IPv4 messages from Tiger after dist-upgrade
Hi
Since upgrading to Squeeze, I'm getting these from Tiger:
dolly:/home/linda# tigexp lin014f
It is possible to send IP spoofed packets from this machine. Spoofed
packets are commonly used by trojans that make use of compromised hosts
to deliver denial of service, man in the middle or connection hijacking.
You should consider configuring your kernel to not permit this:
# sysctl -w net.ipv4.conf.all.rp_filter = 2
and:
# sysctl -w net.ipv4.conf.default.rp_filter = 2
dolly:/home/linda# tigexp lin016f
Source routing might permit an attacker to send packets through your
host (if routing is enabled) to other hosts without following your
network topology setup. It should be enabled only under very special
circumstances or otherwise an attacker could try to bypass the traffic
filtering that is done on the network:
# sysctl -w net.ipv4.conf.all.accept_source_route = 0
and:
# sysctl -w net.ipv4.conf.default.accept_source_route = 0
dolly:/home/linda# tigexp lin017w
Suspicious packets received by the kernel should be logged to detect
incoming attacks. To activate this logging capability:
# sysctl -w net.ipv4.conf.all.log_martians = 1
and:
# sysctl -w net.ipv4.conf.default.log_martians = 1
Could these fixes be included in an update, or do I have to enter them myself? I don't like to edit the kernel because I don't know enough about it.
Since I'm not sure it's actually a bug, I'm not reporting it as such.
Linda
~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~
Linda Ursin
Heksebua
Adresse: Tlf: (+47) 402 40 767
Solvang www: http://heksebua.com
7288 Soknedal E-post: linda@heksebua.com
Org: NO 995 578 107
Reply to: