How do you like to secure/harden your sysctl.conf in Linux systems for desktop use and server use?
>>56596197
Of course this thread is empty because /g/ is a phoneshit/consumer board for niggers and spics
>>56596332
Why don't you share your configuration first? :^)
>>56596332
It was obvious to everyone but you it seems
>>56596342
Mine is just default Debian right now I was hoping to hear from some experienced guys, doing some research on securing sysctl.conf and there's so many mixed messages, many things will break web browsing functionality for a desktop user but are useful for a server.
Right now my modifications are just disabling ipv6, very dangerous IMO to have ipv6 open.
net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
Bump...very interested in hearing some real world applied sysctl's with explanations on the reasoning behind directives you used.
>>56596537
I guess the Arch wiki can be a good start.
https://wiki.archlinux.org/index.php/sysctl
You can also dosysctl -ato view all possible values. I unfortunately don't think there's any information included anywhere on what the values do so you'll have to use a search engine for that.
>>56596746
Thank you for the link, will check it out now. I'd personally love to see examples of sysctl configs people have in place and why they've set them up that way in those scenarios.
Here's what I was just looking through, a hardened sysctl.conf for a Ubuntu server setup:
https://easyengine.io/tutorials/linux/sysctl-conf/