[TriLUG] Tuning the kernel advice?

Daniel T. Chen crimsun at email.unc.edu
Fri Nov 30 17:07:38 EST 2001


This may not have everything in the world to do with security per se, but
another one you'll want to look at if you run a 2.4 kernel is ECN  
(RFC3168). I compile this into the kernel but disable it currently because 
a lot of routers break on it and usually manifest as not being able to 
reach sites.

---
Dan Chen                 crimsun at email.unc.edu
GPG key: www.cs.unc.edu/~chenda/pubkey.gpg.asc

On Fri, 30 Nov 2001, Kevin Hunter wrote:

> These are more security tweaks recommended by G. Mourani's "Securing
> and Optimizing RH Linux v1.3" book.  They all seem reasonable to me,
> but I'd thought I'd throw these out there to see if anyone thinks
> some might not be a good idea.  This box is solely a web server
> running RH 7.1 and Apache.  I've already been burned by some of his
> recommendations.  It's seems he err's on the conservative side (
> which isn't such a horrible thing ).




More information about the TriLUG mailing list