search

trimstray / the-practical-linux-hardening-guide

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
MIT License
9.91k stars 611 forks source link

The configuration parameter in Kernel_Layer.Network_stack.TCP_Syncookies is incorrect #11

Closed safiyat closed 4 years ago

safiyat commented 4 years ago

The configuration parameter in Kernel_Layer.Network_stack.TCP_Syncookies is incorrect.

On the page https://github.com/trimstray/the-practical-linux-hardening-guide/wiki/Network-stack#tcp-syncookies, the configuration parameter is that of source-packet-routing and not tcp_syncookies, as mentioned in the OpenSCAP document.

Link: https://static.open-scap.org/ssg-guides/ssg-rhel7-guide-C2S.html#xccdf_org.ssgproject.content_rule_sysctl_net_ipv4_tcp_syncookies

trimstray commented 4 years ago

Fixed. My mistake - you're right! Thanks!