|
|
6a4c493213
|
merge the many sysctl config files into 1
and use a name starting with double digits
to make it easier to disable settings using a lexically higher config file
|
2020-01-24 04:26:36 -05:00 |
|
|
|
8cf5ed990a
|
comment
|
2019-12-05 15:52:24 -05:00 |
|
|
|
30289c68c2
|
Enable reverse path filtering
|
2019-12-05 20:13:10 +00:00 |
|
|
|
4f5b7816ec
|
Elaborate
|
2019-10-16 19:01:49 +00:00 |
|
|
|
99a762d3dc
|
KASLR is different from ASLR
|
2019-10-16 18:53:04 +00:00 |
|
|
|
c22738be02
|
comments
|
2019-10-07 08:25:45 +00:00 |
|
|
|
75f36bc2c9
|
comments
|
2019-10-07 08:25:07 +00:00 |
|
|
|
e92a8a6966
|
comments
|
2019-10-07 08:24:02 +00:00 |
|
|
|
60c044a9d6
|
copyright / comments
|
2019-10-07 05:30:56 +00:00 |
|
|
|
cd2135ff82
|
comments
|
2019-10-06 10:18:24 +00:00 |
|
|
|
8b4f2befd4
|
comment out sack by default
https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/8?u=patrick
|
2019-10-05 13:15:34 +00:00 |
|
|
|
02096f8d7c
|
Revert "undo Disabling TCP SACK, DSACK, FACK"
This reverts commit 5fb4eb8e56.
|
2019-10-05 13:13:46 +00:00 |
|
|
|
5fb4eb8e56
|
undo Disabling TCP SACK, DSACK, FACK
https://forums.whonix.org/t/disabling-tcp-sack-dsack-fack/8109/5
|
2019-10-05 07:00:47 -04:00 |
|
|
|
d0c6bb1e90
|
Disable TCP DSACK and FACK
|
2019-10-04 17:35:54 +00:00 |
|
|
|
f13a73e569
|
undo SysRq restrictions
https://forums.whonix.org/t/sysrq-magic-sysrq-key/8079
|
2019-09-10 12:35:42 -04:00 |
|
|
|
ccdbc52b82
|
comment
|
2019-09-06 11:43:55 +00:00 |
|
|
|
051856bc8e
|
remove trailing space
|
2019-09-06 11:42:38 +00:00 |
|
|
|
1bf802f846
|
Create coredumps.conf
|
2019-06-30 00:16:50 +00:00 |
|
|
|
f040081a59
|
Prevent setuid processes from creating coredumps.
|
2019-06-30 00:13:52 +00:00 |
|
|
|
ab312235ba
|
Merge pull request #14 from madaidan/patch-10
Add some hardening for other distributions
|
2019-06-28 06:59:16 +00:00 |
|
|
|
5e02100e34
|
Merge pull request #13 from madaidan/patch-9
Remove System.map and restrict the SysRq key.
|
2019-06-28 06:58:32 +00:00 |
|
|
|
3801a53a9e
|
Update tcp_hardening.conf
|
2019-06-27 18:17:58 +00:00 |
|
|
|
c54125270b
|
Create dmesg_restrict.conf
|
2019-06-27 18:15:57 +00:00 |
|
|
|
01c839c815
|
Restrict what the SysRq key can do
|
2019-06-25 19:16:43 +00:00 |
|
|
|
807ac7d659
|
Create tcp_sack.conf
|
2019-06-22 16:08:30 +00:00 |
|
|
|
b814f338b8
|
Update tcp_hardening.conf
|
2019-05-16 16:33:03 +00:00 |
|
|
|
e6794721bd
|
Update ptrace_scope.conf
|
2019-05-16 16:29:20 +00:00 |
|
|
|
a4852ad6c8
|
Create fs_protected.conf
|
2019-05-06 20:37:53 +00:00 |
|
|
|
0296e51e06
|
Create ptrace_scope.conf
|
2019-05-06 15:46:37 +00:00 |
|
|
|
2923fc96ef
|
Create tcp_hardening.conf
|
2019-05-06 15:45:53 +00:00 |
|
|
|
4216299ee8
|
Create kexec.conf
|
2019-05-06 15:42:55 +00:00 |
|
|
|
f917c27a19
|
remove trailing spaces
|
2019-05-06 05:51:14 -04:00 |
|
|
|
d2ca85c686
|
Create mmap_aslr.conf
|
2019-05-05 14:36:30 +00:00 |
|
|
|
197c1120a9
|
Create harden_bpf.conf
|
2019-05-05 14:35:42 +00:00 |
|
|
|
351db0ef7f
|
Create kptr_restrict.conf
|
2019-05-05 14:34:41 +00:00 |
|
|
|
6cda8b1496
|
disable conntrack helper for better security
https://phabricator.whonix.org/T486
|
2016-10-10 16:10:30 +00:00 |
|
|
|
192d1e0cee
|
/etc/sysctl.d/nf_conntrack_helper.conf disabled for now as it needs more work
https://phabricator.whonix.org/T486
|
2016-04-25 23:19:54 +00:00 |
|
|
|
92d738db56
|
Create nf_conntrack_helper.conf
|
2016-03-31 02:53:12 +00:00 |
|
|
|
5992a7f026
|
Create tcp_timestamps.conf
|
2016-03-31 02:48:06 +00:00 |
|
