifices that record login and logout activity will be logged.

Set SSH MaxAuthTries to 4 or Less The MaxAuthTries parameter specifies the maximum number of authentication attempts permitted per connection. When the login failure count reaches half the number, error messages will be written to the syslog file detailing the login failure.

Disable Secure ICMP Redirect Acceptance Secure ICMP redirects are the same as ICMP redirects, except they come from gateways listed on the default gateway list. It is assumed that these gateways are known to your system, and that they are likely to be secure.

Disable SSH X11 Forwarding The X11Forwarding parameter provides the ability to tunnel X11 traffic through the connection to enable remote graphic connections.

Set Password Expiring Warning Days The PASS_WARN_AGE parameter in /etc/login.defs allows an administrator to notify users that their password will expire in a defined number of days. It is recommended that the PASS_WARN_AGE parameter be set to 7 or more days.

Verify Permissions on /etc/group The /etc/group file contains a list of all the valid groups defined in the system. The command below allows read/write access for root and read access for everyone else.

Set Default umask for Users The default umask determines the permissions of files created by users. The user creating the file has the discretion of making their files and directories readable by others via the chmod command. Users who wish to allow their files and directories to be readable by others by default may choose a different default umask by inserting the umask command into the standard ...

Disable System Accounts There are a number of accounts provided with Ubuntu that are used to manage applications and are not intended to provide an interactive shell.

Pages:      Start    2    3    4    5    6    7    8    9    10    11    12    13    14    15    ..   2640

© SecPod Technologies